AOL-Suchmaschine hängt sich in Google- und Yahoo-Suche ein

cosinus · 07.09.2012, 10:53

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

WolfgangGK · 07.09.2012, 12:43

Hallo,
weder der Link noch die direkte Eingabe führen mich zur Seite von OTL, es kommt immer eine Fehlermeldung.
Kann es daran liegen, daß ich 32bit-System habe?

Habe es doch noch über einen gegooglten Link geschafft, OTL runterzuladen.

Code:

ATTFilter

OTL Extras logfile created on: 07.09.2012 14:28:54 - Run 1
OTL by OldTimer - Version 3.2.56.0     Folder = C:\Dokumente und Einstellungen\Besitzer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 52,62% Memory free
3,72 Gb Paging File | 2,71 Gb Available in Paging File | 72,76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 185,55 Gb Total Space | 125,64 Gb Free Space | 67,71% Space Free | Partition Type: NTFS
 
Computer Name: PAPI-76572328B9 | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series" = Canon MX310 series
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DC5C87A-D5E8-4A69-86E8-AE4D98FC8196}" = talk&surf Fax
"{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}" = EASIS Screenshot
"{6AA4C81A-D3BA-4B88-94D7-D2797A00C9B6}" = SX2x5 Firmware
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7E350663-86D3-466A-AB79-28156A9ABF6E}_is1" = Hamster Free Video Converter
"{7E7C9FB7-711A-4FF0-B22F-42BD08652096}" = talk&surf 6.0
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{B0F08ACB-6BBA-49A8-8BE9-BBB4C2D8B574}" = G Data AntiVirus 2013
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CA529363-D0F2-41EA-B44B-D7515A254645}" = Multimedia Card Reader
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2FD1079-2CF1-461E-8418-E91CA6656B45}" = BIOS Flash
"{DE6DE775-094F-43C1-8AAF-F67C6A753292}" = Gigaset SX2x5isdn / 417x / 307x
"{DF5F21A4-32FD-4A40-BEC0-7A147B7ED38C}" = talk&surf CAPI
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = HP Basic Starter Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Ahnenblatt_is1" = Ahnenblatt 2.70
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MX310 series Benutzerregistrierung" = Canon MX310 series Benutzerregistrierung
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CSCLIB" = Canon Camera Support Core Library
"D-Info 2000" = D-Info 2000
"D-Route" = D-Route
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EOS Utility" = Canon Utilities EOS Utility
"ESET Online Scanner" = ESET Online Scanner v3
"FileHippo.com" = FileHippo.com Update Checker
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{CA529363-D0F2-41EA-B44B-D7515A254645}" = Multimedia Card Reader
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Octava Light" = Octava Light
"PandaPDFConverter" = PandaPDFConverter
"PhotoStitch" = Canon Utilities PhotoStitch
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 15.0" = RealPlayer
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Sandboxie" = Sandboxie 3.74 (32-bit)
"Terminkalender2" = Softwarenetz Terminkalender2
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC media player" = VLC media player 2.0.3
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Google Chrome Frame" = Google Chrome Frame
"PhotoFiltre Studio X" = PhotoFiltre Studio X
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07.08.2012 16:18:31 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -1199206435.
 
Error - 07.08.2012 16:19:16 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung realplay.exe, Version 15.0.6.14, fehlgeschlagenes
 Modul realplay.exe, Version 15.0.6.14, Fehleradresse 0x0000c0f7.
 
Error - 08.08.2012 12:09:46 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
Error - 12.08.2012 18:05:35 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
Error - 15.08.2012 12:11:33 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
Error - 16.08.2012 16:56:36 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung realtrimmer.exe, Version 15.0.6.14, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x021e0003.
 
Error - 16.08.2012 16:56:49 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -1180351254.
 
Error - 16.08.2012 18:17:16 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung realplay.exe, Version 15.0.6.14, fehlgeschlagenes
 Modul msvcr90.dll, Version 9.0.30729.6161, Fehleradresse 0x00025e37.
 
Error - 16.08.2012 18:17:29 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -1195699539.
 
Error - 05.09.2012 16:29:16 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
[ OSession Events ]
Error - 06.06.2012 10:42:32 | Computer Name = PAPI-76572328B9 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 06.06.2012 10:43:12 | Computer Name = PAPI-76572328B9 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 06.06.2012 10:44:11 | Computer Name = PAPI-76572328B9 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 30
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 25.08.2012 10:49:01 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 25.08.2012 10:49:01 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 26.08.2012 08:41:13 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 26.08.2012 08:41:13 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 06.09.2012 13:57:09 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 06.09.2012 13:57:09 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 07.09.2012 03:06:40 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 07.09.2012 03:06:41 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 07.09.2012 03:09:01 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 07.09.2012 03:09:01 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
 
< End of report >

	Code: 

 ATTFilter

  
	OTL logfile created on: 07.09.2012 14:28:54 - Run 1
OTL by OldTimer - Version 3.2.56.0     Folder = C:\Dokumente und Einstellungen\Besitzer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 52,62% Memory free
3,72 Gb Paging File | 2,71 Gb Available in Paging File | 72,76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 185,55 Gb Total Space | 125,64 Gb Free Space | 67,71% Space Free | Partition Type: NTFS
 
Computer Name: PAPI-76572328B9 | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.07 14:05:05 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe
PRC - [2012.08.25 22:27:58 | 000,545,552 | ---- | M] (SANDBOXIE L.T.D) -- C:\Programme\Sandboxie\SbieCtrl.exe
PRC - [2012.08.25 22:27:58 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) -- C:\Programme\Sandboxie\SbieSvc.exe
PRC - [2012.08.17 15:31:46 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2012.08.04 15:53:33 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Real\Update\realsched.exe
PRC - [2012.08.02 15:17:58 | 000,265,928 | ---- | M] (SpeedBit Ltd.) -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2012.07.31 07:34:50 | 000,081,432 | ---- | M] (Google Inc.) -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\chrome_frame_helper.exe
PRC - [2012.07.30 18:01:02 | 003,075,920 | ---- | M] (Emsisoft GmbH) -- C:\Programme\Emsisoft Anti-Malware\a2service.exe
PRC - [2012.07.26 14:16:14 | 000,092,632 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.07.26 14:16:12 | 000,247,768 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.07.03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2012.06.11 21:08:00 | 000,211,288 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\Companion\Installs\cpn1\ytbb.exe
PRC - [2012.06.01 05:04:52 | 001,583,576 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe
PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012.05.25 14:19:24 | 001,540,120 | ---- | M] (G Data Software AG) -- C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
PRC - [2012.05.24 05:23:01 | 000,985,624 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe
PRC - [2012.05.15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.03.29 04:42:27 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe
PRC - [2012.03.26 09:34:22 | 000,306,688 | ---- | M] (FileHippo.com) -- C:\Programme\FileHippo.com\UpdateChecker.exe
PRC - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\AntiVirus\AVK\AVKService.exe
PRC - [2011.06.22 13:59:34 | 002,502,752 | ---- | M] (softwarenetz.de) -- C:\Programme\Softwarenetz\Terminkalender2\kalender2.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.02.27 14:58:22 | 000,172,032 | ---- | M] (Siemens AG) -- C:\Programme\Gigaset DECT\talk&surf_6_0\semon21.exe
PRC - [2005.03.01 10:45:30 | 000,327,680 | ---- | M] (Siemens) -- C:\Programme\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe
PRC - [2005.03.01 10:40:26 | 000,061,440 | ---- | M] (Siemens AG) -- C:\WINDOWS\system32\SerExt.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.07 09:49:09 | 001,808,896 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\G DATA\AVKScanP\Avast5\defs\12090700\algo.dll
MOD - [2012.07.31 07:35:07 | 000,008,728 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\Locales\de.dll
MOD - [2012.06.14 13:16:20 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012.06.14 13:15:54 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll
MOD - [2012.06.14 12:38:14 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.06.14 12:38:02 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.06.14 12:36:01 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.05.11 13:02:26 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012.05.11 00:43:40 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.11 00:41:56 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.11 00:41:43 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2007.07.23 17:44:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2007.02.27 14:57:14 | 000,155,648 | ---- | M] () -- C:\Programme\Gigaset DECT\talk&surf_6_0\dectcontrol.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.25 22:27:58 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2012.08.22 07:47:25 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.17 15:31:46 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.08.02 15:17:58 | 000,265,928 | ---- | M] (SpeedBit Ltd.) [Auto | Running] -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2012.07.30 18:01:02 | 003,075,920 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Programme\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012.07.26 14:16:14 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.01 05:04:52 | 001,583,576 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe -- (AVKWCtl)
SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.25 14:19:24 | 001,540,120 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2012.05.15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.03.29 04:42:27 | 000,470,008 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe -- (GDScan)
SRV - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Programme\G Data\AntiVirus\AVK\AVKService.exe -- (AVKService)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007.04.13 09:20:22 | 000,097,432 | ---- | M] () [Disabled | Stopped] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.09.30 19:22:50 | 000,096,341 | ---- | M] (Canon Inc.) [Disabled | Stopped] -- C:\Programme\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005.03.01 10:45:30 | 000,327,680 | ---- | M] (Siemens) [On_Demand | Running] -- C:\Programme\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe -- (xControlCOM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys -- (Sunkfiltp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\sunkfilt6.sys -- (SunkFilt6)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.08.25 22:27:54 | 000,157,776 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.06.12 09:50:58 | 000,052,768 | ---- | M] (G Data Software AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys -- (GDTdiInterceptor)
DRV - [2012.05.08 15:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.04.30 18:45:28 | 000,054,072 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2012.04.14 00:15:09 | 000,069,552 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\GRD.sys -- (GRD)
DRV - [2012.04.13 22:38:04 | 000,090,744 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV - [2012.04.13 22:38:04 | 000,046,840 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\HookCentre.sys -- (HookCentre)
DRV - [2012.04.13 22:38:03 | 000,041,848 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\GDBehave.sys -- (GDBehave)
DRV - [2011.05.19 14:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2007.10.16 18:38:30 | 004,615,168 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007.03.06 12:27:32 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007.03.06 12:27:28 | 000,058,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.07.01 23:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.04.13 14:33:28 | 000,008,192 | ---- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys -- (BS_I2cIo)
DRV - [2005.03.16 08:23:54 | 000,013,696 | R--- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BIOS.sys -- (BIOS)
DRV - [2005.03.01 10:46:56 | 000,053,632 | ---- | M] (Siemens AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Gigusb.sys -- (Gigusb)
DRV - [2005.03.01 10:36:02 | 000,008,448 | ---- | M] (Siemens AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DectEnum.sys -- (DectEnum)
DRV - [2005.03.01 10:33:18 | 000,113,408 | ---- | M] (Siemens AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\siellif.sys -- (siellif)
DRV - [2004.09.08 15:22:04 | 000,050,759 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IUAPIWDM.sys -- (IUAPIWDM)
DRV - [2004.09.08 15:22:02 | 000,263,751 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hrcmpa.sys -- (HRCMPA)
DRV - [2004.09.08 15:21:58 | 000,041,037 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ndiscapi.sys -- (NDISCAPI)
DRV - [2004.09.08 15:21:54 | 000,028,740 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\capi.sys -- (CAPI)
DRV - [2004.07.23 14:55:50 | 000,046,536 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sunkfilt62.sys -- (SunkFilt62)
DRV - [2003.06.17 09:04:16 | 000,185,696 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmdmd.sys -- (vmdmd)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{153F0B84-E0A6-40E4-9FC5-17BA5C020C5A}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=90&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes,Backup.Old.DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes,DefaultScope = {4D44BF90-E948-4783-8822-419C6D6AA853}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes\{4D44BF90-E948-4783-8822-419C6D6AA853}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes\{9EA1C821-D660-4C4D-8D89-0DA55F6363A4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\programme\real\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\programme\real\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\programme\real\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.04 15:54:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.04 15:54:33 | 000,000,000 | ---D | M]
 
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Extensions
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2012.04.13 19:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.08.23 18:17:24 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAMME\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.yahoo.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.yahoo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.11.21.5_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c:\programme\real\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\programme\real\Netscape6\nprpplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Programme\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\programme\real\Netscape6\nprjplug.dll
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
 
O1 HOSTS File: ([2004.08.04 12:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [emsisoft anti-malware] C:\Programme\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [SerExt] C:\WINDOWS\System32\SerExt.exe (Siemens AG)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Sunkist2k] C:\Programme\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\real\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [ChromeFrameHelper] C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\chrome_frame_helper.exe (Google Inc.)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [FileHippo.com] C:\Programme\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [SandboxieControl] C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [TomTomHOME.exe] C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\talk&surf 6.0 - Monitor.lnk = C:\Programme\Gigaset DECT\talk&surf_6_0\semon21.exe (Siemens AG)
O4 - Startup: C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\Terminkalender2.lnk = C:\Programme\Softwarenetz\Terminkalender2\kalender2.exe (softwarenetz.de)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-1417001333-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programme\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1333840740140 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1333841194171 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A4B7A17-6D9F-41EC-BBA5-689A5CC1318D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O27 - HKLM IFEO\flashranger.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\googleearth.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.04.07 23:02:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell - "" = AutoRun
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^CAPI - Monitor.lnk - C:\Programme\Gigaset DECT\capi\Tools\CALLTRAY.exe - (EllSoft Software Development & Design                                  )
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk - C:\Programme\WISO\Steuersoftware 2012\mshaktuell.exe - ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - 
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4AADD1F0-17A8-4349-943F-9C7B5E3F9CB4} - Yahoo! Toolbar
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {4FB202B3-4735-4C4D-957E-0C8CA2FE17EB} - Yahoo! Search Setting Update
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Programme\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D15293F9-CD53-4FA4-9E48-E161B336F03D} - NoIE8Tour
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{A0836101-83D2-48A7-9AC3-EB93431326FD} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.07 14:06:58 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe
[2012.09.07 14:05:05 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Programme\OTL.exe
[2012.09.05 22:40:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2012.09.05 20:43:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Sandboxie
[2012.08.23 18:17:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TomTom
[2012.08.19 21:24:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Marga
[2012.08.17 18:35:26 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.08.17 18:35:16 | 002,322,184 | ---- | C] (ESET) -- C:\Programme\esetsmartinstaller_deu.exe
[2012.08.17 15:32:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.08.15 00:21:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.08.15 00:20:38 | 028,820,624 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- C:\Programme\FreeVideoToMP3Converter5.0.15.706[1].exe
[2012.08.14 21:52:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\CRE
[2012.08.14 21:51:44 | 002,397,968 | ---- | C] (Conduit) -- C:\Programme\FileConverter_1_3.exe
[2012.08.13 09:48:52 | 002,502,752 | ---- | C] (softwarenetz.de) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\kalender2.exe
[2012.08.13 00:21:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Emsisoft Anti-Malware
[2012.08.13 00:19:54 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware
[2012.08.13 00:19:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Anti-Malware
[2012.08.13 00:11:22 | 152,822,440 | ---- | C] (Emsisoft GmbH                                               ) -- C:\Programme\EmsisoftAntiMalwareSetup_5987352.exe
[2012.08.08 21:45:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.08.08 21:45:35 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.08.08 21:45:35 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.08.08 17:06:57 | 010,652,120 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Programme\mbam-setup-1.62.0.1300.exe
[2012.08.03 16:50:02 | 000,886,136 | ---- | C] (R&E Media) -- C:\Programme\RealPlayer10-5GOLD_de.exe
[2012.08.02 21:07:15 | 027,565,488 | ---- | C] (TuneUp Software) -- C:\Programme\TuneUpUtilities2012_de-DE.exe
[2012.07.28 12:21:22 | 001,952,760 | ---- | C] (Driver Whiz) -- C:\Programme\Driverwhiz.exe
[2012.07.13 10:07:51 | 004,668,032 | ---- | C] (Dirk Boettcher                                              ) -- C:\Programme\absetup.exe
[2012.07.12 10:56:20 | 039,483,256 | ---- | C] (Apple Inc.) -- C:\Programme\QuickTimeInstaller.exe
[2012.05.24 17:12:04 | 100,834,120 | ---- | C] (NVIDIA Corporation) -- C:\Programme\301.42-desktop-winxp-32bit-english-whql.exe
[2012.05.09 21:37:33 | 000,892,360 | ---- | C] (Oracle Corporation) -- C:\Programme\chromeinstall-7u4.exe
[2012.05.02 12:27:47 | 035,344,784 | ---- | C] (Spiceworks, Inc.) -- C:\Programme\Spiceworks.exe
[2012.05.01 17:21:32 | 000,944,264 | ---- | C] (Skype Technologies S.A.) -- C:\Programme\SkypeSetup.exe
[2012.04.22 21:59:13 | 029,867,432 | ---- | C] (Google Inc.) -- C:\Programme\chrome_installer.exe
[2012.04.13 20:39:16 | 357,596,736 | ---- | C] (G Data Software AG) -- C:\Programme\GER_R_FUL_2013_AV.exe
[2012.04.12 12:32:13 | 000,533,560 | ---- | C] (NCH Software) -- C:\Programme\prismpsetup.exe
[2012.04.12 11:03:41 | 009,330,176 | ---- | C] (Irfan Skiljan) -- C:\Programme\irfanview_plugins_433_setup.exe
[2012.04.12 00:53:59 | 000,761,152 | ---- | C] (RealNetworks, Inc.) -- C:\Programme\RealPlayer_de.exe
[2012.04.10 08:06:01 | 020,410,664 | ---- | C] (TomTom International B.V.) -- C:\Programme\TomTomHOME2winlatest.exe
[2012.04.09 13:39:22 | 001,538,560 | ---- | C] (Irfan Skiljan) -- C:\Programme\iview433_setup.exe
[2012.04.08 21:22:46 | 002,308,368 | ---- | C] (SANDBOXIE L.T.D) -- C:\Programme\SandboxieInstall.exe
[2012.04.08 16:56:21 | 025,766,024 | ---- | C] (Microsoft Corporation) -- C:\Programme\wmp11-windowsxp-x86-DE-DE.exe
[2012.04.05 18:11:56 | 019,430,640 | ---- | C] (Microsoft Corporation) -- C:\Programme\ie8-setup-full.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.07 14:05:05 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Programme\OTL.exe
[2012.09.07 14:05:05 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe
[2012.09.07 13:48:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.09.07 11:09:18 | 000,789,796 | ---- | M] () -- C:\WINDOWS\System32\sig.bin
[2012.09.07 11:09:18 | 000,043,821 | ---- | M] () -- C:\WINDOWS\System32\nmp.map
[2012.09.07 09:46:26 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.09.07 09:46:24 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.09.07 09:04:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.06 23:51:09 | 000,003,418 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2012.09.06 19:41:29 | 000,032,069 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Attachments_2012_09_6.zip
[2012.09.06 16:22:53 | 000,511,265 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\adwcleaner.exe
[2012.09.05 20:39:00 | 000,013,734 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.08.25 16:56:06 | 003,004,752 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\15 - Der Kuckuck Und Der Esel.mp3
[2012.08.25 09:35:27 | 000,000,080 | ---- | M] () -- C:\WINDOWS\wiso.ini
[2012.08.24 21:18:12 | 000,003,127 | ---- | M] () -- C:\WINDOWS\musi.ini
[2012.08.24 17:58:31 | 126,001,196 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Altgl_0.wav
[2012.08.22 14:03:19 | 000,124,928 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.22 14:03:19 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.08.20 14:58:37 | 003,888,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche2.bmp
[2012.08.20 14:57:15 | 003,888,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche.bmp
[2012.08.20 00:24:36 | 000,043,973 | ---- | M] () -- C:\Dokumente
[2012.08.17 18:35:14 | 002,322,184 | ---- | M] (ESET) -- C:\Programme\esetsmartinstaller_deu.exe
[2012.08.17 07:50:27 | 000,170,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.08.17 01:25:01 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.08.17 01:05:48 | 000,492,796 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.08.17 01:05:48 | 000,473,092 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.08.17 01:05:48 | 000,091,054 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.08.17 01:05:48 | 000,076,186 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.08.16 11:40:09 | 005,166,395 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Zulasung und Fahrerlaubnis.pdf
[2012.08.15 00:21:29 | 028,820,624 | ---- | M] (DVDVideoSoft Ltd.                                           ) -- C:\Programme\FreeVideoToMP3Converter5.0.15.706[1].exe
[2012.08.14 22:09:10 | 001,144,592 | ---- | M] () -- C:\Programme\MusicConverterSetup.exe
[2012.08.14 21:51:54 | 002,397,968 | ---- | M] (Conduit) -- C:\Programme\FileConverter_1_3.exe
[2012.08.13 00:16:08 | 152,822,440 | ---- | M] (Emsisoft GmbH                                               ) -- C:\Programme\EmsisoftAntiMalwareSetup_5987352.exe
[2012.08.08 17:07:25 | 010,652,120 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Programme\mbam-setup-1.62.0.1300.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.06 19:41:34 | 000,032,069 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Attachments_2012_09_6.zip
[2012.09.06 16:23:06 | 000,511,265 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\adwcleaner.exe
[2012.08.24 17:58:21 | 126,001,196 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Altgl_0.wav
[2012.08.20 14:58:37 | 003,888,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche2.bmp
[2012.08.20 14:57:15 | 003,888,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche.bmp
[2012.08.20 00:24:26 | 000,043,973 | ---- | C] () -- C:\Dokumente
[2012.08.17 23:31:48 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.08.16 13:40:55 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.08.16 11:39:06 | 005,166,395 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Zulasung und Fahrerlaubnis.pdf
[2012.08.14 22:09:10 | 001,144,592 | ---- | C] () -- C:\Programme\MusicConverterSetup.exe
[2012.08.07 22:32:26 | 022,723,832 | ---- | C] () -- C:\Programme\vlc-2.0.3-win32.exe
[2012.08.01 09:22:10 | 000,000,055 | ---- | C] () -- C:\WINDOWS\TC.INI
[2012.07.12 12:04:52 | 000,000,393 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\HamsterVideoConverterSettings.cfg
[2012.07.11 14:11:39 | 000,788,552 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.07.08 01:05:16 | 000,155,022 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2025429265-1417001333-839522115-1003-0.dat
[2012.07.08 01:05:15 | 000,155,022 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.06.25 23:28:53 | 000,003,204 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2012.05.18 18:13:34 | 000,003,418 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2012.05.05 19:31:46 | 001,507,138 | ---- | C] () -- C:\Programme\wrar42b1.exe
[2012.04.23 00:32:04 | 126,041,088 | ---- | C] () -- C:\Programme\ts_6_0_36.exe
[2012.04.22 23:19:29 | 002,762,128 | ---- | C] () -- C:\Programme\mypwin250de.exe
[2012.04.22 15:28:35 | 017,458,000 | ---- | C] () -- C:\Programme\GoogleEarthWin.exe
[2012.04.22 14:27:54 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.04.22 14:27:53 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.04.22 14:27:53 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.04.22 14:27:26 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012.04.22 12:29:43 | 000,264,271 | ---- | C] () -- C:\Programme\FHSetup.exe
[2012.04.13 20:59:13 | 000,381,952 | ---- | C] () -- C:\Programme\AVCleaner.exe
[2012.04.12 01:01:37 | 000,124,928 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.12 00:52:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012.04.10 10:51:54 | 000,000,212 | ---- | C] () -- C:\WINDOWS\BUHL.INI
[2012.04.09 23:52:54 | 000,827,392 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2012.04.09 23:52:53 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2012.04.09 23:52:52 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2012.04.09 23:52:52 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2012.04.09 23:52:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2012.04.09 23:52:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2012.04.08 22:11:03 | 000,000,075 | ---- | C] () -- C:\WINDOWS\muserr.ini
[2012.04.08 18:57:16 | 000,003,127 | ---- | C] () -- C:\WINDOWS\musi.ini
[2012.04.08 17:32:46 | 000,050,072 | ---- | C] () -- C:\WINDOWS\System32\DXTSERV.DLL
[2012.04.08 17:32:46 | 000,005,408 | ---- | C] () -- C:\WINDOWS\System32\Vb2olecf.dll
[2012.04.08 17:32:45 | 000,005,877 | ---- | C] () -- C:\WINDOWS\System32\Dxintl.dll
[2012.04.08 17:32:44 | 000,236,734 | ---- | C] () -- C:\WINDOWS\System32\Pxengwin.dll
[2012.04.08 16:01:43 | 000,000,080 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2012.04.08 15:59:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.04.08 14:10:33 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2012.04.08 12:09:02 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\CNCFLdNL.DLL
[2012.04.08 11:46:34 | 000,789,796 | ---- | C] () -- C:\WINDOWS\System32\sig.bin
[2012.04.08 00:19:05 | 000,002,951 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Config.nt.bak
[2012.04.08 00:19:05 | 000,001,806 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Autoexec.nt.bak
[2012.04.08 00:19:05 | 000,000,820 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\hosts.bak
[2012.04.07 23:51:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.04.07 23:49:59 | 000,170,688 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.04.07 23:34:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012.04.07 23:32:09 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012.04.07 23:03:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.04.07 22:59:24 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.04.05 18:11:57 | 003,400,800 | ---- | C] () -- C:\Programme\termin2.exe
[2012.04.05 18:11:57 | 000,643,854 | ---- | C] () -- C:\Programme\sss_4.7.1.exe
[2012.04.05 18:11:53 | 031,252,480 | ---- | C] () -- C:\Programme\Basic_Starter_Pack.exe
 
========== LOP Check ==========
 
[2012.04.18 19:19:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AlawarWrapper
[2012.06.25 10:18:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2012.04.08 12:10:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2012.07.07 13:21:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM
[2012.08.02 21:08:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.04.13 22:53:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2012.05.17 00:39:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2012.06.29 11:59:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Stylus Studio
[2012.04.10 08:07:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2012.08.02 21:09:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.08.02 21:08:04 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.08.24 23:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Ahnenblatt
[2012.04.22 15:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AnvSoft
[2012.07.07 13:33:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\BrowserCompanion
[2012.04.22 23:00:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Canon
[2012.08.20 00:24:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.04.22 09:45:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Free Spider TreeCardGames
[2012.05.09 21:40:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Oracle
[2012.06.29 11:35:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\PhotoFiltre Studio X
[2012.08.22 14:04:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\RPPrivate
[2012.06.29 11:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Stylus Studio
[2012.06.25 23:29:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\systweak
[2012.04.10 08:06:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TomTom
[2012.08.02 21:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TuneUp Software
[2012.08.06 07:42:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\UpdatusUser\Anwendungsdaten\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
[2012.08.02 15:17:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\Speedbit
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.04.22 19:56:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Adobe
[2012.08.24 23:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Ahnenblatt
[2012.04.22 15:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AnvSoft
[2012.07.12 14:24:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Apple Computer
[2012.08.14 21:37:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AVS4YOU
[2012.07.07 13:33:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\BrowserCompanion
[2012.04.22 23:00:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Canon
[2012.07.11 12:50:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Corel
[2012.08.20 00:24:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.04.22 09:45:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Free Spider TreeCardGames
[2012.04.23 16:45:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Google
[2012.06.29 19:03:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Help
[2012.06.29 11:35:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Identities
[2012.04.07 23:32:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\InstallShield
[2012.04.08 09:34:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Macromedia
[2012.04.23 14:26:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Malwarebytes
[2012.07.11 12:41:20 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla
[2012.04.12 12:32:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\NCH Software
[2012.04.23 16:45:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\NVIDIA
[2012.05.09 21:40:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Oracle
[2012.06.29 11:35:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\PhotoFiltre Studio X
[2012.08.16 22:56:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Real
[2012.06.30 22:02:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\RealNetworks
[2012.08.22 14:04:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\RPPrivate
[2012.07.06 17:41:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Skype
[2012.06.29 11:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Stylus Studio
[2012.05.09 21:38:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Sun
[2012.06.25 23:29:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\systweak
[2012.04.10 08:06:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TomTom
[2012.08.02 21:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TuneUp Software
[2012.07.29 12:33:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\U3
[2012.08.24 21:35:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\vlc
[2012.04.17 17:11:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\WinRAR
[2012.04.08 00:44:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Yahoo!
 
< %APPDATA%\*.exe /s >
[2012.07.13 10:08:04 | 000,717,322 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Ahnenblatt\unins000.exe
[2012.07.03 15:13:40 | 000,695,448 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\BrowserCompanion\tbhcn.exe
[2012.04.08 00:46:39 | 000,010,134 | R--- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\ARPPRODUCTICON.exe
[2012.04.08 00:46:39 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\ESS.exe1_8CD58354040E47BC85975A0678C33FAD.exe
[2012.04.08 00:46:39 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\ESS.exe2_276EE340B7D241348159236D2AEAEE1D.exe
[2012.04.08 00:46:39 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\ESS.exe_F1B64C616E5144128CDBCC1756D24622.exe
[2012.04.08 00:46:39 | 000,008,854 | R--- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\UNINST_Uninstall_E_B7BACED33D0944288BDA923F95D21A27.exe
[2012.07.21 20:38:49 | 000,449,688 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Real\Update\UpgradeHelper\RealPlayer\10.00\agent\rnupgagent.exe
[2012.07.21 23:42:27 | 028,145,120 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Real\Update\UpgradeHelper\RealPlayer\10.00\agent\stub_data\RealPlayer_de.exe
[2012.07.21 23:40:21 | 000,761,152 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Real\Update\UpgradeHelper\RealPlayer\10.00\agent\stub_exe\RealPlayer_de.exe
[2006.05.24 13:36:46 | 000,110,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\U3\temp\cleanup.exe
 
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
< MD5 for: AGP440.SYS  >
[2004.08.04 12:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2012.04.08 14:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2012.04.08 14:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 12:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2012.04.08 14:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2012.04.08 14:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 12:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: IASTOR.SYS  >
[2007.02.12 21:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\dell\iastor\iastor.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtUninstallKB968389_1$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtUninstallKB975467_1$\netlogon.dll
 
< MD5 for: NVATABUS.SYS  >
[2006.03.17 02:51:32 | 000,099,840 | ---- | M] (NVIDIA Corporation) MD5=B7FB72492B753930EC70A0F49D04F12F -- C:\WINDOWS\dell\nvraid\NvAtaBus.sys
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 12:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2004.08.04 12:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 12:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 12:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 12:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2012.04.08 00:49:15 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >

WolfgangGK · 07.09.2012, 13:42

Die zweite (Extras.txt) war zu lang. Deshalb nochmal:

Code:

ATTFilter

OTL Extras logfile created on: 07.09.2012 14:28:54 - Run 1
OTL by OldTimer - Version 3.2.56.0     Folder = C:\Dokumente und Einstellungen\Besitzer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 0,99 Gb Available Physical Memory | 52,62% Memory free
3,72 Gb Paging File | 2,71 Gb Available in Paging File | 72,76% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 185,55 Gb Total Space | 125,64 Gb Free Space | 67,71% Space Free | Partition Type: NTFS
 
Computer Name: PAPI-76572328B9 | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series" = Canon MX310 series
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DC5C87A-D5E8-4A69-86E8-AE4D98FC8196}" = talk&surf Fax
"{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}" = EASIS Screenshot
"{6AA4C81A-D3BA-4B88-94D7-D2797A00C9B6}" = SX2x5 Firmware
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7E350663-86D3-466A-AB79-28156A9ABF6E}_is1" = Hamster Free Video Converter
"{7E7C9FB7-711A-4FF0-B22F-42BD08652096}" = talk&surf 6.0
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{B0F08ACB-6BBA-49A8-8BE9-BBB4C2D8B574}" = G Data AntiVirus 2013
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CA529363-D0F2-41EA-B44B-D7515A254645}" = Multimedia Card Reader
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2FD1079-2CF1-461E-8418-E91CA6656B45}" = BIOS Flash
"{DE6DE775-094F-43C1-8AAF-F67C6A753292}" = Gigaset SX2x5isdn / 417x / 307x
"{DF5F21A4-32FD-4A40-BEC0-7A147B7ED38C}" = talk&surf CAPI
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = HP Basic Starter Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Ahnenblatt_is1" = Ahnenblatt 2.70
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MX310 series Benutzerregistrierung" = Canon MX310 series Benutzerregistrierung
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CSCLIB" = Canon Camera Support Core Library
"D-Info 2000" = D-Info 2000
"D-Route" = D-Route
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EOS Utility" = Canon Utilities EOS Utility
"ESET Online Scanner" = ESET Online Scanner v3
"FileHippo.com" = FileHippo.com Update Checker
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{CA529363-D0F2-41EA-B44B-D7515A254645}" = Multimedia Card Reader
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Octava Light" = Octava Light
"PandaPDFConverter" = PandaPDFConverter
"PhotoStitch" = Canon Utilities PhotoStitch
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 15.0" = RealPlayer
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Sandboxie" = Sandboxie 3.74 (32-bit)
"Terminkalender2" = Softwarenetz Terminkalender2
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC media player" = VLC media player 2.0.3
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Google Chrome Frame" = Google Chrome Frame
"PhotoFiltre Studio X" = PhotoFiltre Studio X
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07.08.2012 16:18:31 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -1199206435.
 
Error - 07.08.2012 16:19:16 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung realplay.exe, Version 15.0.6.14, fehlgeschlagenes
 Modul realplay.exe, Version 15.0.6.14, Fehleradresse 0x0000c0f7.
 
Error - 08.08.2012 12:09:46 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
Error - 12.08.2012 18:05:35 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
Error - 15.08.2012 12:11:33 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
Error - 16.08.2012 16:56:36 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung realtrimmer.exe, Version 15.0.6.14, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x021e0003.
 
Error - 16.08.2012 16:56:49 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -1180351254.
 
Error - 16.08.2012 18:17:16 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung realplay.exe, Version 15.0.6.14, fehlgeschlagenes
 Modul msvcr90.dll, Version 9.0.30729.6161, Fehleradresse 0x00025e37.
 
Error - 16.08.2012 18:17:29 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -1195699539.
 
Error - 05.09.2012 16:29:16 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
[ OSession Events ]
Error - 06.06.2012 10:42:32 | Computer Name = PAPI-76572328B9 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 06.06.2012 10:43:12 | Computer Name = PAPI-76572328B9 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 06.06.2012 10:44:11 | Computer Name = PAPI-76572328B9 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 30
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 25.08.2012 10:49:01 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 25.08.2012 10:49:01 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 26.08.2012 08:41:13 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 26.08.2012 08:41:13 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 06.09.2012 13:57:09 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 06.09.2012 13:57:09 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 07.09.2012 03:06:40 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 07.09.2012 03:06:41 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 07.09.2012 03:09:01 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 07.09.2012 03:09:01 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
 
< End of report >

Hallo,
hier der zweite Versuch mit dem OTL-Scan und Deiner Scananweisung - jetzt Deiner Anweisung korrekt gefolgt:

Code:

ATTFilter

OTL logfile created on: 07.09.2012 15:07:46 - Run 2
OTL by OldTimer - Version 3.2.56.0     Folder = C:\Dokumente und Einstellungen\Besitzer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,27 Gb Available Physical Memory | 67,77% Memory free
3,72 Gb Paging File | 3,02 Gb Available in Paging File | 81,21% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 185,55 Gb Total Space | 125,61 Gb Free Space | 67,70% Space Free | Partition Type: NTFS
 
Computer Name: PAPI-76572328B9 | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.09.07 14:05:05 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe
PRC - [2012.08.25 22:27:58 | 000,545,552 | ---- | M] (SANDBOXIE L.T.D) -- C:\Programme\Sandboxie\SbieCtrl.exe
PRC - [2012.08.25 22:27:58 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) -- C:\Programme\Sandboxie\SbieSvc.exe
PRC - [2012.08.17 15:31:46 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2012.08.04 15:53:33 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Real\Update\realsched.exe
PRC - [2012.08.02 15:17:58 | 000,265,928 | ---- | M] (SpeedBit Ltd.) -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2012.07.31 07:34:50 | 000,081,432 | ---- | M] (Google Inc.) -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\chrome_frame_helper.exe
PRC - [2012.07.30 18:01:02 | 003,075,920 | ---- | M] (Emsisoft GmbH) -- C:\Programme\Emsisoft Anti-Malware\a2service.exe
PRC - [2012.07.26 14:16:14 | 000,092,632 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.07.26 14:16:12 | 000,247,768 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.07.03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2012.06.01 05:04:52 | 001,583,576 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe
PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012.05.25 14:19:24 | 001,540,120 | ---- | M] (G Data Software AG) -- C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
PRC - [2012.05.24 05:23:01 | 000,985,624 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe
PRC - [2012.05.15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.03.29 04:42:27 | 000,470,008 | ---- | M] (G Data Software AG) -- C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe
PRC - [2012.03.26 09:34:22 | 000,306,688 | ---- | M] (FileHippo.com) -- C:\Programme\FileHippo.com\UpdateChecker.exe
PRC - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\AntiVirus\AVK\AVKService.exe
PRC - [2011.06.22 13:59:34 | 002,502,752 | ---- | M] (softwarenetz.de) -- C:\Programme\Softwarenetz\Terminkalender2\kalender2.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.02.27 14:58:22 | 000,172,032 | ---- | M] (Siemens AG) -- C:\Programme\Gigaset DECT\talk&surf_6_0\semon21.exe
PRC - [2005.03.01 10:45:30 | 000,327,680 | ---- | M] (Siemens) -- C:\Programme\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe
PRC - [2005.03.01 10:40:26 | 000,061,440 | ---- | M] (Siemens AG) -- C:\WINDOWS\system32\SerExt.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.07 09:49:09 | 001,808,896 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\G DATA\AVKScanP\Avast5\defs\12090700\algo.dll
MOD - [2012.06.14 13:16:20 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012.06.14 13:15:54 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll
MOD - [2012.06.14 12:38:14 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.06.14 12:38:02 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.06.14 12:36:01 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.05.11 13:02:26 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012.05.11 00:43:40 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.11 00:41:56 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.11 00:41:43 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2007.07.23 17:44:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2007.02.27 14:57:14 | 000,155,648 | ---- | M] () -- C:\Programme\Gigaset DECT\talk&surf_6_0\dectcontrol.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.25 22:27:58 | 000,085,776 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2012.08.22 07:47:25 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.17 15:31:46 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.08.02 15:17:58 | 000,265,928 | ---- | M] (SpeedBit Ltd.) [Auto | Running] -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2012.07.30 18:01:02 | 003,075,920 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Programme\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012.07.26 14:16:14 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.01 05:04:52 | 001,583,576 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe -- (AVKWCtl)
SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.25 14:19:24 | 001,540,120 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2012.05.15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.03.29 04:42:27 | 000,470,008 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe -- (GDScan)
SRV - [2012.01.27 04:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Programme\G Data\AntiVirus\AVK\AVKService.exe -- (AVKService)
SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007.04.13 09:20:22 | 000,097,432 | ---- | M] () [Disabled | Stopped] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.09.30 19:22:50 | 000,096,341 | ---- | M] (Canon Inc.) [Disabled | Stopped] -- C:\Programme\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2005.03.01 10:45:30 | 000,327,680 | ---- | M] (Siemens) [On_Demand | Running] -- C:\Programme\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe -- (xControlCOM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys -- (Sunkfiltp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\sunkfilt6.sys -- (SunkFilt6)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.08.25 22:27:54 | 000,157,776 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.06.12 09:50:58 | 000,052,768 | ---- | M] (G Data Software AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys -- (GDTdiInterceptor)
DRV - [2012.05.08 15:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.04.30 18:45:28 | 000,054,072 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2012.04.14 00:15:09 | 000,069,552 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\GRD.sys -- (GRD)
DRV - [2012.04.13 22:38:04 | 000,090,744 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV - [2012.04.13 22:38:04 | 000,046,840 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\HookCentre.sys -- (HookCentre)
DRV - [2012.04.13 22:38:03 | 000,041,848 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\GDBehave.sys -- (GDBehave)
DRV - [2011.05.19 14:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2007.10.16 18:38:30 | 004,615,168 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007.03.06 12:27:32 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2007.03.06 12:27:28 | 000,058,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.07.01 23:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.04.13 14:33:28 | 000,008,192 | ---- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys -- (BS_I2cIo)
DRV - [2005.03.16 08:23:54 | 000,013,696 | R--- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BIOS.sys -- (BIOS)
DRV - [2005.03.01 10:46:56 | 000,053,632 | ---- | M] (Siemens AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Gigusb.sys -- (Gigusb)
DRV - [2005.03.01 10:36:02 | 000,008,448 | ---- | M] (Siemens AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DectEnum.sys -- (DectEnum)
DRV - [2005.03.01 10:33:18 | 000,113,408 | ---- | M] (Siemens AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\siellif.sys -- (siellif)
DRV - [2004.09.08 15:22:04 | 000,050,759 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IUAPIWDM.sys -- (IUAPIWDM)
DRV - [2004.09.08 15:22:02 | 000,263,751 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hrcmpa.sys -- (HRCMPA)
DRV - [2004.09.08 15:21:58 | 000,041,037 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ndiscapi.sys -- (NDISCAPI)
DRV - [2004.09.08 15:21:54 | 000,028,740 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\capi.sys -- (CAPI)
DRV - [2004.07.23 14:55:50 | 000,046,536 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sunkfilt62.sys -- (SunkFilt62)
DRV - [2003.06.17 09:04:16 | 000,185,696 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmdmd.sys -- (vmdmd)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{153F0B84-E0A6-40E4-9FC5-17BA5C020C5A}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=90&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes,Backup.Old.DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes,DefaultScope = {4D44BF90-E948-4783-8822-419C6D6AA853}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes\{4D44BF90-E948-4783-8822-419C6D6AA853}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes\{9EA1C821-D660-4C4D-8D89-0DA55F6363A4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1
FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\programme\real\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\programme\real\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\programme\real\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.04 15:54:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.04 15:54:33 | 000,000,000 | ---D | M]
 
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Extensions
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2012.04.13 19:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.08.23 18:17:24 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAMME\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.yahoo.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.yahoo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.11.21.5_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c:\programme\real\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\programme\real\Netscape6\nprpplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Programme\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\programme\real\Netscape6\nprjplug.dll
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
 
O1 HOSTS File: ([2004.08.04 12:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [emsisoft anti-malware] C:\Programme\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [SerExt] C:\WINDOWS\System32\SerExt.exe (Siemens AG)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Sunkist2k] C:\Programme\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\real\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [ChromeFrameHelper] C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\chrome_frame_helper.exe (Google Inc.)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [FileHippo.com] C:\Programme\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [SandboxieControl] C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [TomTomHOME.exe] C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\talk&surf 6.0 - Monitor.lnk = C:\Programme\Gigaset DECT\talk&surf_6_0\semon21.exe (Siemens AG)
O4 - Startup: C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\Terminkalender2.lnk = C:\Programme\Softwarenetz\Terminkalender2\kalender2.exe (softwarenetz.de)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-1417001333-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programme\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1333840740140 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1333841194171 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A4B7A17-6D9F-41EC-BBA5-689A5CC1318D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O27 - HKLM IFEO\flashranger.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\googleearth.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.04.07 23:02:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell - "" = AutoRun
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^CAPI - Monitor.lnk - C:\Programme\Gigaset DECT\capi\Tools\CALLTRAY.exe - (EllSoft Software Development & Design                                  )
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk - C:\Programme\WISO\Steuersoftware 2012\mshaktuell.exe - ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - 
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4AADD1F0-17A8-4349-943F-9C7B5E3F9CB4} - Yahoo! Toolbar
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {4FB202B3-4735-4C4D-957E-0C8CA2FE17EB} - Yahoo! Search Setting Update
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Programme\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D15293F9-CD53-4FA4-9E48-E161B336F03D} - NoIE8Tour
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{A0836101-83D2-48A7-9AC3-EB93431326FD} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.07 14:06:58 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe
[2012.09.07 14:05:05 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Programme\OTL.exe
[2012.09.05 22:40:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2012.09.05 20:43:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Sandboxie
[2012.08.23 18:17:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TomTom
[2012.08.19 21:24:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Marga
[2012.08.17 18:35:26 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.08.17 18:35:16 | 002,322,184 | ---- | C] (ESET) -- C:\Programme\esetsmartinstaller_deu.exe
[2012.08.17 15:32:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.08.15 00:21:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.08.15 00:20:38 | 028,820,624 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- C:\Programme\FreeVideoToMP3Converter5.0.15.706[1].exe
[2012.08.14 21:52:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\CRE
[2012.08.14 21:51:44 | 002,397,968 | ---- | C] (Conduit) -- C:\Programme\FileConverter_1_3.exe
[2012.08.13 09:48:52 | 002,502,752 | ---- | C] (softwarenetz.de) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\kalender2.exe
[2012.08.13 00:21:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Emsisoft Anti-Malware
[2012.08.13 00:19:54 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware
[2012.08.13 00:19:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Anti-Malware
[2012.08.13 00:11:22 | 152,822,440 | ---- | C] (Emsisoft GmbH                                               ) -- C:\Programme\EmsisoftAntiMalwareSetup_5987352.exe
[2012.08.08 21:45:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.08.08 21:45:35 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.08.08 21:45:35 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.08.08 17:06:57 | 010,652,120 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Programme\mbam-setup-1.62.0.1300.exe
[2012.08.03 16:50:02 | 000,886,136 | ---- | C] (R&E Media) -- C:\Programme\RealPlayer10-5GOLD_de.exe
[2012.08.02 21:07:15 | 027,565,488 | ---- | C] (TuneUp Software) -- C:\Programme\TuneUpUtilities2012_de-DE.exe
[2012.07.28 12:21:22 | 001,952,760 | ---- | C] (Driver Whiz) -- C:\Programme\Driverwhiz.exe
[2012.07.13 10:07:51 | 004,668,032 | ---- | C] (Dirk Boettcher                                              ) -- C:\Programme\absetup.exe
[2012.07.12 10:56:20 | 039,483,256 | ---- | C] (Apple Inc.) -- C:\Programme\QuickTimeInstaller.exe
[2012.05.24 17:12:04 | 100,834,120 | ---- | C] (NVIDIA Corporation) -- C:\Programme\301.42-desktop-winxp-32bit-english-whql.exe
[2012.05.09 21:37:33 | 000,892,360 | ---- | C] (Oracle Corporation) -- C:\Programme\chromeinstall-7u4.exe
[2012.05.02 12:27:47 | 035,344,784 | ---- | C] (Spiceworks, Inc.) -- C:\Programme\Spiceworks.exe
[2012.05.01 17:21:32 | 000,944,264 | ---- | C] (Skype Technologies S.A.) -- C:\Programme\SkypeSetup.exe
[2012.04.22 21:59:13 | 029,867,432 | ---- | C] (Google Inc.) -- C:\Programme\chrome_installer.exe
[2012.04.13 20:39:16 | 357,596,736 | ---- | C] (G Data Software AG) -- C:\Programme\GER_R_FUL_2013_AV.exe
[2012.04.12 12:32:13 | 000,533,560 | ---- | C] (NCH Software) -- C:\Programme\prismpsetup.exe
[2012.04.12 11:03:41 | 009,330,176 | ---- | C] (Irfan Skiljan) -- C:\Programme\irfanview_plugins_433_setup.exe
[2012.04.12 00:53:59 | 000,761,152 | ---- | C] (RealNetworks, Inc.) -- C:\Programme\RealPlayer_de.exe
[2012.04.10 08:06:01 | 020,410,664 | ---- | C] (TomTom International B.V.) -- C:\Programme\TomTomHOME2winlatest.exe
[2012.04.09 13:39:22 | 001,538,560 | ---- | C] (Irfan Skiljan) -- C:\Programme\iview433_setup.exe
[2012.04.08 21:22:46 | 002,308,368 | ---- | C] (SANDBOXIE L.T.D) -- C:\Programme\SandboxieInstall.exe
[2012.04.08 16:56:21 | 025,766,024 | ---- | C] (Microsoft Corporation) -- C:\Programme\wmp11-windowsxp-x86-DE-DE.exe
[2012.04.05 18:11:56 | 019,430,640 | ---- | C] (Microsoft Corporation) -- C:\Programme\ie8-setup-full.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.07 14:48:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.09.07 14:05:05 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Programme\OTL.exe
[2012.09.07 14:05:05 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe
[2012.09.07 11:09:18 | 000,789,796 | ---- | M] () -- C:\WINDOWS\System32\sig.bin
[2012.09.07 11:09:18 | 000,043,821 | ---- | M] () -- C:\WINDOWS\System32\nmp.map
[2012.09.07 09:46:26 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.09.07 09:46:24 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.09.07 09:04:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.06 23:51:09 | 000,003,418 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2012.09.06 19:41:29 | 000,032,069 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Attachments_2012_09_6.zip
[2012.09.06 16:22:53 | 000,511,265 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\adwcleaner.exe
[2012.09.05 20:39:00 | 000,013,734 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.08.25 16:56:06 | 003,004,752 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\15 - Der Kuckuck Und Der Esel.mp3
[2012.08.25 09:35:27 | 000,000,080 | ---- | M] () -- C:\WINDOWS\wiso.ini
[2012.08.24 21:18:12 | 000,003,127 | ---- | M] () -- C:\WINDOWS\musi.ini
[2012.08.24 17:58:31 | 126,001,196 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Altgl_0.wav
[2012.08.22 14:03:19 | 000,124,928 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.22 14:03:19 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.08.20 14:58:37 | 003,888,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche2.bmp
[2012.08.20 14:57:15 | 003,888,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche.bmp
[2012.08.20 00:24:36 | 000,043,973 | ---- | M] () -- C:\Dokumente
[2012.08.17 18:35:14 | 002,322,184 | ---- | M] (ESET) -- C:\Programme\esetsmartinstaller_deu.exe
[2012.08.17 07:50:27 | 000,170,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.08.17 01:25:01 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.08.17 01:05:48 | 000,492,796 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.08.17 01:05:48 | 000,473,092 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.08.17 01:05:48 | 000,091,054 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.08.17 01:05:48 | 000,076,186 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.08.16 11:40:09 | 005,166,395 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Zulasung und Fahrerlaubnis.pdf
[2012.08.15 00:21:29 | 028,820,624 | ---- | M] (DVDVideoSoft Ltd.                                           ) -- C:\Programme\FreeVideoToMP3Converter5.0.15.706[1].exe
[2012.08.14 22:09:10 | 001,144,592 | ---- | M] () -- C:\Programme\MusicConverterSetup.exe
[2012.08.14 21:51:54 | 002,397,968 | ---- | M] (Conduit) -- C:\Programme\FileConverter_1_3.exe
[2012.08.13 00:16:08 | 152,822,440 | ---- | M] (Emsisoft GmbH                                               ) -- C:\Programme\EmsisoftAntiMalwareSetup_5987352.exe
[2012.08.08 17:07:25 | 010,652,120 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Programme\mbam-setup-1.62.0.1300.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.06 19:41:34 | 000,032,069 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Attachments_2012_09_6.zip
[2012.09.06 16:23:06 | 000,511,265 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\adwcleaner.exe
[2012.08.24 17:58:21 | 126,001,196 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Altgl_0.wav
[2012.08.20 14:58:37 | 003,888,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche2.bmp
[2012.08.20 14:57:15 | 003,888,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche.bmp
[2012.08.20 00:24:26 | 000,043,973 | ---- | C] () -- C:\Dokumente
[2012.08.17 23:31:48 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.08.16 13:40:55 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.08.16 11:39:06 | 005,166,395 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Zulasung und Fahrerlaubnis.pdf
[2012.08.14 22:09:10 | 001,144,592 | ---- | C] () -- C:\Programme\MusicConverterSetup.exe
[2012.08.07 22:32:26 | 022,723,832 | ---- | C] () -- C:\Programme\vlc-2.0.3-win32.exe
[2012.08.01 09:22:10 | 000,000,055 | ---- | C] () -- C:\WINDOWS\TC.INI
[2012.07.12 12:04:52 | 000,000,393 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\HamsterVideoConverterSettings.cfg
[2012.07.11 14:11:39 | 000,788,552 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.07.08 01:05:16 | 000,155,022 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2025429265-1417001333-839522115-1003-0.dat
[2012.07.08 01:05:15 | 000,155,022 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.06.25 23:28:53 | 000,003,204 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2012.05.18 18:13:34 | 000,003,418 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2012.05.05 19:31:46 | 001,507,138 | ---- | C] () -- C:\Programme\wrar42b1.exe
[2012.04.23 00:32:04 | 126,041,088 | ---- | C] () -- C:\Programme\ts_6_0_36.exe
[2012.04.22 23:19:29 | 002,762,128 | ---- | C] () -- C:\Programme\mypwin250de.exe
[2012.04.22 15:28:35 | 017,458,000 | ---- | C] () -- C:\Programme\GoogleEarthWin.exe
[2012.04.22 14:27:54 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.04.22 14:27:53 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.04.22 14:27:53 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.04.22 14:27:26 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012.04.22 12:29:43 | 000,264,271 | ---- | C] () -- C:\Programme\FHSetup.exe
[2012.04.13 20:59:13 | 000,381,952 | ---- | C] () -- C:\Programme\AVCleaner.exe
[2012.04.12 01:01:37 | 000,124,928 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.12 00:52:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012.04.10 10:51:54 | 000,000,212 | ---- | C] () -- C:\WINDOWS\BUHL.INI
[2012.04.09 23:52:54 | 000,827,392 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2012.04.09 23:52:53 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2012.04.09 23:52:52 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2012.04.09 23:52:52 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2012.04.09 23:52:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2012.04.09 23:52:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2012.04.08 22:11:03 | 000,000,075 | ---- | C] () -- C:\WINDOWS\muserr.ini
[2012.04.08 18:57:16 | 000,003,127 | ---- | C] () -- C:\WINDOWS\musi.ini
[2012.04.08 17:32:46 | 000,050,072 | ---- | C] () -- C:\WINDOWS\System32\DXTSERV.DLL
[2012.04.08 17:32:46 | 000,005,408 | ---- | C] () -- C:\WINDOWS\System32\Vb2olecf.dll
[2012.04.08 17:32:45 | 000,005,877 | ---- | C] () -- C:\WINDOWS\System32\Dxintl.dll
[2012.04.08 17:32:44 | 000,236,734 | ---- | C] () -- C:\WINDOWS\System32\Pxengwin.dll
[2012.04.08 16:01:43 | 000,000,080 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2012.04.08 15:59:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.04.08 14:10:33 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2012.04.08 12:09:02 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\CNCFLdNL.DLL
[2012.04.08 11:46:34 | 000,789,796 | ---- | C] () -- C:\WINDOWS\System32\sig.bin
[2012.04.08 00:19:05 | 000,002,951 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Config.nt.bak
[2012.04.08 00:19:05 | 000,001,806 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Autoexec.nt.bak
[2012.04.08 00:19:05 | 000,000,820 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\hosts.bak
[2012.04.07 23:51:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.04.07 23:49:59 | 000,170,688 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.04.07 23:34:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012.04.07 23:32:09 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012.04.07 23:03:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.04.07 22:59:24 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.04.05 18:11:57 | 003,400,800 | ---- | C] () -- C:\Programme\termin2.exe
[2012.04.05 18:11:57 | 000,643,854 | ---- | C] () -- C:\Programme\sss_4.7.1.exe
[2012.04.05 18:11:53 | 031,252,480 | ---- | C] () -- C:\Programme\Basic_Starter_Pack.exe
 
========== LOP Check ==========
 
[2012.04.18 19:19:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AlawarWrapper
[2012.06.25 10:18:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2012.04.08 12:10:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2012.07.07 13:21:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM
[2012.08.02 21:08:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.04.13 22:53:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2012.05.17 00:39:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2012.06.29 11:59:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Stylus Studio
[2012.04.10 08:07:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2012.08.02 21:09:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.08.02 21:08:04 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.08.24 23:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Ahnenblatt
[2012.04.22 15:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AnvSoft
[2012.07.07 13:33:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\BrowserCompanion
[2012.04.22 23:00:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Canon
[2012.08.20 00:24:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.04.22 09:45:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Free Spider TreeCardGames
[2012.05.09 21:40:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Oracle
[2012.06.29 11:35:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\PhotoFiltre Studio X
[2012.08.22 14:04:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\RPPrivate
[2012.06.29 11:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Stylus Studio
[2012.06.25 23:29:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\systweak
[2012.04.10 08:06:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TomTom
[2012.08.02 21:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TuneUp Software
[2012.08.06 07:42:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\UpdatusUser\Anwendungsdaten\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
Invalid Environment Variable:  ALLUSERSPROFILE
 
< % ALLUSERSPROFILE% \ Application Data \ *. Exe / s >
Invalid Switch: s
Invalid Environment Variable:  APPDATA
 
< % APPDATA% \ *. Exe / s >
Invalid Switch: s
Invalid Environment Variable:  Systemlaufwerk
 
< / Md5start >
Invalid Switch: Md5start
 
< wininit.exe >
 
< userinit.exe >
 
< eventlog.dll >
 
< scecli.dll >
 
< Netlogon.dll >
 
< cngaudit.dll >
 
< ws2ifsl.sys >
 
< sceclt.dll >
 
< ntelogon.dll >
 
< winlogon.exe >
 
< logevent.dll >
 
< user32.dll >
 
< iaStor.sys >
 
< nvstor.sys >
 
< atapi.sys >
 
< IdeChnDr.sys >
 
< viasraid.sys >
 
< Agp440.sys >
 
< vaxscsi.sys >
 
< nvatabus.sys >
 
< viamraid.sys >
 
< nvata.sys >
 
< nvgts.sys >
 
< iastorv.sys >
 
< ViPrt.sys >
 
< eNetHook.dll >
 
< ahcix86.sys >
 
< KR10N.sys >
 
< nvstor32.sys >
 
< ahcix86s.sys >
 
< / Md5stop >
Invalid Switch: Md5stop
 
< % Systemroot% \ system32 \ drivers \ *. Sys / lockedfiles >
Invalid Switch: lockedfiles
Invalid Environment Variable:  Systemroot
 
< % Systemroot% \ *. / Mp / s >
Invalid Switch: s
 
< % Systemroot% \ system32 \ *. Dll / lockedfiles >
Invalid Switch: lockedfiles
 
<           >

< End of report >

cosinus · 09.09.2012, 20:58

Code:

ATTFilter

Version 3.2.56.0

Bite die Anleitungen komplett richtig lesen und auch so umsetzen!
Von oben bis unten sind es doch schon Schritt für Schritt Anleitungen, warum wurde OTL nicht neu runtergeladen?

WolfgangGK · 10.09.2012, 17:34

Ich hoffe, daß ich nun alles richtig gemacht habe:

Code:

ATTFilter

OTL logfile created on: 10.09.2012 18:12:36 - Run 3
OTL by OldTimer - Version 3.2.61.3     Folder = C:\Dokumente und Einstellungen\Besitzer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 63,08% Memory free
3,72 Gb Paging File | 2,82 Gb Available in Paging File | 75,73% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 185,55 Gb Total Space | 125,02 Gb Free Space | 67,38% Space Free | Partition Type: NTFS
 
Computer Name: PAPI-76572328B9 | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Real\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe (SpeedBit Ltd.)
PRC - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\chrome_frame_helper.exe (Google Inc.)
PRC - C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe (G Data Software AG)
PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Programme\FileHippo.com\UpdateChecker.exe (FileHippo.com)
PRC - C:\Programme\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Programme\Softwarenetz\Terminkalender2\kalender2.exe (softwarenetz.de)
PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gigaset DECT\talk&surf_6_0\semon21.exe (Siemens AG)
PRC - C:\Programme\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe (Siemens)
PRC - C:\WINDOWS\system32\SerExt.exe (Siemens AG)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Gemeinsame Dateien\G DATA\AVKScanP\Avast5\defs\12091000\algo.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\ppgooglenaclpluginchrome.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\pdf.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\avutil-51.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\avformat-54.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\avcodec-54.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\msjetoledb40.dll ()
MOD - C:\Programme\Gigaset DECT\talk&surf_6_0\dectcontrol.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (VideoAcceleratorService) -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe (SpeedBit Ltd.)
SRV - (a2AntiMalware) -- C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AVKWCtl) -- C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe (G Data Software AG)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (AVKProxy) -- C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (GDScan) -- C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKService) -- C:\Programme\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (IJPLMSVC) -- C:\Programme\Canon\IJPLM\ijplmsvc.exe ()
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (CCALib8) -- C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (xControlCOM) -- C:\Programme\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe (Siemens)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (Sunkfiltp) -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys File not found
DRV - (SunkFilt6) -- C:\WINDOWS\System32\Drivers\sunkfilt6.sys File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (GDTdiInterceptor) -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys (G Data Software AG)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (a2acc) -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys (Emsisoft GmbH)
DRV - (GRD) -- C:\WINDOWS\system32\drivers\GRD.sys (G Data Software)
DRV - (GDMnIcpt) -- C:\WINDOWS\system32\drivers\MiniIcpt.sys (G Data Software AG)
DRV - (HookCentre) -- C:\WINDOWS\system32\drivers\HookCentre.sys (G Data Software AG)
DRV - (GDBehave) -- C:\WINDOWS\system32\drivers\GDBehave.sys (G Data Software AG)
DRV - (A2DDA) -- C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys (Emsi Software GmbH)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (BS_I2cIo) -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys (BIOSTAR Group)
DRV - (BIOS) -- C:\WINDOWS\system32\drivers\BIOS.sys (BIOSTAR Group)
DRV - (Gigusb) -- C:\WINDOWS\system32\drivers\Gigusb.sys (Siemens AG)
DRV - (DectEnum) -- C:\WINDOWS\system32\drivers\DectEnum.sys (Siemens AG)
DRV - (siellif) -- C:\WINDOWS\system32\drivers\siellif.sys (Siemens AG)
DRV - (IUAPIWDM) -- C:\WINDOWS\system32\drivers\IUAPIWDM.sys (SIEMENS AG)
DRV - (HRCMPA) -- C:\WINDOWS\system32\drivers\hrcmpa.sys (SIEMENS AG)
DRV - (NDISCAPI) -- C:\WINDOWS\system32\drivers\ndiscapi.sys (SIEMENS AG)
DRV - (CAPI) -- C:\WINDOWS\system32\drivers\capi.sys (SIEMENS AG)
DRV - (SunkFilt62) -- C:\WINDOWS\system32\drivers\sunkfilt62.sys (Alcor Micro, Corp.)
DRV - (vmdmd) -- C:\WINDOWS\system32\drivers\vmdmd.sys (SIEMENS AG)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{153F0B84-E0A6-40E4-9FC5-17BA5C020C5A}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=90&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes,Backup.Old.DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes,DefaultScope = {4D44BF90-E948-4783-8822-419C6D6AA853}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes\{4D44BF90-E948-4783-8822-419C6D6AA853}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes\{9EA1C821-D660-4C4D-8D89-0DA55F6363A4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\programme\real\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\programme\real\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\programme\real\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.04 15:54:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.04 15:54:33 | 000,000,000 | ---D | M]
 
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Extensions
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2012.04.13 19:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.yahoo.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.yahoo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.11.21.5_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c:\programme\real\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\programme\real\Netscape6\nprpplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Programme\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\programme\real\Netscape6\nprjplug.dll
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
 
O1 HOSTS File: ([2004.08.04 12:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [emsisoft anti-malware] C:\Programme\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [SerExt] C:\WINDOWS\System32\SerExt.exe (Siemens AG)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Sunkist2k] C:\Programme\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\real\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [ChromeFrameHelper] C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\chrome_frame_helper.exe (Google Inc.)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [FileHippo.com] C:\Programme\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [SandboxieControl] C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [TomTomHOME.exe] C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\talk&surf 6.0 - Monitor.lnk = C:\Programme\Gigaset DECT\talk&surf_6_0\semon21.exe (Siemens AG)
O4 - Startup: C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\Terminkalender2.lnk = C:\Programme\Softwarenetz\Terminkalender2\kalender2.exe (softwarenetz.de)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-1417001333-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programme\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1333840740140 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1333841194171 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A4B7A17-6D9F-41EC-BBA5-689A5CC1318D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O27 - HKLM IFEO\flashranger.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\googleearth.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.04.07 23:02:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell - "" = AutoRun
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^CAPI - Monitor.lnk - C:\Programme\Gigaset DECT\capi\Tools\CALLTRAY.exe - (EllSoft Software Development & Design                                  )
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk - C:\Programme\WISO\Steuersoftware 2012\mshaktuell.exe - ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - 
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4AADD1F0-17A8-4349-943F-9C7B5E3F9CB4} - Yahoo! Toolbar
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {4FB202B3-4735-4C4D-957E-0C8CA2FE17EB} - Yahoo! Search Setting Update
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Programme\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D15293F9-CD53-4FA4-9E48-E161B336F03D} - NoIE8Tour
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{A0836101-83D2-48A7-9AC3-EB93431326FD} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.10 18:04:27 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe
[2012.09.05 22:40:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2012.09.05 20:43:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Sandboxie
[2012.08.23 18:17:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TomTom
[2012.08.19 21:24:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Marga
[2012.08.17 18:35:26 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.08.17 18:35:16 | 002,322,184 | ---- | C] (ESET) -- C:\Programme\esetsmartinstaller_deu.exe
[2012.08.17 15:32:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.08.15 00:21:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.08.15 00:20:38 | 028,820,624 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- C:\Programme\FreeVideoToMP3Converter5.0.15.706[1].exe
[2012.08.14 21:52:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\CRE
[2012.08.14 21:51:44 | 002,397,968 | ---- | C] (Conduit) -- C:\Programme\FileConverter_1_3.exe
[2012.08.13 09:48:52 | 002,502,752 | ---- | C] (softwarenetz.de) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\kalender2.exe
[2012.08.13 00:21:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Emsisoft Anti-Malware
[2012.08.13 00:19:54 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware
[2012.08.13 00:19:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Anti-Malware
[2012.08.13 00:11:22 | 152,822,440 | ---- | C] (Emsisoft GmbH                                               ) -- C:\Programme\EmsisoftAntiMalwareSetup_5987352.exe
[2012.08.08 17:06:57 | 010,652,120 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Programme\mbam-setup-1.62.0.1300.exe
[2012.08.03 16:50:02 | 000,886,136 | ---- | C] (R&E Media) -- C:\Programme\RealPlayer10-5GOLD_de.exe
[2012.08.02 21:07:15 | 027,565,488 | ---- | C] (TuneUp Software) -- C:\Programme\TuneUpUtilities2012_de-DE.exe
[2012.07.28 12:21:22 | 001,952,760 | ---- | C] (Driver Whiz) -- C:\Programme\Driverwhiz.exe
[2012.07.13 10:07:51 | 004,668,032 | ---- | C] (Dirk Boettcher                                              ) -- C:\Programme\absetup.exe
[2012.07.12 10:56:20 | 039,483,256 | ---- | C] (Apple Inc.) -- C:\Programme\QuickTimeInstaller.exe
[2012.05.24 17:12:04 | 100,834,120 | ---- | C] (NVIDIA Corporation) -- C:\Programme\301.42-desktop-winxp-32bit-english-whql.exe
[2012.05.09 21:37:33 | 000,892,360 | ---- | C] (Oracle Corporation) -- C:\Programme\chromeinstall-7u4.exe
[2012.05.02 12:27:47 | 035,344,784 | ---- | C] (Spiceworks, Inc.) -- C:\Programme\Spiceworks.exe
[2012.05.01 17:21:32 | 000,944,264 | ---- | C] (Skype Technologies S.A.) -- C:\Programme\SkypeSetup.exe
[2012.04.22 21:59:13 | 029,867,432 | ---- | C] (Google Inc.) -- C:\Programme\chrome_installer.exe
[2012.04.13 20:39:16 | 357,596,736 | ---- | C] (G Data Software AG) -- C:\Programme\GER_R_FUL_2013_AV.exe
[2012.04.12 12:32:13 | 000,533,560 | ---- | C] (NCH Software) -- C:\Programme\prismpsetup.exe
[2012.04.12 11:03:41 | 009,330,176 | ---- | C] (Irfan Skiljan) -- C:\Programme\irfanview_plugins_433_setup.exe
[2012.04.12 00:53:59 | 000,761,152 | ---- | C] (RealNetworks, Inc.) -- C:\Programme\RealPlayer_de.exe
[2012.04.10 08:06:01 | 020,410,664 | ---- | C] (TomTom International B.V.) -- C:\Programme\TomTomHOME2winlatest.exe
[2012.04.09 13:39:22 | 001,538,560 | ---- | C] (Irfan Skiljan) -- C:\Programme\iview433_setup.exe
[2012.04.08 21:22:46 | 002,308,368 | ---- | C] (SANDBOXIE L.T.D) -- C:\Programme\SandboxieInstall.exe
[2012.04.08 16:56:21 | 025,766,024 | ---- | C] (Microsoft Corporation) -- C:\Programme\wmp11-windowsxp-x86-DE-DE.exe
[2012.04.05 18:11:56 | 019,430,640 | ---- | C] (Microsoft Corporation) -- C:\Programme\ie8-setup-full.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.10 18:04:13 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe
[2012.09.10 17:55:38 | 000,791,112 | ---- | M] () -- C:\WINDOWS\System32\sig.bin
[2012.09.10 17:55:38 | 000,043,872 | ---- | M] () -- C:\WINDOWS\System32\nmp.map
[2012.09.10 17:52:38 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.09.10 17:51:42 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.09.10 17:51:00 | 000,013,734 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.09.10 17:50:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.09 23:48:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.09.09 16:43:22 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.09.09 16:43:07 | 000,125,952 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.08 06:52:44 | 000,492,796 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.09.08 06:52:44 | 000,473,092 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.09.08 06:52:44 | 000,091,054 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.09.08 06:52:44 | 000,076,186 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.09.06 23:51:09 | 000,003,418 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2012.09.06 19:41:29 | 000,032,069 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Attachments_2012_09_6.zip
[2012.09.06 16:22:53 | 000,511,265 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\adwcleaner.exe
[2012.08.25 16:56:06 | 003,004,752 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\15 - Der Kuckuck Und Der Esel.mp3
[2012.08.25 09:35:27 | 000,000,080 | ---- | M] () -- C:\WINDOWS\wiso.ini
[2012.08.24 21:18:12 | 000,003,127 | ---- | M] () -- C:\WINDOWS\musi.ini
[2012.08.24 17:58:31 | 126,001,196 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Altgl_0.wav
[2012.08.20 14:58:37 | 003,888,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche2.bmp
[2012.08.20 14:57:15 | 003,888,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche.bmp
[2012.08.20 00:24:36 | 000,043,973 | ---- | M] () -- C:\Dokumente
[2012.08.17 18:35:14 | 002,322,184 | ---- | M] (ESET) -- C:\Programme\esetsmartinstaller_deu.exe
[2012.08.17 07:50:27 | 000,170,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.08.17 01:25:01 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.08.16 11:40:09 | 005,166,395 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Zulasung und Fahrerlaubnis.pdf
[2012.08.15 00:21:29 | 028,820,624 | ---- | M] (DVDVideoSoft Ltd.                                           ) -- C:\Programme\FreeVideoToMP3Converter5.0.15.706[1].exe
[2012.08.14 22:09:10 | 001,144,592 | ---- | M] () -- C:\Programme\MusicConverterSetup.exe
[2012.08.14 21:51:54 | 002,397,968 | ---- | M] (Conduit) -- C:\Programme\FileConverter_1_3.exe
[2012.08.13 00:16:08 | 152,822,440 | ---- | M] (Emsisoft GmbH                                               ) -- C:\Programme\EmsisoftAntiMalwareSetup_5987352.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.06 19:41:34 | 000,032,069 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Attachments_2012_09_6.zip
[2012.09.06 16:23:06 | 000,511,265 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\adwcleaner.exe
[2012.08.24 17:58:21 | 126,001,196 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Altgl_0.wav
[2012.08.20 14:58:37 | 003,888,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche2.bmp
[2012.08.20 14:57:15 | 003,888,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche.bmp
[2012.08.20 00:24:26 | 000,043,973 | ---- | C] () -- C:\Dokumente
[2012.08.17 23:31:48 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.08.16 13:40:55 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.08.16 11:39:06 | 005,166,395 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Zulasung und Fahrerlaubnis.pdf
[2012.08.14 22:09:10 | 001,144,592 | ---- | C] () -- C:\Programme\MusicConverterSetup.exe
[2012.08.07 22:32:26 | 022,723,832 | ---- | C] () -- C:\Programme\vlc-2.0.3-win32.exe
[2012.08.01 09:22:10 | 000,000,055 | ---- | C] () -- C:\WINDOWS\TC.INI
[2012.07.12 12:04:52 | 000,000,393 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\HamsterVideoConverterSettings.cfg
[2012.07.11 14:11:39 | 000,788,552 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.07.08 01:05:16 | 000,155,022 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2025429265-1417001333-839522115-1003-0.dat
[2012.07.08 01:05:15 | 000,155,022 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.06.25 23:28:53 | 000,003,204 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2012.05.18 18:13:34 | 000,003,418 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2012.05.05 19:31:46 | 001,507,138 | ---- | C] () -- C:\Programme\wrar42b1.exe
[2012.04.23 00:32:04 | 126,041,088 | ---- | C] () -- C:\Programme\ts_6_0_36.exe
[2012.04.22 23:19:29 | 002,762,128 | ---- | C] () -- C:\Programme\mypwin250de.exe
[2012.04.22 15:28:35 | 017,458,000 | ---- | C] () -- C:\Programme\GoogleEarthWin.exe
[2012.04.22 14:27:54 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.04.22 14:27:53 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.04.22 14:27:53 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.04.22 14:27:26 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012.04.22 12:29:43 | 000,264,271 | ---- | C] () -- C:\Programme\FHSetup.exe
[2012.04.13 20:59:13 | 000,381,952 | ---- | C] () -- C:\Programme\AVCleaner.exe
[2012.04.12 01:01:37 | 000,125,952 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.12 00:52:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012.04.10 10:51:54 | 000,000,212 | ---- | C] () -- C:\WINDOWS\BUHL.INI
[2012.04.09 23:52:54 | 000,827,392 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2012.04.09 23:52:53 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2012.04.09 23:52:52 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2012.04.09 23:52:52 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2012.04.09 23:52:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2012.04.09 23:52:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2012.04.08 22:11:03 | 000,000,075 | ---- | C] () -- C:\WINDOWS\muserr.ini
[2012.04.08 18:57:16 | 000,003,127 | ---- | C] () -- C:\WINDOWS\musi.ini
[2012.04.08 17:32:46 | 000,050,072 | ---- | C] () -- C:\WINDOWS\System32\DXTSERV.DLL
[2012.04.08 17:32:46 | 000,005,408 | ---- | C] () -- C:\WINDOWS\System32\Vb2olecf.dll
[2012.04.08 17:32:45 | 000,005,877 | ---- | C] () -- C:\WINDOWS\System32\Dxintl.dll
[2012.04.08 17:32:44 | 000,236,734 | ---- | C] () -- C:\WINDOWS\System32\Pxengwin.dll
[2012.04.08 16:01:43 | 000,000,080 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2012.04.08 15:59:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.04.08 14:10:33 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2012.04.08 12:09:02 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\CNCFLdNL.DLL
[2012.04.08 11:46:34 | 000,791,112 | ---- | C] () -- C:\WINDOWS\System32\sig.bin
[2012.04.08 00:19:05 | 000,002,951 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Config.nt.bak
[2012.04.08 00:19:05 | 000,001,806 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Autoexec.nt.bak
[2012.04.08 00:19:05 | 000,000,820 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\hosts.bak
[2012.04.07 23:51:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.04.07 23:49:59 | 000,170,688 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.04.07 23:34:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012.04.07 23:32:09 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012.04.07 23:03:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.04.07 22:59:24 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.04.05 18:11:57 | 003,400,800 | ---- | C] () -- C:\Programme\termin2.exe
[2012.04.05 18:11:57 | 000,643,854 | ---- | C] () -- C:\Programme\sss_4.7.1.exe
[2012.04.05 18:11:53 | 031,252,480 | ---- | C] () -- C:\Programme\Basic_Starter_Pack.exe
 
========== LOP Check ==========
 
[2012.04.18 19:19:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AlawarWrapper
[2012.06.25 10:18:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2012.04.08 12:10:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2012.07.07 13:21:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM
[2012.08.02 21:08:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.04.13 22:53:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2012.05.17 00:39:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2012.06.29 11:59:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Stylus Studio
[2012.04.10 08:07:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2012.08.02 21:09:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.08.02 21:08:04 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.08.24 23:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Ahnenblatt
[2012.04.22 15:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AnvSoft
[2012.07.07 13:33:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\BrowserCompanion
[2012.04.22 23:00:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Canon
[2012.08.20 00:24:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.04.22 09:45:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Free Spider TreeCardGames
[2012.05.09 21:40:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Oracle
[2012.06.29 11:35:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\PhotoFiltre Studio X
[2012.08.22 14:04:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\RPPrivate
[2012.06.29 11:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Stylus Studio
[2012.06.25 23:29:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\systweak
[2012.04.10 08:06:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TomTom
[2012.08.02 21:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TuneUp Software
[2012.08.06 07:42:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\UpdatusUser\Anwendungsdaten\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
Invalid Environment Variable:  ALLUSERSPROFILE
 
< % ALLUSERSPROFILE% \ Application Data \ *. Exe / s >
Invalid Switch: s
Invalid Environment Variable:  APPDATA
 
< % APPDATA% \ *. Exe / s >
Invalid Switch: s
Invalid Environment Variable:  Systemlaufwerk
 
< / Md5start >
Invalid Switch: Md5start
 
< wininit.exe >
 
< userinit.exe >
 
< eventlog.dll >
 
< scecli.dll >
 
< Netlogon.dll >
 
< cngaudit.dll >
 
< ws2ifsl.sys >
 
< sceclt.dll >
 
< ntelogon.dll >
 
< winlogon.exe >
 
< logevent.dll >
 
< user32.dll >
 
< iaStor.sys >
 
< nvstor.sys >
 
< atapi.sys >
 
< IdeChnDr.sys >
 
< viasraid.sys >
 
< Agp440.sys >
 
< vaxscsi.sys >
 
< nvatabus.sys >
 
< viamraid.sys >
 
< nvata.sys >
 
< nvgts.sys >
 
< iastorv.sys >
 
< ViPrt.sys >
 
< eNetHook.dll >
 
< ahcix86.sys >
 
< KR10N.sys >
 
< nvstor32.sys >
 
< ahcix86s.sys >
 
< / Md5stop >
Invalid Switch: Md5stop
 
< % Systemroot% \ system32 \ drivers \ *. Sys / lockedfiles >
Invalid Switch: lockedfiles
Invalid Environment Variable:  Systemroot
 
< % Systemroot% \ *. / Mp / s >
Invalid Switch: s
 
< % Systemroot% \ system32 \ *. Dll / lockedfiles >
Invalid Switch: lockedfiles
 
<           >

< End of report >

cosinus · 10.09.2012, 20:39

Da ist irgendwas völlig schiefgelaufen
Bitte das Log nochmal erstellen
Achte darauf, dass du wirklich 1:1 den CODE-Schnippel kopierst und bei OTL einfügst!

WolfgangGK · 10.09.2012, 22:16

Hallo, neuer Versuch. Von Deinem Code-Schnippel fehlte die letzte Zeile.

Code:

ATTFilter

OTL logfile created on: 10.09.2012 22:55:27 - Run 4
OTL by OldTimer - Version 3.2.61.3     Folder = C:\Dokumente und Einstellungen\Besitzer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 0,96 Gb Available Physical Memory | 51,15% Memory free
3,72 Gb Paging File | 2,79 Gb Available in Paging File | 75,04% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 185,55 Gb Total Space | 125,22 Gb Free Space | 67,48% Space Free | Partition Type: NTFS
 
Computer Name: PAPI-76572328B9 | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Real\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe (SpeedBit Ltd.)
PRC - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\chrome_frame_helper.exe (Google Inc.)
PRC - C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe (G Data Software AG)
PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Programme\FileHippo.com\UpdateChecker.exe (FileHippo.com)
PRC - C:\Programme\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Programme\Softwarenetz\Terminkalender2\kalender2.exe (softwarenetz.de)
PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gigaset DECT\talk&surf_6_0\semon21.exe (Siemens AG)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
PRC - C:\Programme\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe (Siemens)
PRC - C:\WINDOWS\system32\SerExt.exe (Siemens AG)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Gemeinsame Dateien\G DATA\AVKScanP\Avast5\defs\12091001\algo.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\ppgooglenaclpluginchrome.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\pdf.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\avutil-51.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\avformat-54.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\avcodec-54.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Programme\Gigaset DECT\talk&surf_6_0\dectcontrol.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (VideoAcceleratorService) -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe (SpeedBit Ltd.)
SRV - (a2AntiMalware) -- C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AVKWCtl) -- C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe (G Data Software AG)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (AVKProxy) -- C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (GDScan) -- C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKService) -- C:\Programme\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (IJPLMSVC) -- C:\Programme\Canon\IJPLM\ijplmsvc.exe ()
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (CCALib8) -- C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (xControlCOM) -- C:\Programme\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe (Siemens)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (Sunkfiltp) -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys File not found
DRV - (SunkFilt6) -- C:\WINDOWS\System32\Drivers\sunkfilt6.sys File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (GDTdiInterceptor) -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys (G Data Software AG)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (a2acc) -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys (Emsisoft GmbH)
DRV - (GRD) -- C:\WINDOWS\system32\drivers\GRD.sys (G Data Software)
DRV - (GDMnIcpt) -- C:\WINDOWS\system32\drivers\MiniIcpt.sys (G Data Software AG)
DRV - (HookCentre) -- C:\WINDOWS\system32\drivers\HookCentre.sys (G Data Software AG)
DRV - (GDBehave) -- C:\WINDOWS\system32\drivers\GDBehave.sys (G Data Software AG)
DRV - (A2DDA) -- C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys (Emsi Software GmbH)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (BS_I2cIo) -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys (BIOSTAR Group)
DRV - (BIOS) -- C:\WINDOWS\system32\drivers\BIOS.sys (BIOSTAR Group)
DRV - (Gigusb) -- C:\WINDOWS\system32\drivers\Gigusb.sys (Siemens AG)
DRV - (DectEnum) -- C:\WINDOWS\system32\drivers\DectEnum.sys (Siemens AG)
DRV - (siellif) -- C:\WINDOWS\system32\drivers\siellif.sys (Siemens AG)
DRV - (IUAPIWDM) -- C:\WINDOWS\system32\drivers\IUAPIWDM.sys (SIEMENS AG)
DRV - (HRCMPA) -- C:\WINDOWS\system32\drivers\hrcmpa.sys (SIEMENS AG)
DRV - (NDISCAPI) -- C:\WINDOWS\system32\drivers\ndiscapi.sys (SIEMENS AG)
DRV - (CAPI) -- C:\WINDOWS\system32\drivers\capi.sys (SIEMENS AG)
DRV - (SunkFilt62) -- C:\WINDOWS\system32\drivers\sunkfilt62.sys (Alcor Micro, Corp.)
DRV - (vmdmd) -- C:\WINDOWS\system32\drivers\vmdmd.sys (SIEMENS AG)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{153F0B84-E0A6-40E4-9FC5-17BA5C020C5A}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=90&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes,Backup.Old.DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes,DefaultScope = {4D44BF90-E948-4783-8822-419C6D6AA853}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes\{4D44BF90-E948-4783-8822-419C6D6AA853}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes\{9EA1C821-D660-4C4D-8D89-0DA55F6363A4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\programme\real\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\programme\real\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\programme\real\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.04 15:54:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.04 15:54:33 | 000,000,000 | ---D | M]
 
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Extensions
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2012.04.13 19:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.yahoo.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.yahoo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.11.21.5_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c:\programme\real\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\programme\real\Netscape6\nprpplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Programme\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\programme\real\Netscape6\nprjplug.dll
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
 
O1 HOSTS File: ([2004.08.04 12:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [emsisoft anti-malware] C:\Programme\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [SerExt] C:\WINDOWS\System32\SerExt.exe (Siemens AG)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Sunkist2k] C:\Programme\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\real\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [ChromeFrameHelper] C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\chrome_frame_helper.exe (Google Inc.)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [FileHippo.com] C:\Programme\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [SandboxieControl] C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [TomTomHOME.exe] C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\talk&surf 6.0 - Monitor.lnk = C:\Programme\Gigaset DECT\talk&surf_6_0\semon21.exe (Siemens AG)
O4 - Startup: C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\Terminkalender2.lnk = C:\Programme\Softwarenetz\Terminkalender2\kalender2.exe (softwarenetz.de)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-1417001333-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programme\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1333840740140 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1333841194171 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A4B7A17-6D9F-41EC-BBA5-689A5CC1318D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O27 - HKLM IFEO\flashranger.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\googleearth.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.04.07 23:02:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell - "" = AutoRun
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^CAPI - Monitor.lnk - C:\Programme\Gigaset DECT\capi\Tools\CALLTRAY.exe - (EllSoft Software Development & Design                                  )
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk - C:\Programme\WISO\Steuersoftware 2012\mshaktuell.exe - ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - 
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4AADD1F0-17A8-4349-943F-9C7B5E3F9CB4} - Yahoo! Toolbar
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {4FB202B3-4735-4C4D-957E-0C8CA2FE17EB} - Yahoo! Search Setting Update
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Programme\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D15293F9-CD53-4FA4-9E48-E161B336F03D} - NoIE8Tour
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{A0836101-83D2-48A7-9AC3-EB93431326FD} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.10 18:04:27 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe
[2012.09.05 22:40:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2012.09.05 20:43:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Sandboxie
[2012.08.23 18:17:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TomTom
[2012.08.19 21:24:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Marga
[2012.08.17 18:35:26 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.08.17 18:35:16 | 002,322,184 | ---- | C] (ESET) -- C:\Programme\esetsmartinstaller_deu.exe
[2012.08.17 15:32:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.08.15 00:21:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.08.15 00:20:38 | 028,820,624 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- C:\Programme\FreeVideoToMP3Converter5.0.15.706[1].exe
[2012.08.14 21:52:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\CRE
[2012.08.14 21:51:44 | 002,397,968 | ---- | C] (Conduit) -- C:\Programme\FileConverter_1_3.exe
[2012.08.13 09:48:52 | 002,502,752 | ---- | C] (softwarenetz.de) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\kalender2.exe
[2012.08.13 00:21:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Emsisoft Anti-Malware
[2012.08.13 00:19:54 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware
[2012.08.13 00:19:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Anti-Malware
[2012.08.13 00:11:22 | 152,822,440 | ---- | C] (Emsisoft GmbH                                               ) -- C:\Programme\EmsisoftAntiMalwareSetup_5987352.exe
[2012.08.08 17:06:57 | 010,652,120 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Programme\mbam-setup-1.62.0.1300.exe
[2012.08.03 16:50:02 | 000,886,136 | ---- | C] (R&E Media) -- C:\Programme\RealPlayer10-5GOLD_de.exe
[2012.08.02 21:07:15 | 027,565,488 | ---- | C] (TuneUp Software) -- C:\Programme\TuneUpUtilities2012_de-DE.exe
[2012.07.28 12:21:22 | 001,952,760 | ---- | C] (Driver Whiz) -- C:\Programme\Driverwhiz.exe
[2012.07.13 10:07:51 | 004,668,032 | ---- | C] (Dirk Boettcher                                              ) -- C:\Programme\absetup.exe
[2012.07.12 10:56:20 | 039,483,256 | ---- | C] (Apple Inc.) -- C:\Programme\QuickTimeInstaller.exe
[2012.05.24 17:12:04 | 100,834,120 | ---- | C] (NVIDIA Corporation) -- C:\Programme\301.42-desktop-winxp-32bit-english-whql.exe
[2012.05.09 21:37:33 | 000,892,360 | ---- | C] (Oracle Corporation) -- C:\Programme\chromeinstall-7u4.exe
[2012.05.02 12:27:47 | 035,344,784 | ---- | C] (Spiceworks, Inc.) -- C:\Programme\Spiceworks.exe
[2012.05.01 17:21:32 | 000,944,264 | ---- | C] (Skype Technologies S.A.) -- C:\Programme\SkypeSetup.exe
[2012.04.22 21:59:13 | 029,867,432 | ---- | C] (Google Inc.) -- C:\Programme\chrome_installer.exe
[2012.04.13 20:39:16 | 357,596,736 | ---- | C] (G Data Software AG) -- C:\Programme\GER_R_FUL_2013_AV.exe
[2012.04.12 12:32:13 | 000,533,560 | ---- | C] (NCH Software) -- C:\Programme\prismpsetup.exe
[2012.04.12 11:03:41 | 009,330,176 | ---- | C] (Irfan Skiljan) -- C:\Programme\irfanview_plugins_433_setup.exe
[2012.04.12 00:53:59 | 000,761,152 | ---- | C] (RealNetworks, Inc.) -- C:\Programme\RealPlayer_de.exe
[2012.04.10 08:06:01 | 020,410,664 | ---- | C] (TomTom International B.V.) -- C:\Programme\TomTomHOME2winlatest.exe
[2012.04.09 13:39:22 | 001,538,560 | ---- | C] (Irfan Skiljan) -- C:\Programme\iview433_setup.exe
[2012.04.08 21:22:46 | 002,308,368 | ---- | C] (SANDBOXIE L.T.D) -- C:\Programme\SandboxieInstall.exe
[2012.04.08 16:56:21 | 025,766,024 | ---- | C] (Microsoft Corporation) -- C:\Programme\wmp11-windowsxp-x86-DE-DE.exe
[2012.04.05 18:11:56 | 019,430,640 | ---- | C] (Microsoft Corporation) -- C:\Programme\ie8-setup-full.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.10 22:48:02 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.09.10 21:54:57 | 000,791,112 | ---- | M] () -- C:\WINDOWS\System32\sig.bin
[2012.09.10 21:54:57 | 000,043,872 | ---- | M] () -- C:\WINDOWS\System32\nmp.map
[2012.09.10 18:04:13 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe
[2012.09.10 17:52:38 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.09.10 17:51:42 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.09.10 17:51:00 | 000,013,734 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.09.10 17:50:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.09 16:43:22 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.09.09 16:43:07 | 000,125,952 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.08 06:52:44 | 000,492,796 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.09.08 06:52:44 | 000,473,092 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.09.08 06:52:44 | 000,091,054 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.09.08 06:52:44 | 000,076,186 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.09.06 23:51:09 | 000,003,418 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2012.09.06 19:41:29 | 000,032,069 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Attachments_2012_09_6.zip
[2012.09.06 16:22:53 | 000,511,265 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\adwcleaner.exe
[2012.08.25 16:56:06 | 003,004,752 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\15 - Der Kuckuck Und Der Esel.mp3
[2012.08.25 09:35:27 | 000,000,080 | ---- | M] () -- C:\WINDOWS\wiso.ini
[2012.08.24 21:18:12 | 000,003,127 | ---- | M] () -- C:\WINDOWS\musi.ini
[2012.08.24 17:58:31 | 126,001,196 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Altgl_0.wav
[2012.08.20 14:58:37 | 003,888,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche2.bmp
[2012.08.20 14:57:15 | 003,888,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche.bmp
[2012.08.20 00:24:36 | 000,043,973 | ---- | M] () -- C:\Dokumente
[2012.08.17 18:35:14 | 002,322,184 | ---- | M] (ESET) -- C:\Programme\esetsmartinstaller_deu.exe
[2012.08.17 07:50:27 | 000,170,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.08.17 01:25:01 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.08.16 11:40:09 | 005,166,395 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Zulasung und Fahrerlaubnis.pdf
[2012.08.15 00:21:29 | 028,820,624 | ---- | M] (DVDVideoSoft Ltd.                                           ) -- C:\Programme\FreeVideoToMP3Converter5.0.15.706[1].exe
[2012.08.14 22:09:10 | 001,144,592 | ---- | M] () -- C:\Programme\MusicConverterSetup.exe
[2012.08.14 21:51:54 | 002,397,968 | ---- | M] (Conduit) -- C:\Programme\FileConverter_1_3.exe
[2012.08.13 00:16:08 | 152,822,440 | ---- | M] (Emsisoft GmbH                                               ) -- C:\Programme\EmsisoftAntiMalwareSetup_5987352.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.06 19:41:34 | 000,032,069 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Attachments_2012_09_6.zip
[2012.09.06 16:23:06 | 000,511,265 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\adwcleaner.exe
[2012.08.24 17:58:21 | 126,001,196 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Altgl_0.wav
[2012.08.20 14:58:37 | 003,888,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche2.bmp
[2012.08.20 14:57:15 | 003,888,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche.bmp
[2012.08.20 00:24:26 | 000,043,973 | ---- | C] () -- C:\Dokumente
[2012.08.17 23:31:48 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.08.16 13:40:55 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.08.16 11:39:06 | 005,166,395 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Zulasung und Fahrerlaubnis.pdf
[2012.08.14 22:09:10 | 001,144,592 | ---- | C] () -- C:\Programme\MusicConverterSetup.exe
[2012.08.07 22:32:26 | 022,723,832 | ---- | C] () -- C:\Programme\vlc-2.0.3-win32.exe
[2012.08.01 09:22:10 | 000,000,055 | ---- | C] () -- C:\WINDOWS\TC.INI
[2012.07.12 12:04:52 | 000,000,393 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\HamsterVideoConverterSettings.cfg
[2012.07.11 14:11:39 | 000,788,552 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.07.08 01:05:16 | 000,155,022 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2025429265-1417001333-839522115-1003-0.dat
[2012.07.08 01:05:15 | 000,155,022 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.06.25 23:28:53 | 000,003,204 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2012.05.18 18:13:34 | 000,003,418 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2012.05.05 19:31:46 | 001,507,138 | ---- | C] () -- C:\Programme\wrar42b1.exe
[2012.04.23 00:32:04 | 126,041,088 | ---- | C] () -- C:\Programme\ts_6_0_36.exe
[2012.04.22 23:19:29 | 002,762,128 | ---- | C] () -- C:\Programme\mypwin250de.exe
[2012.04.22 15:28:35 | 017,458,000 | ---- | C] () -- C:\Programme\GoogleEarthWin.exe
[2012.04.22 14:27:54 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.04.22 14:27:53 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.04.22 14:27:53 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.04.22 14:27:26 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012.04.22 12:29:43 | 000,264,271 | ---- | C] () -- C:\Programme\FHSetup.exe
[2012.04.13 20:59:13 | 000,381,952 | ---- | C] () -- C:\Programme\AVCleaner.exe
[2012.04.12 01:01:37 | 000,125,952 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.12 00:52:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012.04.10 10:51:54 | 000,000,212 | ---- | C] () -- C:\WINDOWS\BUHL.INI
[2012.04.09 23:52:54 | 000,827,392 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2012.04.09 23:52:53 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2012.04.09 23:52:52 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2012.04.09 23:52:52 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2012.04.09 23:52:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2012.04.09 23:52:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2012.04.08 22:11:03 | 000,000,075 | ---- | C] () -- C:\WINDOWS\muserr.ini
[2012.04.08 18:57:16 | 000,003,127 | ---- | C] () -- C:\WINDOWS\musi.ini
[2012.04.08 17:32:46 | 000,050,072 | ---- | C] () -- C:\WINDOWS\System32\DXTSERV.DLL
[2012.04.08 17:32:46 | 000,005,408 | ---- | C] () -- C:\WINDOWS\System32\Vb2olecf.dll
[2012.04.08 17:32:45 | 000,005,877 | ---- | C] () -- C:\WINDOWS\System32\Dxintl.dll
[2012.04.08 17:32:44 | 000,236,734 | ---- | C] () -- C:\WINDOWS\System32\Pxengwin.dll
[2012.04.08 16:01:43 | 000,000,080 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2012.04.08 15:59:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.04.08 14:10:33 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2012.04.08 12:09:02 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\CNCFLdNL.DLL
[2012.04.08 11:46:34 | 000,791,112 | ---- | C] () -- C:\WINDOWS\System32\sig.bin
[2012.04.08 00:19:05 | 000,002,951 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Config.nt.bak
[2012.04.08 00:19:05 | 000,001,806 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Autoexec.nt.bak
[2012.04.08 00:19:05 | 000,000,820 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\hosts.bak
[2012.04.07 23:51:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.04.07 23:49:59 | 000,170,688 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.04.07 23:34:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012.04.07 23:32:09 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012.04.07 23:03:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.04.07 22:59:24 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.04.05 18:11:57 | 003,400,800 | ---- | C] () -- C:\Programme\termin2.exe
[2012.04.05 18:11:57 | 000,643,854 | ---- | C] () -- C:\Programme\sss_4.7.1.exe
[2012.04.05 18:11:53 | 031,252,480 | ---- | C] () -- C:\Programme\Basic_Starter_Pack.exe
 
========== LOP Check ==========
 
[2012.04.18 19:19:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AlawarWrapper
[2012.06.25 10:18:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2012.04.08 12:10:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2012.07.07 13:21:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM
[2012.08.02 21:08:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.04.13 22:53:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2012.05.17 00:39:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2012.06.29 11:59:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Stylus Studio
[2012.04.10 08:07:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2012.08.02 21:09:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.08.02 21:08:04 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.08.24 23:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Ahnenblatt
[2012.04.22 15:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AnvSoft
[2012.07.07 13:33:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\BrowserCompanion
[2012.04.22 23:00:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Canon
[2012.08.20 00:24:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.04.22 09:45:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Free Spider TreeCardGames
[2012.05.09 21:40:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Oracle
[2012.06.29 11:35:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\PhotoFiltre Studio X
[2012.08.22 14:04:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\RPPrivate
[2012.06.29 11:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Stylus Studio
[2012.06.25 23:29:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\systweak
[2012.04.10 08:06:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TomTom
[2012.08.02 21:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TuneUp Software
[2012.08.06 07:42:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\UpdatusUser\Anwendungsdaten\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
Invalid Environment Variable:  ALLUSERSPROFILE
 
< % ALLUSERSPROFILE% \ Application Data \ *. Exe / s >
Invalid Switch: s
Invalid Environment Variable:  APPDATA
 
< % APPDATA% \ *. Exe / s >
Invalid Switch: s
Invalid Environment Variable:  Systemlaufwerk
 
< / Md5start >
Invalid Switch: Md5start
 
< wininit.exe >
 
< userinit.exe >
 
< eventlog.dll >
 
< scecli.dll >
 
< Netlogon.dll >
 
< cngaudit.dll >
 
< ws2ifsl.sys >
 
< sceclt.dll >
 
< ntelogon.dll >
 
< winlogon.exe >
 
< logevent.dll >
 
< user32.dll >
 
< iaStor.sys >
 
< nvstor.sys >
 
< atapi.sys >
 
< IdeChnDr.sys >
 
< viasraid.sys >
 
< Agp440.sys >
 
< vaxscsi.sys >
 
< nvatabus.sys >
 
< viamraid.sys >
 
< nvata.sys >
 
< nvgts.sys >
 
< iastorv.sys >
 
< ViPrt.sys >
 
< eNetHook.dll >
 
< ahcix86.sys >
 
< KR10N.sys >
 
< nvstor32.sys >
 
< ahcix86s.sys >
 
< / Md5stop >
Invalid Switch: Md5stop
 
< % Systemroot% \ system32 \ drivers \ *. Sys / lockedfiles >
Invalid Switch: lockedfiles
Invalid Environment Variable:  Systemroot
 
< % Systemroot% \ *. / Mp / s >
Invalid Switch: s
 
< % Systemroot% \ system32 \ *. Dll / lockedfiles >
Invalid Switch: lockedfiles
 
<           >

< End of report >

cosinus · 10.09.2012, 22:34

Das kann so nicht sein, du hast den Text offensichtlich immer noch nicht 1:1 kopiert

Ist der so lesbarer?

Zitat:

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

WolfgangGK · 11.09.2012, 12:10

Klappe, die Dritte - wenn es jetzt immer noch nicht richtig ist, fällt mir nichts mehr ein, was ich falsch gemacht habe.

Code:

ATTFilter

OTL Extras logfile created on: 11.09.2012 07:28:15 - Run 5
OTL by OldTimer - Version 3.2.61.3     Folder = C:\Dokumente und Einstellungen\Besitzer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 54,83% Memory free
3,72 Gb Paging File | 2,93 Gb Available in Paging File | 78,57% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 185,55 Gb Total Space | 125,19 Gb Free Space | 67,47% Space Free | Partition Type: NTFS
 
Computer Name: PAPI-76572328B9 | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series" = Canon MX310 series
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DC5C87A-D5E8-4A69-86E8-AE4D98FC8196}" = talk&surf Fax
"{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}" = EASIS Screenshot
"{6AA4C81A-D3BA-4B88-94D7-D2797A00C9B6}" = SX2x5 Firmware
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7E350663-86D3-466A-AB79-28156A9ABF6E}_is1" = Hamster Free Video Converter
"{7E7C9FB7-711A-4FF0-B22F-42BD08652096}" = talk&surf 6.0
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{B0F08ACB-6BBA-49A8-8BE9-BBB4C2D8B574}" = G Data AntiVirus 2013
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CA529363-D0F2-41EA-B44B-D7515A254645}" = Multimedia Card Reader
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2FD1079-2CF1-461E-8418-E91CA6656B45}" = BIOS Flash
"{DE6DE775-094F-43C1-8AAF-F67C6A753292}" = Gigaset SX2x5isdn / 417x / 307x
"{DF5F21A4-32FD-4A40-BEC0-7A147B7ED38C}" = talk&surf CAPI
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = HP Basic Starter Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Ahnenblatt_is1" = Ahnenblatt 2.70
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MX310 series Benutzerregistrierung" = Canon MX310 series Benutzerregistrierung
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CSCLIB" = Canon Camera Support Core Library
"D-Info 2000" = D-Info 2000
"D-Route" = D-Route
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EOS Utility" = Canon Utilities EOS Utility
"ESET Online Scanner" = ESET Online Scanner v3
"FileHippo.com" = FileHippo.com Update Checker
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{CA529363-D0F2-41EA-B44B-D7515A254645}" = Multimedia Card Reader
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Octava Light" = Octava Light
"PandaPDFConverter" = PandaPDFConverter
"PhotoStitch" = Canon Utilities PhotoStitch
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 15.0" = RealPlayer
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Sandboxie" = Sandboxie 3.74 (32-bit)
"Terminkalender2" = Softwarenetz Terminkalender2
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC media player" = VLC media player 2.0.3
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Google Chrome Frame" = Google Chrome Frame
"PhotoFiltre Studio X" = PhotoFiltre Studio X
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07.08.2012 16:18:31 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -1199206435.
 
Error - 07.08.2012 16:19:16 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung realplay.exe, Version 15.0.6.14, fehlgeschlagenes
 Modul realplay.exe, Version 15.0.6.14, Fehleradresse 0x0000c0f7.
 
Error - 08.08.2012 12:09:46 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
Error - 12.08.2012 18:05:35 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
Error - 15.08.2012 12:11:33 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
Error - 16.08.2012 16:56:36 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung realtrimmer.exe, Version 15.0.6.14, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x021e0003.
 
Error - 16.08.2012 16:56:49 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -1180351254.
 
Error - 16.08.2012 18:17:16 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung realplay.exe, Version 15.0.6.14, fehlgeschlagenes
 Modul msvcr90.dll, Version 9.0.30729.6161, Fehleradresse 0x00025e37.
 
Error - 16.08.2012 18:17:29 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -1195699539.
 
Error - 05.09.2012 16:29:16 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
[ OSession Events ]
Error - 06.06.2012 10:42:32 | Computer Name = PAPI-76572328B9 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 06.06.2012 10:43:12 | Computer Name = PAPI-76572328B9 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 06.06.2012 10:44:11 | Computer Name = PAPI-76572328B9 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 30
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 08.09.2012 11:38:00 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 08.09.2012 11:38:00 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 08.09.2012 11:38:33 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 08.09.2012 11:38:33 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 08.09.2012 11:54:37 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 08.09.2012 11:54:37 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 09.09.2012 03:44:01 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10010
Description = Der Server "{0341A5EF-7F05-457D-9A05-31EED251F8FA}" konnte innerhalb
 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error - 09.09.2012 03:44:19 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7034
Description = Dienst "xControlCOM" wurde unerwartet beendet. Dies ist bereits 1 
Mal passiert.
 
Error - 09.09.2012 12:16:08 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 09.09.2012 12:16:08 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
 
< End of report >

Code:

ATTFilter

OTL logfile created on: 11.09.2012 07:28:15 - Run 5
OTL by OldTimer - Version 3.2.61.3     Folder = C:\Dokumente und Einstellungen\Besitzer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 54,83% Memory free
3,72 Gb Paging File | 2,93 Gb Available in Paging File | 78,57% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 185,55 Gb Total Space | 125,19 Gb Free Space | 67,47% Space Free | Partition Type: NTFS
 
Computer Name: PAPI-76572328B9 | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Real\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe (SpeedBit Ltd.)
PRC - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\chrome_frame_helper.exe (Google Inc.)
PRC - C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe (G Data Software AG)
PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Programme\FileHippo.com\UpdateChecker.exe (FileHippo.com)
PRC - C:\Programme\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Programme\Softwarenetz\Terminkalender2\kalender2.exe (softwarenetz.de)
PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gigaset DECT\talk&surf_6_0\semon21.exe (Siemens AG)
PRC - C:\Programme\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe (Siemens)
PRC - C:\WINDOWS\system32\SerExt.exe (Siemens AG)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Gemeinsame Dateien\G DATA\AVKScanP\Avast5\defs\12091001\algo.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\ppgooglenaclpluginchrome.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\pdf.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\avutil-51.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\avformat-54.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\avcodec-54.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\msjetoledb40.dll ()
MOD - C:\Programme\Gigaset DECT\talk&surf_6_0\dectcontrol.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (VideoAcceleratorService) -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe (SpeedBit Ltd.)
SRV - (a2AntiMalware) -- C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AVKWCtl) -- C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe (G Data Software AG)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (AVKProxy) -- C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (GDScan) -- C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKService) -- C:\Programme\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (IJPLMSVC) -- C:\Programme\Canon\IJPLM\ijplmsvc.exe ()
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (CCALib8) -- C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (xControlCOM) -- C:\Programme\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe (Siemens)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (Sunkfiltp) -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys File not found
DRV - (SunkFilt6) -- C:\WINDOWS\System32\Drivers\sunkfilt6.sys File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (GDTdiInterceptor) -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys (G Data Software AG)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (a2acc) -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys (Emsisoft GmbH)
DRV - (GRD) -- C:\WINDOWS\system32\drivers\GRD.sys (G Data Software)
DRV - (GDMnIcpt) -- C:\WINDOWS\system32\drivers\MiniIcpt.sys (G Data Software AG)
DRV - (HookCentre) -- C:\WINDOWS\system32\drivers\HookCentre.sys (G Data Software AG)
DRV - (GDBehave) -- C:\WINDOWS\system32\drivers\GDBehave.sys (G Data Software AG)
DRV - (A2DDA) -- C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys (Emsi Software GmbH)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (BS_I2cIo) -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys (BIOSTAR Group)
DRV - (BIOS) -- C:\WINDOWS\system32\drivers\BIOS.sys (BIOSTAR Group)
DRV - (Gigusb) -- C:\WINDOWS\system32\drivers\Gigusb.sys (Siemens AG)
DRV - (DectEnum) -- C:\WINDOWS\system32\drivers\DectEnum.sys (Siemens AG)
DRV - (siellif) -- C:\WINDOWS\system32\drivers\siellif.sys (Siemens AG)
DRV - (IUAPIWDM) -- C:\WINDOWS\system32\drivers\IUAPIWDM.sys (SIEMENS AG)
DRV - (HRCMPA) -- C:\WINDOWS\system32\drivers\hrcmpa.sys (SIEMENS AG)
DRV - (NDISCAPI) -- C:\WINDOWS\system32\drivers\ndiscapi.sys (SIEMENS AG)
DRV - (CAPI) -- C:\WINDOWS\system32\drivers\capi.sys (SIEMENS AG)
DRV - (SunkFilt62) -- C:\WINDOWS\system32\drivers\sunkfilt62.sys (Alcor Micro, Corp.)
DRV - (vmdmd) -- C:\WINDOWS\system32\drivers\vmdmd.sys (SIEMENS AG)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{153F0B84-E0A6-40E4-9FC5-17BA5C020C5A}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=90&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes,Backup.Old.DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes,DefaultScope = {4D44BF90-E948-4783-8822-419C6D6AA853}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes\{4D44BF90-E948-4783-8822-419C6D6AA853}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes\{9EA1C821-D660-4C4D-8D89-0DA55F6363A4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\programme\real\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\programme\real\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\programme\real\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.04 15:54:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.04 15:54:33 | 000,000,000 | ---D | M]
 
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Extensions
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2012.04.13 19:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.yahoo.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.yahoo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.11.21.5_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c:\programme\real\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\programme\real\Netscape6\nprpplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Programme\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\programme\real\Netscape6\nprjplug.dll
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
 
O1 HOSTS File: ([2004.08.04 12:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [emsisoft anti-malware] C:\Programme\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [SerExt] C:\WINDOWS\System32\SerExt.exe (Siemens AG)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Sunkist2k] C:\Programme\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\real\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [ChromeFrameHelper] C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\chrome_frame_helper.exe (Google Inc.)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [FileHippo.com] C:\Programme\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [SandboxieControl] C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [TomTomHOME.exe] C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\talk&surf 6.0 - Monitor.lnk = C:\Programme\Gigaset DECT\talk&surf_6_0\semon21.exe (Siemens AG)
O4 - Startup: C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\Terminkalender2.lnk = C:\Programme\Softwarenetz\Terminkalender2\kalender2.exe (softwarenetz.de)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-1417001333-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programme\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1333840740140 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1333841194171 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A4B7A17-6D9F-41EC-BBA5-689A5CC1318D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O27 - HKLM IFEO\flashranger.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\googleearth.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.04.07 23:02:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell - "" = AutoRun
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^CAPI - Monitor.lnk - C:\Programme\Gigaset DECT\capi\Tools\CALLTRAY.exe - (EllSoft Software Development & Design                                  )
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk - C:\Programme\WISO\Steuersoftware 2012\mshaktuell.exe - ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - 
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4AADD1F0-17A8-4349-943F-9C7B5E3F9CB4} - Yahoo! Toolbar
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {4FB202B3-4735-4C4D-957E-0C8CA2FE17EB} - Yahoo! Search Setting Update
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Programme\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D15293F9-CD53-4FA4-9E48-E161B336F03D} - NoIE8Tour
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{A0836101-83D2-48A7-9AC3-EB93431326FD} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.10 18:04:27 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe
[2012.09.08 06:53:27 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.09.08 06:53:27 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.09.08 06:53:22 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.09.08 06:53:22 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.09.08 06:53:22 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.09.05 22:40:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2012.09.05 20:43:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Sandboxie
[2012.08.23 18:17:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TomTom
[2012.08.19 21:24:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Marga
[2012.08.17 18:35:26 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.08.17 18:35:16 | 002,322,184 | ---- | C] (ESET) -- C:\Programme\esetsmartinstaller_deu.exe
[2012.08.17 15:32:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.08.15 00:21:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.08.15 00:20:38 | 028,820,624 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- C:\Programme\FreeVideoToMP3Converter5.0.15.706[1].exe
[2012.08.14 21:52:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\CRE
[2012.08.14 21:51:44 | 002,397,968 | ---- | C] (Conduit) -- C:\Programme\FileConverter_1_3.exe
[2012.08.14 19:48:17 | 009,232,584 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012.08.13 09:48:52 | 002,502,752 | ---- | C] (softwarenetz.de) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\kalender2.exe
[2012.08.13 00:21:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Emsisoft Anti-Malware
[2012.08.13 00:19:54 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware
[2012.08.13 00:19:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Anti-Malware
[2012.08.13 00:11:22 | 152,822,440 | ---- | C] (Emsisoft GmbH                                               ) -- C:\Programme\EmsisoftAntiMalwareSetup_5987352.exe
[2012.08.08 17:06:57 | 010,652,120 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Programme\mbam-setup-1.62.0.1300.exe
[2012.08.03 16:50:02 | 000,886,136 | ---- | C] (R&E Media) -- C:\Programme\RealPlayer10-5GOLD_de.exe
[2012.08.02 21:07:15 | 027,565,488 | ---- | C] (TuneUp Software) -- C:\Programme\TuneUpUtilities2012_de-DE.exe
[2012.07.28 12:21:22 | 001,952,760 | ---- | C] (Driver Whiz) -- C:\Programme\Driverwhiz.exe
[2012.07.13 10:07:51 | 004,668,032 | ---- | C] (Dirk Boettcher                                              ) -- C:\Programme\absetup.exe
[2012.07.12 10:56:20 | 039,483,256 | ---- | C] (Apple Inc.) -- C:\Programme\QuickTimeInstaller.exe
[2012.05.24 17:12:04 | 100,834,120 | ---- | C] (NVIDIA Corporation) -- C:\Programme\301.42-desktop-winxp-32bit-english-whql.exe
[2012.05.09 21:37:33 | 000,892,360 | ---- | C] (Oracle Corporation) -- C:\Programme\chromeinstall-7u4.exe
[2012.05.02 12:27:47 | 035,344,784 | ---- | C] (Spiceworks, Inc.) -- C:\Programme\Spiceworks.exe
[2012.05.01 17:21:32 | 000,944,264 | ---- | C] (Skype Technologies S.A.) -- C:\Programme\SkypeSetup.exe
[2012.04.22 21:59:13 | 029,867,432 | ---- | C] (Google Inc.) -- C:\Programme\chrome_installer.exe
[2012.04.13 20:39:16 | 357,596,736 | ---- | C] (G Data Software AG) -- C:\Programme\GER_R_FUL_2013_AV.exe
[2012.04.12 12:32:13 | 000,533,560 | ---- | C] (NCH Software) -- C:\Programme\prismpsetup.exe
[2012.04.12 11:03:41 | 009,330,176 | ---- | C] (Irfan Skiljan) -- C:\Programme\irfanview_plugins_433_setup.exe
[2012.04.12 00:53:59 | 000,761,152 | ---- | C] (RealNetworks, Inc.) -- C:\Programme\RealPlayer_de.exe
[2012.04.10 08:06:01 | 020,410,664 | ---- | C] (TomTom International B.V.) -- C:\Programme\TomTomHOME2winlatest.exe
[2012.04.09 13:39:22 | 001,538,560 | ---- | C] (Irfan Skiljan) -- C:\Programme\iview433_setup.exe
[2012.04.08 21:22:46 | 002,308,368 | ---- | C] (SANDBOXIE L.T.D) -- C:\Programme\SandboxieInstall.exe
[2012.04.08 16:56:21 | 025,766,024 | ---- | C] (Microsoft Corporation) -- C:\Programme\wmp11-windowsxp-x86-DE-DE.exe
[2012.04.05 18:11:56 | 019,430,640 | ---- | C] (Microsoft Corporation) -- C:\Programme\ie8-setup-full.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.11 07:22:42 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.09.11 07:21:18 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.09.11 07:20:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.11 00:48:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.09.10 21:54:57 | 000,791,112 | ---- | M] () -- C:\WINDOWS\System32\sig.bin
[2012.09.10 21:54:57 | 000,043,872 | ---- | M] () -- C:\WINDOWS\System32\nmp.map
[2012.09.10 18:04:13 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe
[2012.09.10 17:51:00 | 000,013,734 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.09.09 16:43:22 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.09.09 16:43:07 | 000,125,952 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.08 06:53:13 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.09.08 06:53:11 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.09.08 06:53:11 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012.09.08 06:53:11 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.09.08 06:53:11 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.09.08 06:53:11 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.09.08 06:53:11 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.09.08 06:52:44 | 000,492,796 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.09.08 06:52:44 | 000,473,092 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.09.08 06:52:44 | 000,091,054 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.09.08 06:52:44 | 000,076,186 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.09.06 23:51:09 | 000,003,418 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2012.09.06 19:41:29 | 000,032,069 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Attachments_2012_09_6.zip
[2012.09.06 16:22:53 | 000,511,265 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\adwcleaner.exe
[2012.08.25 16:56:06 | 003,004,752 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\15 - Der Kuckuck Und Der Esel.mp3
[2012.08.25 09:35:27 | 000,000,080 | ---- | M] () -- C:\WINDOWS\wiso.ini
[2012.08.24 21:18:12 | 000,003,127 | ---- | M] () -- C:\WINDOWS\musi.ini
[2012.08.24 17:58:31 | 126,001,196 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Altgl_0.wav
[2012.08.22 07:47:25 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.08.22 07:47:24 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.08.20 14:58:37 | 003,888,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche2.bmp
[2012.08.20 14:57:15 | 003,888,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche.bmp
[2012.08.20 00:24:36 | 000,043,973 | ---- | M] () -- C:\Dokumente
[2012.08.17 18:35:14 | 002,322,184 | ---- | M] (ESET) -- C:\Programme\esetsmartinstaller_deu.exe
[2012.08.17 07:50:27 | 000,170,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.08.17 01:25:01 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.08.16 11:40:09 | 005,166,395 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Zulasung und Fahrerlaubnis.pdf
[2012.08.15 00:21:29 | 028,820,624 | ---- | M] (DVDVideoSoft Ltd.                                           ) -- C:\Programme\FreeVideoToMP3Converter5.0.15.706[1].exe
[2012.08.14 22:09:10 | 001,144,592 | ---- | M] () -- C:\Programme\MusicConverterSetup.exe
[2012.08.14 21:51:54 | 002,397,968 | ---- | M] (Conduit) -- C:\Programme\FileConverter_1_3.exe
[2012.08.14 19:48:17 | 009,232,584 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012.08.13 00:16:08 | 152,822,440 | ---- | M] (Emsisoft GmbH                                               ) -- C:\Programme\EmsisoftAntiMalwareSetup_5987352.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.06 19:41:34 | 000,032,069 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Attachments_2012_09_6.zip
[2012.09.06 16:23:06 | 000,511,265 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\adwcleaner.exe
[2012.08.24 17:58:21 | 126,001,196 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Altgl_0.wav
[2012.08.20 14:58:37 | 003,888,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche2.bmp
[2012.08.20 14:57:15 | 003,888,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche.bmp
[2012.08.20 00:24:26 | 000,043,973 | ---- | C] () -- C:\Dokumente
[2012.08.17 23:31:48 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.08.16 13:40:55 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.08.16 11:39:06 | 005,166,395 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Zulasung und Fahrerlaubnis.pdf
[2012.08.14 22:09:10 | 001,144,592 | ---- | C] () -- C:\Programme\MusicConverterSetup.exe
[2012.08.07 22:32:26 | 022,723,832 | ---- | C] () -- C:\Programme\vlc-2.0.3-win32.exe
[2012.08.01 09:22:10 | 000,000,055 | ---- | C] () -- C:\WINDOWS\TC.INI
[2012.07.12 12:04:52 | 000,000,393 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\HamsterVideoConverterSettings.cfg
[2012.07.11 14:11:39 | 000,788,552 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.07.08 01:05:16 | 000,155,022 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2025429265-1417001333-839522115-1003-0.dat
[2012.07.08 01:05:15 | 000,155,022 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.06.25 23:28:53 | 000,003,204 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2012.05.18 18:13:34 | 000,003,418 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2012.05.05 19:31:46 | 001,507,138 | ---- | C] () -- C:\Programme\wrar42b1.exe
[2012.04.23 00:32:04 | 126,041,088 | ---- | C] () -- C:\Programme\ts_6_0_36.exe
[2012.04.22 23:19:29 | 002,762,128 | ---- | C] () -- C:\Programme\mypwin250de.exe
[2012.04.22 15:28:35 | 017,458,000 | ---- | C] () -- C:\Programme\GoogleEarthWin.exe
[2012.04.22 14:27:54 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.04.22 14:27:53 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.04.22 14:27:53 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.04.22 14:27:26 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012.04.22 12:29:43 | 000,264,271 | ---- | C] () -- C:\Programme\FHSetup.exe
[2012.04.13 20:59:13 | 000,381,952 | ---- | C] () -- C:\Programme\AVCleaner.exe
[2012.04.12 01:01:37 | 000,125,952 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.12 00:52:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012.04.10 10:51:54 | 000,000,212 | ---- | C] () -- C:\WINDOWS\BUHL.INI
[2012.04.09 23:52:54 | 000,827,392 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2012.04.09 23:52:53 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2012.04.09 23:52:52 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2012.04.09 23:52:52 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2012.04.09 23:52:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2012.04.09 23:52:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2012.04.08 22:11:03 | 000,000,075 | ---- | C] () -- C:\WINDOWS\muserr.ini
[2012.04.08 18:57:16 | 000,003,127 | ---- | C] () -- C:\WINDOWS\musi.ini
[2012.04.08 17:32:46 | 000,050,072 | ---- | C] () -- C:\WINDOWS\System32\DXTSERV.DLL
[2012.04.08 17:32:46 | 000,005,408 | ---- | C] () -- C:\WINDOWS\System32\Vb2olecf.dll
[2012.04.08 17:32:45 | 000,005,877 | ---- | C] () -- C:\WINDOWS\System32\Dxintl.dll
[2012.04.08 17:32:44 | 000,236,734 | ---- | C] () -- C:\WINDOWS\System32\Pxengwin.dll
[2012.04.08 16:01:43 | 000,000,080 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2012.04.08 15:59:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.04.08 14:10:33 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2012.04.08 12:09:02 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\CNCFLdNL.DLL
[2012.04.08 11:46:34 | 000,791,112 | ---- | C] () -- C:\WINDOWS\System32\sig.bin
[2012.04.08 00:19:05 | 000,002,951 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Config.nt.bak
[2012.04.08 00:19:05 | 000,001,806 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Autoexec.nt.bak
[2012.04.08 00:19:05 | 000,000,820 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\hosts.bak
[2012.04.07 23:51:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.04.07 23:49:59 | 000,170,688 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.04.07 23:34:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012.04.07 23:32:09 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012.04.07 23:03:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.04.07 22:59:24 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.04.05 18:11:57 | 003,400,800 | ---- | C] () -- C:\Programme\termin2.exe
[2012.04.05 18:11:57 | 000,643,854 | ---- | C] () -- C:\Programme\sss_4.7.1.exe
[2012.04.05 18:11:53 | 031,252,480 | ---- | C] () -- C:\Programme\Basic_Starter_Pack.exe
 
========== LOP Check ==========
 
[2012.04.18 19:19:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AlawarWrapper
[2012.06.25 10:18:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2012.04.08 12:10:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2012.07.07 13:21:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM
[2012.08.02 21:08:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.04.13 22:53:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2012.05.17 00:39:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2012.06.29 11:59:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Stylus Studio
[2012.04.10 08:07:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2012.08.02 21:09:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.08.02 21:08:04 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.08.24 23:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Ahnenblatt
[2012.04.22 15:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AnvSoft
[2012.07.07 13:33:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\BrowserCompanion
[2012.04.22 23:00:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Canon
[2012.08.20 00:24:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.04.22 09:45:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Free Spider TreeCardGames
[2012.05.09 21:40:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Oracle
[2012.06.29 11:35:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\PhotoFiltre Studio X
[2012.08.22 14:04:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\RPPrivate
[2012.06.29 11:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Stylus Studio
[2012.06.25 23:29:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\systweak
[2012.04.10 08:06:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TomTom
[2012.08.02 21:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TuneUp Software
[2012.08.06 07:42:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\UpdatusUser\Anwendungsdaten\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
[2012.08.02 15:17:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\Speedbit
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.04.22 19:56:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Adobe
[2012.08.24 23:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Ahnenblatt
[2012.04.22 15:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AnvSoft
[2012.07.12 14:24:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Apple Computer
[2012.08.14 21:37:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AVS4YOU
[2012.07.07 13:33:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\BrowserCompanion
[2012.04.22 23:00:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Canon
[2012.07.11 12:50:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Corel
[2012.08.20 00:24:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.04.22 09:45:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Free Spider TreeCardGames
[2012.04.23 16:45:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Google
[2012.06.29 19:03:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Help
[2012.06.29 11:35:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Identities
[2012.04.07 23:32:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\InstallShield
[2012.04.08 09:34:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Macromedia
[2012.04.23 14:26:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Malwarebytes
[2012.07.11 12:41:20 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla
[2012.04.12 12:32:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\NCH Software
[2012.04.23 16:45:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\NVIDIA
[2012.05.09 21:40:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Oracle
[2012.06.29 11:35:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\PhotoFiltre Studio X
[2012.08.16 22:56:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Real
[2012.06.30 22:02:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\RealNetworks
[2012.08.22 14:04:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\RPPrivate
[2012.07.06 17:41:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Skype
[2012.06.29 11:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Stylus Studio
[2012.05.09 21:38:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Sun
[2012.06.25 23:29:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\systweak
[2012.04.10 08:06:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TomTom
[2012.08.02 21:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TuneUp Software
[2012.07.29 12:33:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\U3
[2012.08.24 21:35:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\vlc
[2012.04.17 17:11:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\WinRAR
[2012.04.08 00:44:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Yahoo!
 
< %APPDATA%\*.exe /s >
[2012.07.13 10:08:04 | 000,717,322 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Ahnenblatt\unins000.exe
[2012.07.03 15:13:40 | 000,695,448 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\BrowserCompanion\tbhcn.exe
[2012.04.08 00:46:39 | 000,010,134 | R--- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\ARPPRODUCTICON.exe
[2012.04.08 00:46:39 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\ESS.exe1_8CD58354040E47BC85975A0678C33FAD.exe
[2012.04.08 00:46:39 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\ESS.exe2_276EE340B7D241348159236D2AEAEE1D.exe
[2012.04.08 00:46:39 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\ESS.exe_F1B64C616E5144128CDBCC1756D24622.exe
[2012.04.08 00:46:39 | 000,008,854 | R--- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\UNINST_Uninstall_E_B7BACED33D0944288BDA923F95D21A27.exe
[2012.07.21 20:38:49 | 000,449,688 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Real\Update\UpgradeHelper\RealPlayer\10.00\agent\rnupgagent.exe
[2012.07.21 23:42:27 | 028,145,120 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Real\Update\UpgradeHelper\RealPlayer\10.00\agent\stub_data\RealPlayer_de.exe
[2012.07.21 23:40:21 | 000,761,152 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Real\Update\UpgradeHelper\RealPlayer\10.00\agent\stub_exe\RealPlayer_de.exe
[2006.05.24 13:36:46 | 000,110,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\U3\temp\cleanup.exe
 
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
< MD5 for: AGP440.SYS  >
[2004.08.04 12:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2012.04.08 14:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2012.04.08 14:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 12:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2012.04.08 14:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2012.04.08 14:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 12:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: IASTOR.SYS  >
[2007.02.12 21:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\dell\iastor\iastor.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtUninstallKB968389_1$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtUninstallKB975467_1$\netlogon.dll
 
< MD5 for: NVATABUS.SYS  >
[2006.03.17 02:51:32 | 000,099,840 | ---- | M] (NVIDIA Corporation) MD5=B7FB72492B753930EC70A0F49D04F12F -- C:\WINDOWS\dell\nvraid\NvAtaBus.sys
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 12:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2004.08.04 12:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 12:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 12:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 12:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2012.04.08 00:49:15 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >

WolfgangGK · 11.09.2012, 12:12

Klappe, die Dritte - wenn es jetzt immer noch nicht richtig ist, fällt mir nichts mehr ein, was ich falsch gemacht habe.

Code:

ATTFilter

OTL Extras logfile created on: 11.09.2012 07:28:15 - Run 5
OTL by OldTimer - Version 3.2.61.3     Folder = C:\Dokumente und Einstellungen\Besitzer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 54,83% Memory free
3,72 Gb Paging File | 2,93 Gb Available in Paging File | 78,57% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 185,55 Gb Total Space | 125,19 Gb Free Space | 67,47% Space Free | Partition Type: NTFS
 
Computer Name: PAPI-76572328B9 | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX310_series" = Canon MX310 series
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DC5C87A-D5E8-4A69-86E8-AE4D98FC8196}" = talk&surf Fax
"{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}" = EASIS Screenshot
"{6AA4C81A-D3BA-4B88-94D7-D2797A00C9B6}" = SX2x5 Firmware
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76DAEC83-AF7B-333C-8A53-83D7C7D39199}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7E350663-86D3-466A-AB79-28156A9ABF6E}_is1" = Hamster Free Video Converter
"{7E7C9FB7-711A-4FF0-B22F-42BD08652096}" = talk&surf 6.0
"{8E87B944-4815-3C5E-947F-5035C9F64362}" = Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{B0F08ACB-6BBA-49A8-8BE9-BBB4C2D8B574}" = G Data AntiVirus 2013
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CA529363-D0F2-41EA-B44B-D7515A254645}" = Multimedia Card Reader
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2FD1079-2CF1-461E-8418-E91CA6656B45}" = BIOS Flash
"{DE6DE775-094F-43C1-8AAF-F67C6A753292}" = Gigaset SX2x5isdn / 417x / 307x
"{DF5F21A4-32FD-4A40-BEC0-7A147B7ED38C}" = talk&surf CAPI
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = HP Basic Starter Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3B18191663CDFABAA2A93D4267E54D683153FF60" = Windows-Treiberpaket - Advanced Micro Devices (AmdK8) Processor  (05/27/2006 1.3.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Ahnenblatt_is1" = Ahnenblatt 2.70
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MX310 series Benutzerregistrierung" = Canon MX310 series Benutzerregistrierung
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CSCLIB" = Canon Camera Support Core Library
"D-Info 2000" = D-Info 2000
"D-Route" = D-Route
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EOS Utility" = Canon Utilities EOS Utility
"ESET Online Scanner" = ESET Online Scanner v3
"FileHippo.com" = FileHippo.com Update Checker
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"InstallShield_{CA529363-D0F2-41EA-B44B-D7515A254645}" = Multimedia Card Reader
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NeroMultiInstaller!UninstallKey" = Nero Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Octava Light" = Octava Light
"PandaPDFConverter" = PandaPDFConverter
"PhotoStitch" = Canon Utilities PhotoStitch
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 15.0" = RealPlayer
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"Sandboxie" = Sandboxie 3.74 (32-bit)
"Terminkalender2" = Softwarenetz Terminkalender2
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC media player" = VLC media player 2.0.3
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Google Chrome Frame" = Google Chrome Frame
"PhotoFiltre Studio X" = PhotoFiltre Studio X
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07.08.2012 16:18:31 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -1199206435.
 
Error - 07.08.2012 16:19:16 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung realplay.exe, Version 15.0.6.14, fehlgeschlagenes
 Modul realplay.exe, Version 15.0.6.14, Fehleradresse 0x0000c0f7.
 
Error - 08.08.2012 12:09:46 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
Error - 12.08.2012 18:05:35 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
Error - 15.08.2012 12:11:33 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
Error - 16.08.2012 16:56:36 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung realtrimmer.exe, Version 15.0.6.14, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x021e0003.
 
Error - 16.08.2012 16:56:49 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -1180351254.
 
Error - 16.08.2012 18:17:16 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung realplay.exe, Version 15.0.6.14, fehlgeschlagenes
 Modul msvcr90.dll, Version 9.0.30729.6161, Fehleradresse 0x00025e37.
 
Error - 16.08.2012 18:17:29 | Computer Name = PAPI-76572328B9 | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -1195699539.
 
Error - 05.09.2012 16:29:16 | Computer Name = PAPI-76572328B9 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
[ OSession Events ]
Error - 06.06.2012 10:42:32 | Computer Name = PAPI-76572328B9 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 06.06.2012 10:43:12 | Computer Name = PAPI-76572328B9 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 06.06.2012 10:44:11 | Computer Name = PAPI-76572328B9 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 30
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 08.09.2012 11:38:00 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 08.09.2012 11:38:00 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 08.09.2012 11:38:33 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 08.09.2012 11:38:33 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 08.09.2012 11:54:37 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 08.09.2012 11:54:37 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 09.09.2012 03:44:01 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10010
Description = Der Server "{0341A5EF-7F05-457D-9A05-31EED251F8FA}" konnte innerhalb
 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error - 09.09.2012 03:44:19 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7034
Description = Dienst "xControlCOM" wurde unerwartet beendet. Dies ist bereits 1 
Mal passiert.
 
Error - 09.09.2012 12:16:08 | Computer Name = PAPI-76572328B9 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1068" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 09.09.2012 12:16:08 | Computer Name = PAPI-76572328B9 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Universeller Plug & Play-Gerätehost" ist vom Dienst "SSDP-Suchdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
 
< End of report >

Code:

ATTFilter

OTL logfile created on: 11.09.2012 07:28:15 - Run 5
OTL by OldTimer - Version 3.2.61.3     Folder = C:\Dokumente und Einstellungen\Besitzer\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 1,03 Gb Available Physical Memory | 54,83% Memory free
3,72 Gb Paging File | 2,93 Gb Available in Paging File | 78,57% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 185,55 Gb Total Space | 125,19 Gb Free Space | 67,47% Space Free | Partition Type: NTFS
 
Computer Name: PAPI-76572328B9 | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Real\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe (SpeedBit Ltd.)
PRC - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\chrome_frame_helper.exe (Google Inc.)
PRC - C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe (G Data Software AG)
PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Programme\FileHippo.com\UpdateChecker.exe (FileHippo.com)
PRC - C:\Programme\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Programme\Softwarenetz\Terminkalender2\kalender2.exe (softwarenetz.de)
PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gigaset DECT\talk&surf_6_0\semon21.exe (Siemens AG)
PRC - C:\Programme\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe (Siemens)
PRC - C:\WINDOWS\system32\SerExt.exe (Siemens AG)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Gemeinsame Dateien\G DATA\AVKScanP\Avast5\defs\12091001\algo.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\ppgooglenaclpluginchrome.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\pdf.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\avutil-51.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\avformat-54.dll ()
MOD - C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\avcodec-54.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\system32\msjetoledb40.dll ()
MOD - C:\Programme\Gigaset DECT\talk&surf_6_0\dectcontrol.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (VideoAcceleratorService) -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe (SpeedBit Ltd.)
SRV - (a2AntiMalware) -- C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AVKWCtl) -- C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe (G Data Software AG)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (AVKProxy) -- C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (GDScan) -- C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKService) -- C:\Programme\G Data\AntiVirus\AVK\AVKService.exe (G Data Software AG)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (IJPLMSVC) -- C:\Programme\Canon\IJPLM\ijplmsvc.exe ()
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (CCALib8) -- C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (xControlCOM) -- C:\Programme\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe (Siemens)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (Sunkfiltp) -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys File not found
DRV - (SunkFilt6) -- C:\WINDOWS\System32\Drivers\sunkfilt6.sys File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (GDTdiInterceptor) -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys (G Data Software AG)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (a2acc) -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys (Emsisoft GmbH)
DRV - (GRD) -- C:\WINDOWS\system32\drivers\GRD.sys (G Data Software)
DRV - (GDMnIcpt) -- C:\WINDOWS\system32\drivers\MiniIcpt.sys (G Data Software AG)
DRV - (HookCentre) -- C:\WINDOWS\system32\drivers\HookCentre.sys (G Data Software AG)
DRV - (GDBehave) -- C:\WINDOWS\system32\drivers\GDBehave.sys (G Data Software AG)
DRV - (A2DDA) -- C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys (Emsi Software GmbH)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (BS_I2cIo) -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys (BIOSTAR Group)
DRV - (BIOS) -- C:\WINDOWS\system32\drivers\BIOS.sys (BIOSTAR Group)
DRV - (Gigusb) -- C:\WINDOWS\system32\drivers\Gigusb.sys (Siemens AG)
DRV - (DectEnum) -- C:\WINDOWS\system32\drivers\DectEnum.sys (Siemens AG)
DRV - (siellif) -- C:\WINDOWS\system32\drivers\siellif.sys (Siemens AG)
DRV - (IUAPIWDM) -- C:\WINDOWS\system32\drivers\IUAPIWDM.sys (SIEMENS AG)
DRV - (HRCMPA) -- C:\WINDOWS\system32\drivers\hrcmpa.sys (SIEMENS AG)
DRV - (NDISCAPI) -- C:\WINDOWS\system32\drivers\ndiscapi.sys (SIEMENS AG)
DRV - (CAPI) -- C:\WINDOWS\system32\drivers\capi.sys (SIEMENS AG)
DRV - (SunkFilt62) -- C:\WINDOWS\system32\drivers\sunkfilt62.sys (Alcor Micro, Corp.)
DRV - (vmdmd) -- C:\WINDOWS\system32\drivers\vmdmd.sys (SIEMENS AG)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{153F0B84-E0A6-40E4-9FC5-17BA5C020C5A}: "URL" = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=90&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes,Backup.Old.DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes,DefaultScope = {4D44BF90-E948-4783-8822-419C6D6AA853}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes\{4D44BF90-E948-4783-8822-419C6D6AA853}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\..\SearchScopes\{9EA1C821-D660-4C4D-8D89-0DA55F6363A4}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie8
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-2025429265-1417001333-839522115-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\programme\real\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\programme\real\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\programme\real\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.04 15:54:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.04 15:54:33 | 000,000,000 | ---D | M]
 
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Extensions
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2012.04.13 19:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.yahoo.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.yahoo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.11.21.5_0\plugins/np-cwmp.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c:\programme\real\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\programme\real\Netscape6\nprpplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Programme\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\programme\real\Netscape6\nprjplug.dll
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
 
O1 HOSTS File: ([2004.08.04 12:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [emsisoft anti-malware] C:\Programme\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [SerExt] C:\WINDOWS\System32\SerExt.exe (Siemens AG)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Sunkist2k] C:\Programme\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\real\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [ChromeFrameHelper] C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\21.0.1180.60\chrome_frame_helper.exe (Google Inc.)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [FileHippo.com] C:\Programme\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [SandboxieControl] C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003..\Run: [TomTomHOME.exe] C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\talk&surf 6.0 - Monitor.lnk = C:\Programme\Gigaset DECT\talk&surf_6_0\semon21.exe (Siemens AG)
O4 - Startup: C:\Dokumente und Einstellungen\Besitzer\Startmenü\Programme\Autostart\Terminkalender2.lnk = C:\Programme\Softwarenetz\Terminkalender2\kalender2.exe (softwarenetz.de)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-1417001333-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programme\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1333840740140 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1333841194171 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A4B7A17-6D9F-41EC-BBA5-689A5CC1318D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O27 - HKLM IFEO\flashranger.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\googleearth.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - C:\Programme\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.04.07 23:02:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell - "" = AutoRun
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^CAPI - Monitor.lnk - C:\Programme\Gigaset DECT\capi\Tools\CALLTRAY.exe - (EllSoft Software Development & Design                                  )
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^WISO Mein Steuer-Sparbuch heute.lnk - C:\Programme\WISO\Steuersoftware 2012\mshaktuell.exe - ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - 
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4AADD1F0-17A8-4349-943F-9C7B5E3F9CB4} - Yahoo! Toolbar
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {4FB202B3-4735-4C4D-957E-0C8CA2FE17EB} - Yahoo! Search Setting Update
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\advpack.dll,LaunchINFSectionEx C:\Programme\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D15293F9-CD53-4FA4-9E48-E161B336F03D} - NoIE8Tour
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{A0836101-83D2-48A7-9AC3-EB93431326FD} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.09.10 18:04:27 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe
[2012.09.08 06:53:27 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.09.08 06:53:27 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.09.08 06:53:22 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.09.08 06:53:22 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.09.08 06:53:22 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.09.05 22:40:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DESIGNER
[2012.09.05 20:43:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Sandboxie
[2012.08.23 18:17:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TomTom
[2012.08.19 21:24:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Marga
[2012.08.17 18:35:26 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.08.17 18:35:16 | 002,322,184 | ---- | C] (ESET) -- C:\Programme\esetsmartinstaller_deu.exe
[2012.08.17 15:32:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.08.15 00:21:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.08.15 00:20:38 | 028,820,624 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- C:\Programme\FreeVideoToMP3Converter5.0.15.706[1].exe
[2012.08.14 21:52:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\CRE
[2012.08.14 21:51:44 | 002,397,968 | ---- | C] (Conduit) -- C:\Programme\FileConverter_1_3.exe
[2012.08.14 19:48:17 | 009,232,584 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012.08.13 09:48:52 | 002,502,752 | ---- | C] (softwarenetz.de) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\kalender2.exe
[2012.08.13 00:21:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Emsisoft Anti-Malware
[2012.08.13 00:19:54 | 000,000,000 | ---D | C] -- C:\Programme\Emsisoft Anti-Malware
[2012.08.13 00:19:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Anti-Malware
[2012.08.13 00:11:22 | 152,822,440 | ---- | C] (Emsisoft GmbH                                               ) -- C:\Programme\EmsisoftAntiMalwareSetup_5987352.exe
[2012.08.08 17:06:57 | 010,652,120 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Programme\mbam-setup-1.62.0.1300.exe
[2012.08.03 16:50:02 | 000,886,136 | ---- | C] (R&E Media) -- C:\Programme\RealPlayer10-5GOLD_de.exe
[2012.08.02 21:07:15 | 027,565,488 | ---- | C] (TuneUp Software) -- C:\Programme\TuneUpUtilities2012_de-DE.exe
[2012.07.28 12:21:22 | 001,952,760 | ---- | C] (Driver Whiz) -- C:\Programme\Driverwhiz.exe
[2012.07.13 10:07:51 | 004,668,032 | ---- | C] (Dirk Boettcher                                              ) -- C:\Programme\absetup.exe
[2012.07.12 10:56:20 | 039,483,256 | ---- | C] (Apple Inc.) -- C:\Programme\QuickTimeInstaller.exe
[2012.05.24 17:12:04 | 100,834,120 | ---- | C] (NVIDIA Corporation) -- C:\Programme\301.42-desktop-winxp-32bit-english-whql.exe
[2012.05.09 21:37:33 | 000,892,360 | ---- | C] (Oracle Corporation) -- C:\Programme\chromeinstall-7u4.exe
[2012.05.02 12:27:47 | 035,344,784 | ---- | C] (Spiceworks, Inc.) -- C:\Programme\Spiceworks.exe
[2012.05.01 17:21:32 | 000,944,264 | ---- | C] (Skype Technologies S.A.) -- C:\Programme\SkypeSetup.exe
[2012.04.22 21:59:13 | 029,867,432 | ---- | C] (Google Inc.) -- C:\Programme\chrome_installer.exe
[2012.04.13 20:39:16 | 357,596,736 | ---- | C] (G Data Software AG) -- C:\Programme\GER_R_FUL_2013_AV.exe
[2012.04.12 12:32:13 | 000,533,560 | ---- | C] (NCH Software) -- C:\Programme\prismpsetup.exe
[2012.04.12 11:03:41 | 009,330,176 | ---- | C] (Irfan Skiljan) -- C:\Programme\irfanview_plugins_433_setup.exe
[2012.04.12 00:53:59 | 000,761,152 | ---- | C] (RealNetworks, Inc.) -- C:\Programme\RealPlayer_de.exe
[2012.04.10 08:06:01 | 020,410,664 | ---- | C] (TomTom International B.V.) -- C:\Programme\TomTomHOME2winlatest.exe
[2012.04.09 13:39:22 | 001,538,560 | ---- | C] (Irfan Skiljan) -- C:\Programme\iview433_setup.exe
[2012.04.08 21:22:46 | 002,308,368 | ---- | C] (SANDBOXIE L.T.D) -- C:\Programme\SandboxieInstall.exe
[2012.04.08 16:56:21 | 025,766,024 | ---- | C] (Microsoft Corporation) -- C:\Programme\wmp11-windowsxp-x86-DE-DE.exe
[2012.04.05 18:11:56 | 019,430,640 | ---- | C] (Microsoft Corporation) -- C:\Programme\ie8-setup-full.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.09.11 07:22:42 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.09.11 07:21:18 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.09.11 07:20:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.09.11 00:48:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.09.10 21:54:57 | 000,791,112 | ---- | M] () -- C:\WINDOWS\System32\sig.bin
[2012.09.10 21:54:57 | 000,043,872 | ---- | M] () -- C:\WINDOWS\System32\nmp.map
[2012.09.10 18:04:13 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Besitzer\Desktop\OTL.exe
[2012.09.10 17:51:00 | 000,013,734 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.09.09 16:43:22 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.09.09 16:43:07 | 000,125,952 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.08 06:53:13 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.09.08 06:53:11 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.09.08 06:53:11 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012.09.08 06:53:11 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.09.08 06:53:11 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.09.08 06:53:11 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.09.08 06:53:11 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.09.08 06:52:44 | 000,492,796 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.09.08 06:52:44 | 000,473,092 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.09.08 06:52:44 | 000,091,054 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.09.08 06:52:44 | 000,076,186 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.09.06 23:51:09 | 000,003,418 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2012.09.06 19:41:29 | 000,032,069 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Attachments_2012_09_6.zip
[2012.09.06 16:22:53 | 000,511,265 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\adwcleaner.exe
[2012.08.25 16:56:06 | 003,004,752 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\15 - Der Kuckuck Und Der Esel.mp3
[2012.08.25 09:35:27 | 000,000,080 | ---- | M] () -- C:\WINDOWS\wiso.ini
[2012.08.24 21:18:12 | 000,003,127 | ---- | M] () -- C:\WINDOWS\musi.ini
[2012.08.24 17:58:31 | 126,001,196 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Altgl_0.wav
[2012.08.22 07:47:25 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.08.22 07:47:24 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.08.20 14:58:37 | 003,888,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche2.bmp
[2012.08.20 14:57:15 | 003,888,054 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche.bmp
[2012.08.20 00:24:36 | 000,043,973 | ---- | M] () -- C:\Dokumente
[2012.08.17 18:35:14 | 002,322,184 | ---- | M] (ESET) -- C:\Programme\esetsmartinstaller_deu.exe
[2012.08.17 07:50:27 | 000,170,688 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.08.17 01:25:01 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.08.16 11:40:09 | 005,166,395 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Zulasung und Fahrerlaubnis.pdf
[2012.08.15 00:21:29 | 028,820,624 | ---- | M] (DVDVideoSoft Ltd.                                           ) -- C:\Programme\FreeVideoToMP3Converter5.0.15.706[1].exe
[2012.08.14 22:09:10 | 001,144,592 | ---- | M] () -- C:\Programme\MusicConverterSetup.exe
[2012.08.14 21:51:54 | 002,397,968 | ---- | M] (Conduit) -- C:\Programme\FileConverter_1_3.exe
[2012.08.14 19:48:17 | 009,232,584 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2012.08.13 00:16:08 | 152,822,440 | ---- | M] (Emsisoft GmbH                                               ) -- C:\Programme\EmsisoftAntiMalwareSetup_5987352.exe
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.09.06 19:41:34 | 000,032,069 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Attachments_2012_09_6.zip
[2012.09.06 16:23:06 | 000,511,265 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\adwcleaner.exe
[2012.08.24 17:58:21 | 126,001,196 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Desktop\Altgl_0.wav
[2012.08.20 14:58:37 | 003,888,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche2.bmp
[2012.08.20 14:57:15 | 003,888,054 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\alicesuche.bmp
[2012.08.20 00:24:26 | 000,043,973 | ---- | C] () -- C:\Dokumente
[2012.08.17 23:31:48 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2025429265-1417001333-839522115-1003.job
[2012.08.16 13:40:55 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.08.16 11:39:06 | 005,166,395 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\Zulasung und Fahrerlaubnis.pdf
[2012.08.14 22:09:10 | 001,144,592 | ---- | C] () -- C:\Programme\MusicConverterSetup.exe
[2012.08.07 22:32:26 | 022,723,832 | ---- | C] () -- C:\Programme\vlc-2.0.3-win32.exe
[2012.08.01 09:22:10 | 000,000,055 | ---- | C] () -- C:\WINDOWS\TC.INI
[2012.07.12 12:04:52 | 000,000,393 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\HamsterVideoConverterSettings.cfg
[2012.07.11 14:11:39 | 000,788,552 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.07.08 01:05:16 | 000,155,022 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2025429265-1417001333-839522115-1003-0.dat
[2012.07.08 01:05:15 | 000,155,022 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.06.25 23:28:53 | 000,003,204 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2012.05.18 18:13:34 | 000,003,418 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2012.05.05 19:31:46 | 001,507,138 | ---- | C] () -- C:\Programme\wrar42b1.exe
[2012.04.23 00:32:04 | 126,041,088 | ---- | C] () -- C:\Programme\ts_6_0_36.exe
[2012.04.22 23:19:29 | 002,762,128 | ---- | C] () -- C:\Programme\mypwin250de.exe
[2012.04.22 15:28:35 | 017,458,000 | ---- | C] () -- C:\Programme\GoogleEarthWin.exe
[2012.04.22 14:27:54 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.04.22 14:27:53 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.04.22 14:27:53 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.04.22 14:27:26 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012.04.22 12:29:43 | 000,264,271 | ---- | C] () -- C:\Programme\FHSetup.exe
[2012.04.13 20:59:13 | 000,381,952 | ---- | C] () -- C:\Programme\AVCleaner.exe
[2012.04.12 01:01:37 | 000,125,952 | ---- | C] () -- C:\Dokumente und Einstellungen\Besitzer\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.12 00:52:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012.04.10 10:51:54 | 000,000,212 | ---- | C] () -- C:\WINDOWS\BUHL.INI
[2012.04.09 23:52:54 | 000,827,392 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2012.04.09 23:52:53 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2012.04.09 23:52:52 | 000,172,032 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2012.04.09 23:52:52 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2012.04.09 23:52:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2012.04.09 23:52:51 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2012.04.08 22:11:03 | 000,000,075 | ---- | C] () -- C:\WINDOWS\muserr.ini
[2012.04.08 18:57:16 | 000,003,127 | ---- | C] () -- C:\WINDOWS\musi.ini
[2012.04.08 17:32:46 | 000,050,072 | ---- | C] () -- C:\WINDOWS\System32\DXTSERV.DLL
[2012.04.08 17:32:46 | 000,005,408 | ---- | C] () -- C:\WINDOWS\System32\Vb2olecf.dll
[2012.04.08 17:32:45 | 000,005,877 | ---- | C] () -- C:\WINDOWS\System32\Dxintl.dll
[2012.04.08 17:32:44 | 000,236,734 | ---- | C] () -- C:\WINDOWS\System32\Pxengwin.dll
[2012.04.08 16:01:43 | 000,000,080 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2012.04.08 15:59:13 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.04.08 14:10:33 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2012.04.08 12:09:02 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\CNCFLdNL.DLL
[2012.04.08 11:46:34 | 000,791,112 | ---- | C] () -- C:\WINDOWS\System32\sig.bin
[2012.04.08 00:19:05 | 000,002,951 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Config.nt.bak
[2012.04.08 00:19:05 | 000,001,806 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Autoexec.nt.bak
[2012.04.08 00:19:05 | 000,000,820 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\hosts.bak
[2012.04.07 23:51:12 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.04.07 23:49:59 | 000,170,688 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.04.07 23:34:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2012.04.07 23:32:09 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012.04.07 23:03:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.04.07 22:59:24 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.04.05 18:11:57 | 003,400,800 | ---- | C] () -- C:\Programme\termin2.exe
[2012.04.05 18:11:57 | 000,643,854 | ---- | C] () -- C:\Programme\sss_4.7.1.exe
[2012.04.05 18:11:53 | 031,252,480 | ---- | C] () -- C:\Programme\Basic_Starter_Pack.exe
 
========== LOP Check ==========
 
[2012.04.18 19:19:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AlawarWrapper
[2012.06.25 10:18:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2012.04.08 12:10:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2012.07.07 13:21:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM
[2012.08.02 21:08:04 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.04.13 22:53:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2012.05.17 00:39:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2012.06.29 11:59:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Stylus Studio
[2012.04.10 08:07:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2012.08.02 21:09:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.08.02 21:08:04 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.08.24 23:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Ahnenblatt
[2012.04.22 15:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AnvSoft
[2012.07.07 13:33:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\BrowserCompanion
[2012.04.22 23:00:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Canon
[2012.08.20 00:24:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.04.22 09:45:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Free Spider TreeCardGames
[2012.05.09 21:40:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Oracle
[2012.06.29 11:35:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\PhotoFiltre Studio X
[2012.08.22 14:04:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\RPPrivate
[2012.06.29 11:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Stylus Studio
[2012.06.25 23:29:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\systweak
[2012.04.10 08:06:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TomTom
[2012.08.02 21:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TuneUp Software
[2012.08.06 07:42:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\UpdatusUser\Anwendungsdaten\TuneUp Software
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
[2012.08.02 15:17:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\Speedbit
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.04.22 19:56:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Adobe
[2012.08.24 23:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Ahnenblatt
[2012.04.22 15:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AnvSoft
[2012.07.12 14:24:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Apple Computer
[2012.08.14 21:37:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\AVS4YOU
[2012.07.07 13:33:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\BrowserCompanion
[2012.04.22 23:00:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Canon
[2012.07.11 12:50:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Corel
[2012.08.20 00:24:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\DVDVideoSoft
[2012.04.22 09:45:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Free Spider TreeCardGames
[2012.04.23 16:45:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Google
[2012.06.29 19:03:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Help
[2012.06.29 11:35:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Identities
[2012.04.07 23:32:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\InstallShield
[2012.04.08 09:34:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Macromedia
[2012.04.23 14:26:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Malwarebytes
[2012.07.11 12:41:20 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft
[2012.04.10 08:07:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Mozilla
[2012.04.12 12:32:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\NCH Software
[2012.04.23 16:45:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\NVIDIA
[2012.05.09 21:40:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Oracle
[2012.06.29 11:35:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\PhotoFiltre Studio X
[2012.08.16 22:56:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Real
[2012.06.30 22:02:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\RealNetworks
[2012.08.22 14:04:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\RPPrivate
[2012.07.06 17:41:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Skype
[2012.06.29 11:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Stylus Studio
[2012.05.09 21:38:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Sun
[2012.06.25 23:29:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\systweak
[2012.04.10 08:06:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TomTom
[2012.08.02 21:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\TuneUp Software
[2012.07.29 12:33:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\U3
[2012.08.24 21:35:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\vlc
[2012.04.17 17:11:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\WinRAR
[2012.04.08 00:44:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Yahoo!
 
< %APPDATA%\*.exe /s >
[2012.07.13 10:08:04 | 000,717,322 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Ahnenblatt\unins000.exe
[2012.07.03 15:13:40 | 000,695,448 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\BrowserCompanion\tbhcn.exe
[2012.04.08 00:46:39 | 000,010,134 | R--- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\ARPPRODUCTICON.exe
[2012.04.08 00:46:39 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\ESS.exe1_8CD58354040E47BC85975A0678C33FAD.exe
[2012.04.08 00:46:39 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\ESS.exe2_276EE340B7D241348159236D2AEAEE1D.exe
[2012.04.08 00:46:39 | 000,040,960 | R--- | M] (Macrovision Corporation) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\ESS.exe_F1B64C616E5144128CDBCC1756D24622.exe
[2012.04.08 00:46:39 | 000,008,854 | R--- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Microsoft\Installer\{5A9E02AB-91A7-4942-A7F6-C2CE1BA8B92A}\UNINST_Uninstall_E_B7BACED33D0944288BDA923F95D21A27.exe
[2012.07.21 20:38:49 | 000,449,688 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Real\Update\UpgradeHelper\RealPlayer\10.00\agent\rnupgagent.exe
[2012.07.21 23:42:27 | 028,145,120 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Real\Update\UpgradeHelper\RealPlayer\10.00\agent\stub_data\RealPlayer_de.exe
[2012.07.21 23:40:21 | 000,761,152 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Real\Update\UpgradeHelper\RealPlayer\10.00\agent\stub_exe\RealPlayer_de.exe
[2006.05.24 13:36:46 | 000,110,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\U3\temp\cleanup.exe
 
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
< MD5 for: AGP440.SYS  >
[2004.08.04 12:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2012.04.08 14:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2012.04.08 14:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 12:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2012.04.08 14:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2012.04.08 14:31:33 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.04 12:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 12:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: IASTOR.SYS  >
[2007.02.12 21:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\dell\iastor\iastor.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtUninstallKB968389_1$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtUninstallKB975467_1$\netlogon.dll
 
< MD5 for: NVATABUS.SYS  >
[2006.03.17 02:51:32 | 000,099,840 | ---- | M] (NVIDIA Corporation) MD5=B7FB72492B753930EC70A0F49D04F12F -- C:\WINDOWS\dell\nvraid\NvAtaBus.sys
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 12:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2004.08.04 12:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 12:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 12:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 12:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 12:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2012.04.08 00:49:15 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >

cosinus · 11.09.2012, 16:35

Ja jetzt ist richtig

Vermutlich hast du wegen der CODE-Tags nicht alles herauskopiert

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
FF - user.js - File not found
DRV - (Sunkfiltp) -- C:\WINDOWS\System32\Drivers\sunkfiltp.sys File not found
DRV - (SunkFilt6) -- C:\WINDOWS\System32\Drivers\sunkfilt6.sys File not found
IE - HKLM\..\SearchScopes\{153F0B84-E0A6-40E4-9FC5-17BA5C020C5A}: "URL" = http://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=DE&userid=90&affid=110774&searchtype=ds&babsrc=lnkry&q={searchTerms}
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2025429265-1417001333-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.04.07 23:02:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell - "" = AutoRun
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

WolfgangGK · 11.09.2012, 21:16

So, diesmal hoffentlich alles richtig.

Code:

ATTFilter

All processes killed
========== OTL ==========
Service Sunkfiltp stopped successfully!
Service Sunkfiltp deleted successfully!
File  C:\WINDOWS\System32\Drivers\sunkfiltp.sys File not found not found.
Service SunkFilt6 stopped successfully!
Service SunkFilt6 deleted successfully!
File  C:\WINDOWS\System32\Drivers\sunkfilt6.sys File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{153F0B84-E0A6-40E4-9FC5-17BA5C020C5A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{153F0B84-E0A6-40E4-9FC5-17BA5C020C5A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2025429265-1417001333-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2025429265-1417001333-839522115-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad87d272-d3e5-11e1-b871-00e04d5dfc87}\ not found.
File E:\LaunchU3.exe -a not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\Besitzer\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\Besitzer\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temporary Internet Files folder emptied: 27838903 bytes
 
User: All Users
 
User: Besitzer
->Temp folder emptied: 3873878 bytes
->Temporary Internet Files folder emptied: 248384914 bytes
->Google Chrome cache emptied: 513916426 bytes
->Flash cache emptied: 37171 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33214 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 770658 bytes
 
User: PC-Admin
->Temporary Internet Files folder emptied: 32768 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33214 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2167231 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 480 bytes
RecycleBin emptied: 4106450982 bytes
 
Total Files Cleaned = 4.676,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.61.3 log created on 09112012_220802

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

cosinus · 11.09.2012, 23:42

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

WolfgangGK · 12.09.2012, 06:48

Hier das Log vom TDSS-Killer:

Code:

ATTFilter

07:49:56.0421 2920  TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
07:49:56.0609 2920  ============================================================
07:49:56.0609 2920  Current date / time: 2012/09/12 07:49:56.0609
07:49:56.0609 2920  SystemInfo:
07:49:56.0609 2920  
07:49:56.0609 2920  OS Version: 5.1.2600 ServicePack: 3.0
07:49:56.0609 2920  Product type: Workstation
07:49:56.0609 2920  ComputerName: PAPI-76572328B9
07:49:56.0609 2920  UserName: Besitzer
07:49:56.0609 2920  Windows directory: C:\WINDOWS
07:49:56.0609 2920  System windows directory: C:\WINDOWS
07:49:56.0609 2920  Processor architecture: Intel x86
07:49:56.0609 2920  Number of processors: 2
07:49:56.0609 2920  Page size: 0x1000
07:49:56.0609 2920  Boot type: Normal boot
07:49:56.0609 2920  ============================================================
07:49:57.0750 2920  Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
07:49:57.0750 2920  ============================================================
07:49:57.0750 2920  \Device\Harddisk0\DR0:
07:49:57.0750 2920  MBR partitions:
07:49:57.0750 2920  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x173198DF
07:49:57.0750 2920  ============================================================
07:49:57.0781 2920  C: <-> \Device\Harddisk0\DR0\Partition1
07:49:57.0781 2920  ============================================================
07:49:57.0781 2920  Initialize success
07:49:57.0781 2920  ============================================================
07:50:43.0843 0704  ============================================================
07:50:43.0843 0704  Scan started
07:50:43.0843 0704  Mode: Manual; SigCheck; TDLFS; 
07:50:43.0843 0704  ============================================================
07:50:44.0109 0704  ================ Scan system memory ========================
07:50:44.0109 0704  System memory - ok
07:50:44.0109 0704  ================ Scan services =============================
07:50:44.0218 0704  [ A8A4E18857CDFD8D9AB81E2C9EAF89B5 ] a2acc           C:\PROGRAMME\EMSISOFT ANTI-MALWARE\a2accx86.sys
07:50:44.0375 0704  a2acc - ok
07:50:44.0484 0704  [ 0D050186CF421131B43D00024BD9B8BB ] a2AntiMalware   C:\Programme\Emsisoft Anti-Malware\a2service.exe
07:50:44.0609 0704  a2AntiMalware - ok
07:50:44.0625 0704  [ F7EABCA8375EA2DC6F35C4BCA4757515 ] A2DDA           C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys
07:50:44.0640 0704  A2DDA - ok
07:50:44.0750 0704  Abiosdsk - ok
07:50:44.0750 0704  abp480n5 - ok
07:50:44.0796 0704  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:50:44.0968 0704  ACPI - ok
07:50:44.0984 0704  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
07:50:45.0093 0704  ACPIEC - ok
07:50:45.0171 0704  [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:50:45.0187 0704  AdobeFlashPlayerUpdateSvc - ok
07:50:45.0187 0704  adpu160m - ok
07:50:45.0203 0704  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
07:50:45.0328 0704  aec - ok
07:50:45.0453 0704  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
07:50:45.0500 0704  AFD - ok
07:50:45.0500 0704  Aha154x - ok
07:50:45.0515 0704  aic78u2 - ok
07:50:45.0515 0704  aic78xx - ok
07:50:45.0531 0704  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
07:50:45.0656 0704  Alerter - ok
07:50:45.0671 0704  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe
07:50:45.0796 0704  ALG - ok
07:50:45.0796 0704  AliIde - ok
07:50:45.0828 0704  [ 58BE3C2F1AA041EA56F7305A6463035C ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys
07:50:45.0875 0704  AmdK8 - ok
07:50:45.0875 0704  amsint - ok
07:50:45.0890 0704  AppMgmt - ok
07:50:45.0890 0704  asc - ok
07:50:45.0890 0704  asc3350p - ok
07:50:45.0906 0704  asc3550 - ok
07:50:45.0968 0704  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
07:50:45.0984 0704  aspnet_state - ok
07:50:46.0000 0704  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:50:46.0109 0704  AsyncMac - ok
07:50:46.0140 0704  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
07:50:46.0250 0704  atapi - ok
07:50:46.0250 0704  Atdisk - ok
07:50:46.0281 0704  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:50:46.0375 0704  Atmarpc - ok
07:50:46.0390 0704  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
07:50:46.0515 0704  AudioSrv - ok
07:50:46.0531 0704  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
07:50:46.0640 0704  audstub - ok
07:50:46.0750 0704  [ FCC4933F96883FEC83D17697B75B0FDE ] AVKProxy        C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
07:50:46.0812 0704  AVKProxy - ok
07:50:46.0875 0704  [ 29DA2D5958B352022A1BB5CE6FDB427C ] AVKService      C:\Programme\G Data\AntiVirus\AVK\AVKService.exe
07:50:46.0890 0704  AVKService - ok
07:50:46.0984 0704  [ C9B91C1F845C44B6D2BB65DF0E98EF5E ] AVKWCtl         C:\Programme\G Data\AntiVirus\AVK\AVKWCtl.exe
07:50:47.0046 0704  AVKWCtl - ok
07:50:47.0078 0704  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
07:50:47.0203 0704  Beep - ok
07:50:47.0234 0704  [ BE5D50529799B9BAB6BE879EC768B6CF ] BIOS            C:\WINDOWS\system32\drivers\BIOS.sys
07:50:47.0265 0704  BIOS ( UnsignedFile.Multi.Generic ) - warning
07:50:47.0265 0704  BIOS - detected UnsignedFile.Multi.Generic (1)
07:50:47.0296 0704  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll
07:50:47.0406 0704  BITS - ok
07:50:47.0421 0704  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll
07:50:47.0453 0704  Browser - ok
07:50:47.0484 0704  [ 9383FFA2AAD55F6CA4831ADDD0EDF230 ] BS_I2cIo        C:\WINDOWS\system32\drivers\BS_I2cIo.sys
07:50:47.0515 0704  BS_I2cIo ( UnsignedFile.Multi.Generic ) - warning
07:50:47.0515 0704  BS_I2cIo - detected UnsignedFile.Multi.Generic (1)
07:50:47.0546 0704  [ C915AC58E7B49AE3CBFD88D544AC8BA1 ] CAPI            C:\WINDOWS\system32\DRIVERS\capi.sys
07:50:47.0562 0704  CAPI ( UnsignedFile.Multi.Generic ) - warning
07:50:47.0562 0704  CAPI - detected UnsignedFile.Multi.Generic (1)
07:50:47.0578 0704  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
07:50:47.0703 0704  cbidf2k - ok
07:50:47.0781 0704  [ 5753532C476B83119D85AA43B1B10AB3 ] CCALib8         C:\Programme\Canon\CAL\CALMAIN.exe
07:50:47.0812 0704  CCALib8 ( UnsignedFile.Multi.Generic ) - warning
07:50:47.0812 0704  CCALib8 - detected UnsignedFile.Multi.Generic (1)
07:50:47.0812 0704  cd20xrnt - ok
07:50:47.0843 0704  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
07:50:47.0984 0704  Cdaudio - ok
07:50:48.0000 0704  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
07:50:48.0125 0704  Cdfs - ok
07:50:48.0156 0704  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:50:48.0250 0704  Cdrom - ok
07:50:48.0265 0704  [ 84853B3FD012251690570E9E7E43343F ] cercsr6         C:\WINDOWS\system32\drivers\cercsr6.sys
07:50:48.0265 0704  cercsr6 ( UnsignedFile.Multi.Generic ) - warning
07:50:48.0265 0704  cercsr6 - detected UnsignedFile.Multi.Generic (1)
07:50:48.0281 0704  Changer - ok
07:50:48.0296 0704  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] CiSvc           C:\WINDOWS\system32\cisvc.exe
07:50:48.0390 0704  CiSvc - ok
07:50:48.0421 0704  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
07:50:48.0515 0704  ClipSrv - ok
07:50:48.0531 0704  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:50:48.0546 0704  clr_optimization_v2.0.50727_32 - ok
07:50:48.0625 0704  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:50:48.0640 0704  clr_optimization_v4.0.30319_32 - ok
07:50:48.0640 0704  CmdIde - ok
07:50:48.0640 0704  COMSysApp - ok
07:50:48.0656 0704  Cpqarray - ok
07:50:48.0671 0704  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
07:50:48.0781 0704  CryptSvc - ok
07:50:48.0781 0704  dac2w2k - ok
07:50:48.0796 0704  dac960nt - ok
07:50:48.0828 0704  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
07:50:48.0890 0704  DcomLaunch - ok
07:50:48.0921 0704  [ 446F9B01D0892191048497322AA26E40 ] DectEnum        C:\WINDOWS\system32\Drivers\DectEnum.sys
07:50:48.0953 0704  DectEnum ( UnsignedFile.Multi.Generic ) - warning
07:50:48.0953 0704  DectEnum - detected UnsignedFile.Multi.Generic (1)
07:50:48.0984 0704  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
07:50:49.0109 0704  Dhcp - ok
07:50:49.0125 0704  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
07:50:49.0250 0704  Disk - ok
07:50:49.0250 0704  dmadmin - ok
07:50:49.0296 0704  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
07:50:49.0437 0704  dmboot - ok
07:50:49.0453 0704  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
07:50:49.0562 0704  dmio - ok
07:50:49.0578 0704  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
07:50:49.0703 0704  dmload - ok
07:50:49.0734 0704  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
07:50:49.0843 0704  dmserver - ok
07:50:49.0875 0704  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
07:50:49.0984 0704  DMusic - ok
07:50:50.0015 0704  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
07:50:50.0093 0704  Dnscache - ok
07:50:50.0125 0704  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
07:50:50.0218 0704  Dot3svc - ok
07:50:50.0218 0704  dpti2o - ok
07:50:50.0265 0704  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
07:50:50.0375 0704  drmkaud - ok
07:50:50.0390 0704  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll
07:50:50.0484 0704  EapHost - ok
07:50:50.0500 0704  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll
07:50:50.0609 0704  ERSvc - ok
07:50:50.0656 0704  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe
07:50:50.0703 0704  Eventlog - ok
07:50:50.0734 0704  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\system32\es.dll
07:50:50.0781 0704  EventSystem - ok
07:50:50.0812 0704  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
07:50:50.0906 0704  Fastfat - ok
07:50:50.0953 0704  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
07:50:50.0984 0704  FastUserSwitchingCompatibility - ok
07:50:51.0015 0704  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
07:50:51.0109 0704  Fdc - ok
07:50:51.0125 0704  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
07:50:51.0234 0704  Fips - ok
07:50:51.0281 0704  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
07:50:51.0375 0704  Flpydisk - ok
07:50:51.0421 0704  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
07:50:51.0515 0704  FltMgr - ok
07:50:51.0593 0704  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
07:50:51.0609 0704  FontCache3.0.0.0 - ok
07:50:51.0625 0704  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:50:51.0734 0704  Fs_Rec - ok
07:50:51.0734 0704  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
07:50:51.0875 0704  Ftdisk - ok
07:50:51.0890 0704  [ 7094E1D622491D2FD34558ADAC80321C ] GDBehave        C:\WINDOWS\system32\drivers\GDBehave.sys
07:50:51.0890 0704  GDBehave - ok
07:50:51.0921 0704  [ 08204492943D2CFAE0D9F1FDAB5D38AE ] GDMnIcpt        C:\WINDOWS\system32\drivers\MiniIcpt.sys
07:50:51.0937 0704  GDMnIcpt - ok
07:50:52.0031 0704  [ 110C6DC36EA9F5DA664A584756B1B297 ] GDScan          C:\Programme\Gemeinsame Dateien\G DATA\GDScan\GDScan.exe
07:50:52.0062 0704  GDScan - ok
07:50:52.0093 0704  [ 89E8888AD768B6CFF5CDCF5142F1FEB2 ] GDTdiInterceptor C:\WINDOWS\system32\drivers\GDTdiIcpt.sys
07:50:52.0109 0704  GDTdiInterceptor - ok
07:50:52.0140 0704  [ 5DC17164F66380CBFEFD895C18467773 ] GearAspiWDM     C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
07:50:52.0156 0704  GearAspiWDM - ok
07:50:52.0187 0704  [ 5EC1AEA1364DA15BAF7CDD83A3F3CB0D ] Gigusb          C:\WINDOWS\system32\Drivers\Gigusb.sys
07:50:52.0203 0704  Gigusb ( UnsignedFile.Multi.Generic ) - warning
07:50:52.0203 0704  Gigusb - detected UnsignedFile.Multi.Generic (1)
07:50:52.0218 0704  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
07:50:52.0328 0704  Gpc - ok
07:50:52.0343 0704  [ DD3227F9780B435F4CF2BC87C48317A2 ] GRD             C:\WINDOWS\system32\drivers\GRD.sys
07:50:52.0359 0704  GRD - ok
07:50:52.0359 0704  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
07:50:52.0468 0704  HDAudBus - ok
07:50:52.0515 0704  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:50:52.0625 0704  helpsvc - ok
07:50:52.0640 0704  [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ         C:\WINDOWS\System32\hidserv.dll
07:50:52.0734 0704  HidServ - ok
07:50:52.0765 0704  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
07:50:52.0875 0704  hidusb - ok
07:50:52.0890 0704  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
07:50:52.0984 0704  hkmsvc - ok
07:50:53.0015 0704  [ 17DCBD507B4AE62571DFB42FF5EC446A ] HookCentre      C:\WINDOWS\system32\drivers\HookCentre.sys
07:50:53.0031 0704  HookCentre - ok
07:50:53.0031 0704  hpn - ok
07:50:53.0078 0704  [ 3CA6111453436CAF0681F343D5F0000C ] HRCMPA          C:\WINDOWS\system32\DRIVERS\hrcmpa.sys
07:50:53.0125 0704  HRCMPA ( UnsignedFile.Multi.Generic ) - warning
07:50:53.0125 0704  HRCMPA - detected UnsignedFile.Multi.Generic (1)
07:50:53.0156 0704  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
07:50:53.0203 0704  HTTP - ok
07:50:53.0218 0704  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
07:50:53.0328 0704  HTTPFilter - ok
07:50:53.0328 0704  i2omgmt - ok
07:50:53.0343 0704  i2omp - ok
07:50:53.0359 0704  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
07:50:53.0453 0704  i8042prt - ok
07:50:53.0531 0704  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:50:53.0578 0704  idsvc - ok
07:50:53.0593 0704  [ 2F95BEF56AEEEB45DE55EC44668E2695 ] IJPLMSVC        C:\Programme\Canon\IJPLM\IJPLMSVC.EXE
07:50:53.0609 0704  IJPLMSVC ( UnsignedFile.Multi.Generic ) - warning
07:50:53.0609 0704  IJPLMSVC - detected UnsignedFile.Multi.Generic (1)
07:50:53.0640 0704  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
07:50:53.0734 0704  Imapi - ok
07:50:53.0781 0704  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\system32\imapi.exe
07:50:53.0890 0704  ImapiService - ok
07:50:53.0890 0704  ini910u - ok
07:50:54.0078 0704  [ C464CF7A58C011A70188602B55C64E99 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
07:50:54.0296 0704  IntcAzAudAddService - ok
07:50:54.0296 0704  IntelIde - ok
07:50:54.0328 0704  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
07:50:54.0421 0704  Ip6Fw - ok
07:50:54.0453 0704  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:50:54.0578 0704  IpFilterDriver - ok
07:50:54.0593 0704  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
07:50:54.0687 0704  IpInIp - ok
07:50:54.0703 0704  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
07:50:54.0796 0704  IpNat - ok
07:50:54.0812 0704  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
07:50:54.0921 0704  IPSec - ok
07:50:54.0937 0704  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
07:50:55.0031 0704  IRENUM - ok
07:50:55.0062 0704  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
07:50:55.0171 0704  isapnp - ok
07:50:55.0218 0704  [ BA82938F02E7DEFFD2B33C8E56348F68 ] IUAPIWDM        C:\WINDOWS\system32\DRIVERS\IUAPIWDM.sys
07:50:55.0234 0704  IUAPIWDM ( UnsignedFile.Multi.Generic ) - warning
07:50:55.0234 0704  IUAPIWDM - detected UnsignedFile.Multi.Generic (1)
07:50:55.0328 0704  [ 80F08F50D248EEEEB9256F6522891D40 ] JavaQuickStarterService C:\Programme\Java\jre7\bin\jqs.exe
07:50:55.0343 0704  JavaQuickStarterService - ok
07:50:55.0359 0704  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
07:50:55.0468 0704  Kbdclass - ok
07:50:55.0500 0704  [ B6D6C117D771C98130497265F26D1882 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
07:50:55.0609 0704  kbdhid - ok
07:50:55.0640 0704  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
07:50:55.0750 0704  kmixer - ok
07:50:55.0765 0704  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
07:50:55.0812 0704  KSecDD - ok
07:50:55.0843 0704  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
07:50:55.0890 0704  lanmanserver - ok
07:50:55.0906 0704  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
07:50:55.0937 0704  lanmanworkstation - ok
07:50:55.0953 0704  lbrtfdc - ok
07:50:55.0968 0704  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
07:50:56.0093 0704  LmHosts - ok
07:50:56.0109 0704  [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
07:50:56.0125 0704  MBAMProtector - ok
07:50:56.0187 0704  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
07:50:56.0218 0704  MBAMScheduler - ok
07:50:56.0265 0704  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
07:50:56.0296 0704  MBAMService - ok
07:50:56.0328 0704  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
07:50:56.0437 0704  Messenger - ok
07:50:56.0468 0704  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
07:50:56.0593 0704  mnmdd - ok
07:50:56.0625 0704  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
07:50:56.0718 0704  mnmsrvc - ok
07:50:56.0750 0704  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
07:50:56.0859 0704  Modem - ok
07:50:56.0875 0704  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
07:50:56.0984 0704  Mouclass - ok
07:50:57.0031 0704  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
07:50:57.0156 0704  mouhid - ok
07:50:57.0171 0704  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
07:50:57.0265 0704  MountMgr - ok
07:50:57.0281 0704  mraid35x - ok
07:50:57.0296 0704  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
07:50:57.0406 0704  MRxDAV - ok
07:50:57.0437 0704  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:50:57.0500 0704  MRxSmb - ok
07:50:57.0515 0704  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
07:50:57.0609 0704  MSDTC - ok
07:50:57.0640 0704  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
07:50:57.0750 0704  Msfs - ok
07:50:57.0765 0704  MSIServer - ok
07:50:57.0765 0704  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:50:57.0859 0704  MSKSSRV - ok
07:50:57.0875 0704  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:50:57.0984 0704  MSPCLOCK - ok
07:50:58.0000 0704  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
07:50:58.0093 0704  MSPQM - ok
07:50:58.0109 0704  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
07:50:58.0218 0704  mssmbios - ok
07:50:58.0250 0704  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
07:50:58.0265 0704  Mup - ok
07:50:58.0296 0704  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
07:50:58.0406 0704  napagent - ok
07:50:58.0437 0704  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
07:50:58.0546 0704  NDIS - ok
07:50:58.0578 0704  [ 3D751F96289BD24B93A7388BD64D9682 ] NDISCAPI        C:\WINDOWS\system32\DRIVERS\ndiscapi.sys
07:50:58.0593 0704  NDISCAPI ( UnsignedFile.Multi.Generic ) - warning
07:50:58.0593 0704  NDISCAPI - detected UnsignedFile.Multi.Generic (1)
07:50:58.0625 0704  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
07:50:58.0671 0704  NdisTapi - ok
07:50:58.0671 0704  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
07:50:58.0765 0704  Ndisuio - ok
07:50:58.0781 0704  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:50:58.0875 0704  NdisWan - ok
07:50:58.0875 0704  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
07:50:58.0906 0704  NDProxy - ok
07:50:58.0937 0704  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
07:50:59.0046 0704  NetBIOS - ok
07:50:59.0078 0704  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
07:50:59.0171 0704  NetBT - ok
07:50:59.0203 0704  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
07:50:59.0312 0704  NetDDE - ok
07:50:59.0312 0704  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
07:50:59.0406 0704  NetDDEdsdm - ok
07:50:59.0437 0704  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\system32\lsass.exe
07:50:59.0531 0704  Netlogon - ok
07:50:59.0546 0704  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
07:50:59.0656 0704  Netman - ok
07:50:59.0671 0704  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:50:59.0687 0704  NetTcpPortSharing - ok
07:50:59.0734 0704  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll
07:50:59.0781 0704  Nla - ok
07:50:59.0796 0704  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
07:50:59.0890 0704  Npfs - ok
07:50:59.0921 0704  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
07:51:00.0062 0704  Ntfs - ok
07:51:00.0062 0704  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
07:51:00.0156 0704  NtLmSsp - ok
07:51:00.0187 0704  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
07:51:00.0312 0704  NtmsSvc - ok
07:51:00.0343 0704  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
07:51:00.0453 0704  Null - ok
07:51:00.0890 0704  [ 7B5A17BD54BB9142843DBE99A1CAAED8 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
07:51:01.0359 0704  nv - ok
07:51:01.0390 0704  [ D875346596BD48D74AC9B9BE791B8D69 ] NVENETFD        C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
07:51:01.0437 0704  NVENETFD - ok
07:51:01.0453 0704  [ F02C1C5E84C37667ECD3EEA5958449BC ] nvnetbus        C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
07:51:01.0500 0704  nvnetbus - ok
07:51:01.0531 0704  [ 5150B108EA88831E1C599603D8B89621 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
07:51:01.0546 0704  NVSvc - ok
07:51:01.0671 0704  [ 83E8AB7BB3C8956C53FEC071C94F0BBB ] nvUpdatusService C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
07:51:01.0718 0704  nvUpdatusService - ok
07:51:01.0750 0704  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
07:51:01.0875 0704  NwlnkFlt - ok
07:51:01.0875 0704  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
07:51:02.0000 0704  NwlnkFwd - ok
07:51:02.0125 0704  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
07:51:02.0156 0704  odserv - ok
07:51:02.0187 0704  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
07:51:02.0203 0704  ose - ok
07:51:02.0250 0704  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
07:51:02.0359 0704  Parport - ok
07:51:02.0375 0704  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
07:51:02.0468 0704  PartMgr - ok
07:51:02.0515 0704  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
07:51:02.0640 0704  ParVdm - ok
07:51:02.0640 0704  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
07:51:02.0750 0704  PCI - ok
07:51:02.0765 0704  PCIDump - ok
07:51:02.0781 0704  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
07:51:02.0906 0704  PCIIde - ok
07:51:02.0921 0704  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
07:51:03.0015 0704  Pcmcia - ok
07:51:03.0015 0704  PDCOMP - ok
07:51:03.0015 0704  PDFRAME - ok
07:51:03.0031 0704  PDRELI - ok
07:51:03.0031 0704  PDRFRAME - ok
07:51:03.0031 0704  perc2 - ok
07:51:03.0046 0704  perc2hib - ok
07:51:03.0078 0704  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe
07:51:03.0109 0704  PlugPlay - ok
07:51:03.0125 0704  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
07:51:03.0203 0704  PolicyAgent - ok
07:51:03.0218 0704  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
07:51:03.0328 0704  PptpMiniport - ok
07:51:03.0359 0704  [ 2CB55427C58679F49AD600FCCBA76360 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
07:51:03.0453 0704  Processor - ok
07:51:03.0453 0704  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
07:51:03.0546 0704  ProtectedStorage - ok
07:51:03.0546 0704  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
07:51:03.0656 0704  PSched - ok
07:51:03.0656 0704  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
07:51:03.0781 0704  Ptilink - ok
07:51:03.0796 0704  ql1080 - ok
07:51:03.0796 0704  Ql10wnt - ok
07:51:03.0796 0704  ql12160 - ok
07:51:03.0812 0704  ql1240 - ok
07:51:03.0812 0704  ql1280 - ok
07:51:03.0843 0704  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
07:51:03.0953 0704  RasAcd - ok
07:51:03.0984 0704  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
07:51:04.0093 0704  RasAuto - ok
07:51:04.0125 0704  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
07:51:04.0234 0704  Rasl2tp - ok
07:51:04.0265 0704  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
07:51:04.0375 0704  RasMan - ok
07:51:04.0375 0704  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
07:51:04.0484 0704  RasPppoe - ok
07:51:04.0484 0704  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
07:51:04.0609 0704  Raspti - ok
07:51:04.0640 0704  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
07:51:04.0734 0704  Rdbss - ok
07:51:04.0750 0704  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
07:51:04.0875 0704  RDPCDD - ok
07:51:04.0906 0704  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
07:51:04.0937 0704  RDPWD - ok
07:51:04.0953 0704  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
07:51:05.0046 0704  RDSessMgr - ok
07:51:05.0078 0704  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
07:51:05.0187 0704  redbook - ok
07:51:05.0203 0704  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
07:51:05.0296 0704  RemoteAccess - ok
07:51:05.0328 0704  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
07:51:05.0468 0704  ROOTMODEM - ok
07:51:05.0500 0704  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\system32\locator.exe
07:51:05.0593 0704  RpcLocator - ok
07:51:05.0625 0704  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll
07:51:05.0671 0704  RpcSs - ok
07:51:05.0687 0704  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\system32\rsvp.exe
07:51:05.0796 0704  RSVP - ok
07:51:05.0828 0704  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe
07:51:05.0906 0704  SamSs - ok
07:51:05.0984 0704  [ 224049C51E2C2D07B02B1BED262976A1 ] SbieDrv         C:\Programme\Sandboxie\SbieDrv.sys
07:51:06.0000 0704  SbieDrv - ok
07:51:06.0046 0704  [ 3129023CEF1A2225665D44F9545DAED4 ] SbieSvc         C:\Programme\Sandboxie\SbieSvc.exe
07:51:06.0062 0704  SbieSvc - ok
07:51:06.0078 0704  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
07:51:06.0187 0704  SCardSvr - ok
07:51:06.0218 0704  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
07:51:06.0328 0704  Schedule - ok
07:51:06.0343 0704  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
07:51:06.0437 0704  Secdrv - ok
07:51:06.0453 0704  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
07:51:06.0546 0704  seclogon - ok
07:51:06.0578 0704  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
07:51:06.0687 0704  SENS - ok
07:51:06.0718 0704  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
07:51:06.0828 0704  serenum - ok
07:51:06.0828 0704  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
07:51:06.0921 0704  Serial - ok
07:51:06.0953 0704  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
07:51:07.0062 0704  Sfloppy - ok
07:51:07.0093 0704  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
07:51:07.0203 0704  SharedAccess - ok
07:51:07.0234 0704  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
07:51:07.0250 0704  ShellHWDetection - ok
07:51:07.0281 0704  [ A684CE1204C1375479B2EEB0FF85B774 ] siellif         C:\WINDOWS\system32\Drivers\siellif.sys
07:51:07.0281 0704  siellif ( UnsignedFile.Multi.Generic ) - warning
07:51:07.0281 0704  siellif - detected UnsignedFile.Multi.Generic (1)
07:51:07.0281 0704  Simbad - ok
07:51:07.0328 0704  [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate     C:\Programme\Skype\Updater\Updater.exe
07:51:07.0343 0704  SkypeUpdate - ok
07:51:07.0359 0704  Sparrow - ok
07:51:07.0390 0704  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
07:51:07.0500 0704  splitter - ok
07:51:07.0546 0704  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
07:51:07.0578 0704  Spooler - ok
07:51:07.0593 0704  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
07:51:07.0687 0704  sr - ok
07:51:07.0734 0704  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\system32\srsvc.dll
07:51:07.0843 0704  srservice - ok
07:51:07.0875 0704  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
07:51:07.0921 0704  Srv - ok
07:51:07.0953 0704  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
07:51:08.0062 0704  SSDPSRV - ok
07:51:08.0093 0704  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
07:51:08.0203 0704  stisvc - ok
07:51:08.0234 0704  [ 38CC705FF41CC49DAED796CFB419BEA2 ] SunkFilt62      C:\WINDOWS\System32\Drivers\sunkfilt62.sys
07:51:08.0250 0704  SunkFilt62 ( UnsignedFile.Multi.Generic ) - warning
07:51:08.0250 0704  SunkFilt62 - detected UnsignedFile.Multi.Generic (1)
07:51:08.0265 0704  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
07:51:08.0375 0704  swenum - ok
07:51:08.0390 0704  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
07:51:08.0500 0704  swmidi - ok
07:51:08.0515 0704  SwPrv - ok
07:51:08.0515 0704  symc810 - ok
07:51:08.0515 0704  symc8xx - ok
07:51:08.0531 0704  sym_hi - ok
07:51:08.0531 0704  sym_u3 - ok
07:51:08.0562 0704  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
07:51:08.0671 0704  sysaudio - ok
07:51:08.0687 0704  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
07:51:08.0796 0704  SysmonLog - ok
07:51:08.0812 0704  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
07:51:08.0921 0704  TapiSrv - ok
07:51:08.0968 0704  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
07:51:09.0000 0704  Tcpip - ok
07:51:09.0031 0704  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
07:51:09.0125 0704  TDPIPE - ok
07:51:09.0140 0704  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
07:51:09.0234 0704  TDTCP - ok
07:51:09.0265 0704  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
07:51:09.0375 0704  TermDD - ok
07:51:09.0390 0704  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll
07:51:09.0484 0704  TermService - ok
07:51:09.0515 0704  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll
07:51:09.0531 0704  Themes - ok
07:51:09.0609 0704  [ E319535A8124F25C1C9C5288CACF3101 ] TomTomHOMEService C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
07:51:09.0625 0704  TomTomHOMEService - ok
07:51:09.0625 0704  TosIde - ok
07:51:09.0656 0704  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
07:51:09.0750 0704  TrkWks - ok
07:51:09.0875 0704  [ AF5F31156EE89D35AD6EC3179A805D23 ] TuneUp.UtilitiesSvc C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
07:51:09.0921 0704  TuneUp.UtilitiesSvc - ok
07:51:09.0937 0704  [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
07:51:09.0953 0704  TuneUpUtilitiesDrv - ok
07:51:09.0984 0704  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
07:51:10.0078 0704  Udfs - ok
07:51:10.0078 0704  ultra - ok
07:51:10.0125 0704  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
07:51:10.0234 0704  Update - ok
07:51:10.0265 0704  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
07:51:10.0359 0704  upnphost - ok
07:51:10.0375 0704  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe
07:51:10.0468 0704  UPS - ok
07:51:10.0515 0704  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
07:51:10.0625 0704  usbccgp - ok
07:51:10.0640 0704  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
07:51:10.0750 0704  usbehci - ok
07:51:10.0781 0704  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
07:51:10.0890 0704  usbhub - ok
07:51:10.0921 0704  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
07:51:11.0031 0704  usbohci - ok
07:51:11.0062 0704  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
07:51:11.0140 0704  usbprint - ok
07:51:11.0156 0704  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
07:51:11.0265 0704  usbscan - ok
07:51:11.0281 0704  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
07:51:11.0390 0704  USBSTOR - ok
07:51:11.0421 0704  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
07:51:11.0515 0704  VgaSave - ok
07:51:11.0531 0704  ViaIde - ok
07:51:11.0562 0704  VideoAcceleratorService - ok
07:51:11.0609 0704  [ AE1288EE0631E6CDF0DE0A663D18B636 ] vmdmd           C:\WINDOWS\system32\DRIVERS\vmdmd.sys
07:51:11.0625 0704  vmdmd ( UnsignedFile.Multi.Generic ) - warning
07:51:11.0625 0704  vmdmd - detected UnsignedFile.Multi.Generic (1)
07:51:11.0640 0704  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
07:51:11.0750 0704  VolSnap - ok
07:51:11.0781 0704  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe
07:51:11.0890 0704  VSS - ok
07:51:11.0906 0704  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\system32\w32time.dll
07:51:12.0015 0704  W32Time - ok
07:51:12.0046 0704  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
07:51:12.0140 0704  Wanarp - ok
07:51:12.0140 0704  WDICA - ok
07:51:12.0156 0704  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
07:51:12.0265 0704  wdmaud - ok
07:51:12.0281 0704  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll
07:51:12.0375 0704  WebClient - ok
07:51:12.0453 0704  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
07:51:12.0562 0704  winmgmt - ok
07:51:12.0593 0704  [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
07:51:12.0640 0704  WmdmPmSN - ok
07:51:12.0671 0704  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
07:51:12.0765 0704  WmiAcpi - ok
07:51:12.0796 0704  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
07:51:12.0906 0704  WmiApSrv - ok
07:51:12.0984 0704  [ D3DBD6E76F4BE9BEE67EB631488B5F29 ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
07:51:13.0031 0704  WMPNetworkSvc - ok
07:51:13.0046 0704  [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
07:51:13.0078 0704  WpdUsb - ok
07:51:13.0140 0704  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
07:51:13.0171 0704  WPFFontCache_v0400 - ok
07:51:13.0203 0704  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
07:51:13.0328 0704  WS2IFSL - ok
07:51:13.0359 0704  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
07:51:13.0453 0704  wscsvc - ok
07:51:13.0468 0704  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
07:51:13.0562 0704  wuauserv - ok
07:51:13.0593 0704  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
07:51:13.0640 0704  WudfPf - ok
07:51:13.0656 0704  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
07:51:13.0687 0704  WudfRd - ok
07:51:13.0703 0704  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
07:51:13.0734 0704  WudfSvc - ok
07:51:13.0781 0704  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
07:51:13.0890 0704  WZCSVC - ok
07:51:13.0968 0704  [ 97CAFBDC866F7C2BA09E912697BA3E79 ] xControlCOM     C:\Programme\Gigaset DECT\talk&surf_6_0\xcontrolcom.exe
07:51:14.0000 0704  xControlCOM ( UnsignedFile.Multi.Generic ) - warning
07:51:14.0000 0704  xControlCOM - detected UnsignedFile.Multi.Generic (1)
07:51:14.0015 0704  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
07:51:14.0109 0704  xmlprov - ok
07:51:14.0171 0704  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
07:51:14.0203 0704  YahooAUService - ok
07:51:14.0203 0704  ================ Scan global ===============================
07:51:14.0234 0704  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
07:51:14.0281 0704  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
07:51:14.0296 0704  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
07:51:14.0312 0704  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
07:51:14.0312 0704  [Global] - ok
07:51:14.0312 0704  ================ Scan MBR ==================================
07:51:14.0328 0704  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
07:51:14.0531 0704  \Device\Harddisk0\DR0 - ok
07:51:14.0531 0704  ================ Scan VBR ==================================
07:51:14.0531 0704  [ F4CCCF2456C12C11DF26A1F89AD33F0D ] \Device\Harddisk0\DR0\Partition1
07:51:14.0531 0704  \Device\Harddisk0\DR0\Partition1 - ok
07:51:14.0531 0704  ============================================================
07:51:14.0531 0704  Scan finished
07:51:14.0531 0704  ============================================================
07:51:14.0640 2384  Detected object count: 15
07:51:14.0640 2384  Actual detected object count: 15

cosinus · 12.09.2012, 13:13

Log ist unvollständig - die untere Zusammenfassung fehlt

09.09.2012, 20:58	#19
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	AOL-Suchmaschine hängt sich in Google- und Yahoo-Suche ein Code: ATTFilter Version 3.2.56.0 Bite die Anleitungen komplett richtig lesen und auch so umsetzen! Von oben bis unten sind es doch schon Schritt für Schritt Anleitungen, warum wurde OTL nicht neu runtergeladen? __________________ Logfiles bitte immer in CODE-Tags posten

10.09.2012, 20:39	#21
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	AOL-Suchmaschine hängt sich in Google- und Yahoo-Suche ein Da ist irgendwas völlig schiefgelaufen Bitte das Log nochmal erstellen Achte darauf, dass du wirklich 1:1 den CODE-Schnippel kopierst und bei OTL einfügst! __________________ --> AOL-Suchmaschine hängt sich in Google- und Yahoo-Suche ein

12.09.2012, 13:13	#30
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	AOL-Suchmaschine hängt sich in Google- und Yahoo-Suche ein Log ist unvollständig - die untere Zusammenfassung fehlt __________________ Logfiles bitte immer in CODE-Tags posten

AOL-Suchmaschine hängt sich in Google- und Yahoo-Suche ein

Plagegeister aller Art und deren Bekämpfung: AOL-Suchmaschine hängt sich in Google- und Yahoo-Suche ein