Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
png7tqx2.dll' enthielt TR/Spy.585728.35[trojan]

png7tqx2.dll' enthielt TR/Spy.585728.35[trojan]


Plagegeister aller Art und deren Bekämpfung: png7tqx2.dll' enthielt TR/Spy.585728.35[trojan]

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.08.2010, 08:03   #1
Pf@nne
 
png7tqx2.dll' enthielt TR/Spy.585728.35[trojan] - Standard

png7tqx2.dll' enthielt TR/Spy.585728.35[trojan]


Hallo,

mein Thema wurde bei euch schon mal behandelt.
siehe: png777fh.dll' enthielt TR/Spy.585728.35[trojan]

Bei mir stellt sich das Problem genauso dar, AntiVir meldet


leider ist er wie im o.g. Thema nach dem Neustart wieder da.
Ich habe o.g. Thema gelesen, leider ist mir nicht ganz klar geworden wie ihr ihn beseitigt habt.

Ich bin leider nicht so fit was die Virensuche angeht.
Soll ich eure Software mal durchlaufen lassen und die Ergebnisse posten?

Danke für eure Hilfe....

CCleander ist durch, ohne Probleme oder Besonderheiten.

Malewarebytes Ergebnis:
Zitat:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4427

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

14.08.2010 09:46:38
mbam-log-2010-08-14 (09-46-38).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 150008
Laufzeit: 11 Minute(n), 51 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Beim Scannen ist Malewarebytes auf die Tretmine png7tqx2.dll getreten, so dass AntiVir angesprochen hat.
Zu erwähnen sei vieleicht noch, dass AntiVir auf die png7tqx2.dll immer beim ersten Start von Firefox annspricht, nach dem Löschen durch AntiVir ist dann Ruhe.

Ich lasse jetzt mal RSIT laufen und poste das Ergebnis.

Die Ergebnisse von RIST nach dem Löschen durch AntiVir erfolgt, falls das wichtig ist.

hxxp://nne-mail.de/info1.txt
hxxp://nne-mail.de/log1.txt

Die Ergebnisse vor dem Löschen durch AntiVir, Tretmine noch aktiv.

hxxp://nne-mail.de/info2.txt
hxxp://nne-mail.de/log2.txt

Ich hoffe da wird einer schlau draus.......

Hier der Log von VirusTotal

hxxp://nne-mail.de/VirusTotal.pdf

sieht genau so aus wie in o.g. Thema

Lasse jetzt noch mal AVIRA-Not-CD mit Fehlerbehebung laufen.

So,

ich hab jetzt die Schn.... voll

AVIRA-Not-CD mit Fehlerbehebung/Löschung hat nix gebracht,
2 Funde wurden zwar gelöscht, es piept aber immer noch

Die Tretmine geht immer noch los sobald ich Firefox starte oder im Speedcommander nur mit der Maus drüber gehe!


Bitte helft mir ich komm nicht weiter
Dazu kommt noch, dass der AntiVir Alarmton so ätzend ist, dass ich mich jedes mal erschrecke.......

Hallo ich hab euch die

png7tqx2.dll' enthielt TR/Spy.585728.35[trojan]

mal hochgeladen.

Hier die AVZ-Files

hxxp://nne-mail.de/virusinfo_cure.zip
hxxp://nne-mail.de/virusinfo_syscheck.zip
hxxp://nne-mail.de/virusinfo_syscure.zip

Habe eben noch zwei Files hochgeladen.
Die beiden habe ich isoliert, danach war de Spuk vorbei.

_nview.dll
_nvwrsde.dll

Was da wohl drin ist........

Alt 15.08.2010, 19:45   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
png7tqx2.dll' enthielt TR/Spy.585728.35[trojan] - Standard

png7tqx2.dll' enthielt TR/Spy.585728.35[trojan]


Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________
Alt 15.08.2010, 20:33   #3
Pf@nne
 
png7tqx2.dll' enthielt TR/Spy.585728.35[trojan] - Standard

png7tqx2.dll' enthielt TR/Spy.585728.35[trojan]


extras.txt
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 15.08.2010 21:22:34 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Dokumente und Einstellungen\Systemcontrolling\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 63,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 148,93 Gb Total Space | 49,76 Gb Free Space | 33,41% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 76,68 Gb Total Space | 4,56 Gb Free Space | 5,95% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SCHUTZTECHNIK
Current User Name: Systemcontrolling
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"4987:UDP" = 4987:UDP:*:Enabled:OMICRON OMFind Service (UDP 4987)
"4988:UDP" = 4988:UDP:*:Enabled:OMICRON OMFind Service (UDP 4988)
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"6112:TCP" = 6112:TCP:*:Enabled:WC3
"4987:UDP" = 4987:UDP:*:Enabled:OMICRON OMFind Service (UDP 4987)
"4988:UDP" = 4988:UDP:*:Enabled:OMICRON OMFind Service (UDP 4988)
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- File not found
"C:\Programme\Windows Live\Messenger\livecall.exe" = C:\Programme\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) -- File not found
"C:\Programme\OMICRON\CPC Explorer\CPCExplo.exe" = C:\Programme\OMICRON\CPC Explorer\CPCExplo.exe:*:Enabled:OMICRON CPCExplorer (FTP) -- (OMICRON electronics)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\World of Warcraft\BackgroundDownloader.exe" = C:\Programme\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Programme\Warcraft III\Warcraft III.exe" = C:\Programme\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat" = C:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat:*:Enabled:Die Schlacht um Mittelerde™ II -- File not found
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- File not found
"C:\Programme\Windows Live\Messenger\livecall.exe" = C:\Programme\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) -- File not found
"C:\Programme\ICQLite\ICQLite.exe" = C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite -- File not found
"C:\Programme\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe" = C:\Programme\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Programme\World of Warcraft\Launcher.exe" = C:\Programme\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- File not found
"C:\Programme\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe" = C:\Programme\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Programme\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe" = C:\Programme\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Programme\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe" = C:\Programme\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-deDE-downloader.exe:*:Enabled:Blizzard Downloader -- File not found
"C:\Programme\EA Games\Command & Conquer Die ersten 10 Jahre\Command & Conquer(tm) Generals\game.dat" = C:\Programme\EA Games\Command & Conquer Die ersten 10 Jahre\Command & Conquer(tm) Generals\game.dat:*:Enabled:game -- ()
"C:\Programme\Warcraft III\Frozen Throne.exe" = C:\Programme\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne -- (Blizzard Entertainment)
"C:\Programme\OMICRON\CPC Explorer\CPCExplo.exe" = C:\Programme\OMICRON\CPC Explorer\CPCExplo.exe:*:Enabled:OMICRON CPCExplorer (FTP) -- (OMICRON electronics)
"C:\Programme\Java\jre1.5.0_06\launch4j-tmp\JDownloader.exe" = C:\Programme\Java\jre1.5.0_06\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary -- (Sun Microsystems, Inc.)
"C:\Programme\HELI-X\Java\jre6\bin\java.exe" = C:\Programme\HELI-X\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- File not found
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\Warcraft III\War3.exe" = C:\Programme\Warcraft III\War3.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment)
"C:\Programme\Pinnacle\Studio 14\Programs\RM.exe" = C:\Programme\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems)
"C:\Programme\Pinnacle\Studio 14\Programs\Studio.exe" = C:\Programme\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio -- (Pinnacle Systems)
"C:\Programme\Pinnacle\Studio 14\Programs\umi.exe" = C:\Programme\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{04E7BAD6-4E65-428D-AB70-DD73978BEEA5}" = DWGExport
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{07C16B8B-AE11-4515-888F-0BD2E0A9F2AD}" = NDAS Software 3.20.1523
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{089DD780-DB3F-4CDB-A0C2-111360247298}" = PC Connectivity Solution
"{0A3A5EE5-8347-44AD-B409-0CEF1E7AD31B}" = Transformator-Schaltgruppen
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{135FBD82-66F1-4EA5-A886-1C775E1793E1}" = OMICRON CT Analyzer PC Toolset
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B9B5B3B-28E7-4E59-A80D-D670AA984514}" = Nokia Connectivity Cable Driver
"{1D740728-6682-4545-A5F1-877C0F9B01A1}" = DIGSI 4.82
"{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}" = Nokia PC Suite
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{24A494F3-5B5F-4183-9F7D-9CE82812C1FC}" = tsp patch
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{27E25625-DB51-42E6-BEB7-0C8DC878770C}" = Broadcom ASF Management Applications
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2B0CDD4D-5C1A-47F7-89E2-9BF604670ABC}" = EpsonNet Config V3
"{2BCF80C8-C84F-43C6-A721-8AF93D64EA3D}" = CAS Interface Studio 8.7.1
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BF18ED6-C888-4BCF-A4AF-AC7A16305BC1}" = GemSafe Standard Edition 5.1
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5BA43E5C-66FD-48D2-AB40-B807D457EF83}" = ElsterFormular 2007/2008
"{5EC5F187-9D2B-4051-8906-88656819A869}" = Dell Drivers MSI
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528D}" = Command & Conquer Die ersten 10 Jahre
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Treiber
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76EA55BD-535F-4AB4-AD80-A8CA331F4E6F}" = Windows Messenger 5.1
"{7AEF3482-B7B7-4B94-AF63-B249B9BA9D7F}_is1" = HELI-X 3.0 Demo
"{7FE159DD-3532-44A1-99F8-E450475A83D2}" = OMICRON Assist
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{82E19C93-1548-483F-87BA-2326E832347E}" = ArCon Eleco +2008
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{85E9789D-3C0E-4326-8820-54A274D6F74F}" = OMICRON Test Universe 2.30 SR1
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5
"{8B3E5A90-1F6E-4FAF-B84F-C306C8A80809}" = AeroFly Professional Deluxe (inkl. Add-On 1)
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8E11CCE5-0903-41C9-8768-BBF2E9D5C6E3}" = OMICRON USB Parallel Converter
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9593C6E5-205E-45C3-B785-05CF146CA76A}" = biolsp patch
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D7E10F6-B503-48C9-86EE-5694292EE0DD}" = OMICRON CPC Explorer 1.41
"{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1" = Convert AVI to MP4 1.3
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{A20DF6AC-0300-45E2-8152-7D677E4E8CF5}" = HotFile AutoDownloader
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE7A0E9F-DD12-4CAE-9F06-B9553B3130AA}" = Comm3 (Version 4.04.004, 01.10.2008)
"{B1084EE0-0314-4F70-BC5A-1DF6C13A5197}" = SIMEAS T Par
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B709D213-1DF0-4B28-893F-1734757E1970}" = Setup_Advanced_Programs_Siemens
"{BAD5A8D1-02A1-40CB-ADAA-875F3C8B3990}" = CAS Interface Studio 8.7
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C5E125E0-834B-4209-8C1C-F99A02FC11FC}" = ERGO KONZEPT II
"{C878CD69-85DB-426B-81A3-E71175AAEB91}" = Dealio Toolbar v4.0.2
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"{D3D5DC3A-7A1D-4C17-B5A9-BEB1B81E5BE7}" = DIGSI 4 - SIPROTEC 4 Devices
"{D9FCA292-1186-421F-8D93-9A5D272AD5D0}" = IntelliSonic Speech Enhancement
"{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}" = kikin plugin 2.3
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E686135D-EA1B-483C-A0B6-0BBA70293228}" = OMICRONNews
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{ECC22AFA-B905-4A6A-8072-10F52B9E09B7}" = Wave Infrastructure Installer
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{EF05BA0F-AC15-4D12-AC5C-276225F5E751}" = Gemalto
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F1802FA6-54E9-4B24-BD2A-B50866819795}" = EMBASSY Trust Suite by Wave Systems
"{F5C372A1-40F3-49DA-A049-F75CDE9177DC}" = Pinnacle Studio Ultimate Collection Plugins
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem-Diagnose-Tool
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{FACE9D51-E374-4DDB-857C-816FCB1D6B40}" = Eumex 800 V1.30
"{FBEC50B7-537C-4A0E-8B0B-F7A8F8BF13CE}" = upekmsi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCB06AA7-C77C-4DDD-A9B6-6ABDB52F2763}" = OMICRON Device Browser
"{FEC193E4-6C5F-40E9-A249-7D8C8404A9EC}" = NTRU TCG Software Stack
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"ABC 3GP/MP4 Converter" = ABC 3GP/MP4 Converter 3.00
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AnyDVD" = AnyDVD
"Audiograbber" = Audiograbber 1.83 SE 
"Audiograbber-Lame" = Audiograbber MP3-Plugin
"AVerMedia A835 USB TV Tuner" = AVerMedia A835 USB TV Tuner 8.0.0.43
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BroadGun pdfMachine" = BroadGun pdfMachine
"CCleaner" = CCleaner
"CloneDVD2" = CloneDVD2
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"EEEE705096F837B7907659F100C9FE6DA001970F" = Windows-Treiberpaket - Nokia Modem  (06/09/2010 7.01.0.7)
"EPSON BX310FN Series" = Druckerdeinstallation für EPSON BX310FN Series
"FMS" = FMS
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Video Converter_is1" = Free Video Converter V 2.9
"Free YouTube Download_is1" = Free YouTube Download 2.6
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3
"FreePDF_XP" = FreePDF (Remove only)
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GPL Ghostscript 8.56" = GPL Ghostscript 8.56
"GPL Ghostscript Fonts" = GPL Ghostscript Fonts
"HTLSoft4" = HTLSoft4
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ImTOO MP4 Video Converter" = ImTOO MP4 Video Converter
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{B1084EE0-0314-4F70-BC5A-1DF6C13A5197}" = SIMEAS T Par
"InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}" = AVerTV
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"InstallShield_{FACE9D51-E374-4DDB-857C-816FCB1D6B40}" = Eumex 800 V1.30
"IsoBuster_is1" = IsoBuster 2.8
"KaloMa_is1" = KaloMa 4.76
"KETTLER_KONZEPT2_is1" = ERGO KONZEPT II Update 2.6
"Knoll Light Factory EZ Studio" = Knoll Light Factory EZ Studio
"Magic Bullet Looks Studio" = Magic Bullet Looks Studio
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"MuPAD Pro 4.0_is1" = MuPAD Pro 4.0.6
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"ProInst" = Intel(R) PROSet/Wireless Software
"Red Giant ToonIt Studio" = Red Giant ToonIt Studio
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"S&R-103" = S&R-103
"ScreenshotCaptor_is1" = Screenshot Captor 2.78.01
"SearchAssist" = SearchAssist
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SpeedCommander 11" = SpeedCommander 11
"Spyware Doctor" = Spyware Doctor 6.0
"Syncrosoft License Control" = Syncrosoft Lizenz Kontrolle
"TFSETTOP_is1" = Top Set 2.00
"Trapcode 3DStroke Studio" = Trapcode 3DStroke Studio
"Trapcode Particular Studio" = Trapcode Particular Studio
"Trapcode Shine Studio" = Trapcode Shine Studio
"Uninstall_is1" = Uninstall 1.0.0.1
"VCam 3.1_is1" = VCam 3.1.1
"VLC media player" = VLC media player 1.0.5
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WinREG" = WinREG 3.6.3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 09.08.2010 05:51:01 | Computer Name = SCHUTZTECHNIK | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description = 
 
Error - 11.08.2010 07:40:10 | Computer Name = SCHUTZTECHNIK | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description = 
 
Error - 11.08.2010 13:39:34 | Computer Name = SCHUTZTECHNIK | Source = Microsoft Office 11 | ID = 1000
Description = 
 
Error - 11.08.2010 14:08:14 | Computer Name = SCHUTZTECHNIK | Source = Microsoft Office 11 | ID = 1000
Description = 
 
Error - 14.08.2010 11:12:52 | Computer Name = SCHUTZTECHNIK | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description = 
 
Error - 15.08.2010 03:18:24 | Computer Name = SCHUTZTECHNIK | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 15.08.2010 06:06:32 | Computer Name = SCHUTZTECHNIK | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description = 
 
Error - 15.08.2010 07:53:48 | Computer Name = SCHUTZTECHNIK | Source = Broadcom ASF IP and SMBIOS Mailbox Monitor | ID = 0
Description = 
 
Error - 15.08.2010 08:17:14 | Computer Name = SCHUTZTECHNIK | Source = nview_info | ID = 11141121
Description = 
 
Error - 15.08.2010 08:21:53 | Computer Name = SCHUTZTECHNIK | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
[ System Events ]
Error - 15.08.2010 03:18:50 | Computer Name = SCHUTZTECHNIK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "EpsonBidirectionalService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 15.08.2010 06:06:05 | Computer Name = SCHUTZTECHNIK | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst EpsonBidirectionalService.
 
Error - 15.08.2010 06:06:05 | Computer Name = SCHUTZTECHNIK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "EpsonBidirectionalService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 15.08.2010 07:53:29 | Computer Name = SCHUTZTECHNIK | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst EpsonBidirectionalService.
 
Error - 15.08.2010 07:53:29 | Computer Name = SCHUTZTECHNIK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "EpsonBidirectionalService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 15.08.2010 07:54:14 | Computer Name = SCHUTZTECHNIK | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
 für die  Netzwerkkarte mit der Netzwerkadresse 001CBFAA247F zugeteilt werden. Der
 folgende Fehler  ist aufgetreten:   %%1223.  Es wird weiterhin im Hintergrund versucht,
 eine Adresse vom  Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
 
Error - 15.08.2010 08:22:18 | Computer Name = SCHUTZTECHNIK | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst EpsonBidirectionalService.
 
Error - 15.08.2010 08:22:18 | Computer Name = SCHUTZTECHNIK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "EpsonBidirectionalService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 15.08.2010 15:12:19 | Computer Name = SCHUTZTECHNIK | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst EpsonBidirectionalService.
 
Error - 15.08.2010 15:12:19 | Computer Name = SCHUTZTECHNIK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "EpsonBidirectionalService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
 
< End of report >
--- --- ---


OTL.txt
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 15.08.2010 21:22:34 - Run 1
OTL by OldTimer - Version 3.2.9.1     Folder = C:\Dokumente und Einstellungen\Systemcontrolling\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 63,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 148,93 Gb Total Space | 49,76 Gb Free Space | 33,41% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 76,68 Gb Total Space | 4,56 Gb Free Space | 5,95% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SCHUTZTECHNIK
Current User Name: Systemcontrolling
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010.08.15 21:20:15 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Systemcontrolling\Desktop\OTL.exe
PRC - [2010.07.26 11:06:08 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010.06.07 13:51:24 | 000,138,752 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010.05.14 10:32:30 | 001,479,680 | ---- | M] (Nokia) -- C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2010.03.19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.02.18 11:43:20 | 000,490,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
PRC - [2010.02.18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.01.19 12:24:08 | 000,137,728 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclToBTSrv.exe
PRC - [2010.01.08 01:36:58 | 000,974,848 | ---- | M] (Spigot, Inc.) -- C:\Programme\Search Settings\SearchSettings.exe
PRC - [2010.01.08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe
PRC - [2009.10.27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009.10.09 21:11:19 | 000,389,120 | R--- | M] () -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerScheduleService.exe
PRC - [2009.09.05 18:29:06 | 000,385,024 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2009.08.01 05:06:24 | 000,155,648 | R--- | M] () -- C:\Programme\Gemeinsame Dateien\AVerMedia\AVerQuick\AVerHIDReceiver.exe
PRC - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.06.19 19:31:38 | 000,651,264 | R--- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Programme\Gemeinsame Dateien\AVerMedia\AVerQuick\AVerQuick.exe
PRC - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2009.04.08 21:49:30 | 000,344,064 | R--- | M] (AVerMedia) -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerRemote.exe
PRC - [2009.04.07 09:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Programme\Epson Software\Event Manager\EEventManager.exe
PRC - [2009.03.02 13:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.11.17 06:00:00 | 000,199,680 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIFHE.EXE
PRC - [2008.04.14 08:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.11.19 11:36:08 | 000,160,136 | ---- | M] (Broadgun Software) -- C:\WINDOWS\system32\bgsmsnd.exe
PRC - [2007.11.09 00:50:10 | 001,552,384 | ---- | M] () -- C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
PRC - [2007.11.07 16:12:00 | 000,208,968 | ---- | M] (SIEMENS AG) -- C:\Programme\Gemeinsame Dateien\SIEMENS\S7IEPG\s7oiehsx.exe
PRC - [2007.09.24 22:35:58 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\hidfind.exe
PRC - [2007.09.24 22:35:50 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\Apoint.exe
PRC - [2007.09.24 22:35:48 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApMsgFwd.exe
PRC - [2007.09.24 22:35:48 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApntEx.exe
PRC - [2007.09.14 12:53:16 | 000,218,424 | ---- | M] (Wave Systems Corp.) -- C:\Programme\Wave Systems Corp\SecureUpgrade.exe
PRC - [2007.09.10 11:55:04 | 000,092,160 | ---- | M] (Wave Systems Corp.) -- C:\Programme\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
PRC - [2007.09.07 19:29:04 | 000,737,280 | ---- | M] (Wave Systems Corp.) -- C:\Programme\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
PRC - [2007.08.31 08:02:34 | 000,163,840 | ---- | M] (SIEMENS AG) -- C:\Programme\Gemeinsame Dateien\SIEMENS\Automation\TraceEngine\bin\S7TraceServiceX.exe
PRC - [2007.07.27 15:06:28 | 000,069,685 | ---- | M] (SIEMENS AG) -- C:\Siemens\Digsi4\Manager\S7bin\s7asysvx.exe
PRC - [2007.07.26 06:38:20 | 000,770,110 | ---- | M] (SIEMENS AG) -- C:\Programme\Gemeinsame Dateien\SIEMENS\sws\almsrv\almsrvx.exe
PRC - [2007.07.25 18:41:42 | 000,647,168 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe
PRC - [2007.07.25 18:32:50 | 000,823,296 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007.07.25 18:32:34 | 000,294,912 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2007.07.25 18:30:36 | 000,974,848 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007.07.25 18:29:38 | 000,987,136 | ---- | M] (Intel Corporation ) -- C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2007.07.25 18:26:14 | 000,491,520 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2007.07.25 18:22:44 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2007.07.20 18:53:52 | 000,475,136 | ---- | M] (Dell Inc.) -- C:\Programme\Dell\QuickSet\NicConfigSvc.exe
PRC - [2007.06.29 18:32:52 | 000,236,520 | ---- | M] (XIMETA, Inc.) -- C:\Programme\NDAS\System\ndassvc.exe
PRC - [2007.06.29 18:32:52 | 000,236,520 | ---- | M] (XIMETA, Inc.) -- C:\Programme\NDAS\System\ndasmgmt.exe
PRC - [2007.02.20 11:07:40 | 000,199,752 | ---- | M] (Pinnacle Systems GmbH) -- C:\Programme\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
PRC - [2007.02.19 01:27:16 | 000,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\Programme\SigmaTel\C-Major Audio\WDM\stacsv.exe
PRC - [2007.02.19 01:26:32 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2007.01.11 22:43:46 | 002,150,400 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2006.12.19 16:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) -- C:\Programme\Broadcom\ASFIPMon\AsfIpMon.exe
PRC - [2006.12.18 17:22:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2006.12.15 13:41:30 | 002,170,880 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
PRC - [2006.11.02 16:05:50 | 000,282,624 | ---- | M] (Knowles Acoustics) -- C:\WINDOWS\system32\KADxMain.exe
PRC - [2006.10.27 22:13:48 | 000,270,336 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2006.10.20 19:23:38 | 000,118,784 | ---- | M] (CyberLink Corp.) -- C:\Programme\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2006.08.17 11:00:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Programme\Roxio\Drag-to-Disc\DrgToDsc.exe
PRC - [2006.02.07 01:00:20 | 000,311,296 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
PRC - [2006.01.24 01:14:10 | 000,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2005.11.07 12:01:02 | 001,532,928 | ---- | M] (SWE Sven Ritter) -- C:\Programme\SpeedProject\SpeedCommander 11\SpeedCommander.exe
PRC - [2004.07.27 18:50:18 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
PRC - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.08.15 21:20:15 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Systemcontrolling\Desktop\OTL.exe
MOD - [2008.04.14 08:51:08 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.01.08 00:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009.11.20 14:49:36 | 000,304,624 | ---- | M] (OMICRON electronics) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Omicron\OMFind.exe -- (OMFind)
SRV - [2009.10.09 21:11:19 | 000,389,120 | R--- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.04.08 21:49:30 | 000,344,064 | R--- | M] (AVerMedia) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2009.01.21 13:08:06 | 001,095,560 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Programme\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009.01.07 12:40:56 | 000,348,752 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Programme\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2008.08.10 13:19:17 | 000,029,744 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-061008-081103)
SRV - [2007.11.09 00:50:10 | 001,552,384 | ---- | M] () [Auto | Running] -- C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007.11.07 16:12:00 | 000,208,968 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\SIEMENS\S7IEPG\s7oiehsx.exe -- (s7oiehsx)
SRV - [2007.09.13 16:31:44 | 000,192,512 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Programme\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe -- (WaveEnrollmentService)
SRV - [2007.09.07 19:29:04 | 000,737,280 | ---- | M] (Wave Systems Corp.) [Auto | Running] -- C:\Programme\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2007.08.31 19:39:18 | 000,486,400 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Programme\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - [2007.08.31 08:02:34 | 000,163,840 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\SIEMENS\Automation\TraceEngine\bin\S7TraceServiceX.exe -- (S7TraceServiceX)
SRV - [2007.07.27 15:06:28 | 000,069,685 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Siemens\Digsi4\Manager\S7bin\s7asysvx.exe -- (s7asysvx)
SRV - [2007.07.26 06:38:20 | 000,770,110 | ---- | M] (SIEMENS AG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\SIEMENS\sws\almsrv\almsrvx.exe -- (almservice)
SRV - [2007.07.25 18:41:42 | 000,647,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2007.07.25 18:32:34 | 000,294,912 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel(R)
SRV - [2007.07.25 18:29:38 | 000,987,136 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Programme\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel(R)
SRV - [2007.07.25 18:22:44 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2007.07.20 18:53:52 | 000,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Programme\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2007.06.29 18:32:52 | 000,236,520 | ---- | M] (XIMETA, Inc.) [Auto | Running] -- C:\Programme\NDAS\System\ndassvc.exe -- (ndassvc)
SRV - [2007.02.19 01:27:16 | 000,090,112 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Programme\SigmaTel\C-Major Audio\WDM\stacsv.exe -- (STacSV)
SRV - [2006.12.19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
SRV - [2006.12.19 16:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Programme\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)
SRV - [2006.09.14 16:54:34 | 000,073,728 | ---- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2005.11.14 02:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.07.28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\WPN111.sys -- (WPN111)
DRV - [2010.03.31 00:20:41 | 000,104,768 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010.02.26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.01.01 19:20:34 | 000,026,024 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2009.11.25 12:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.10.19 05:26:06 | 000,474,880 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVerAF35.sys -- (AVerAF35)
DRV - [2009.05.11 10:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.03 11:18:26 | 000,130,936 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009.03.30 10:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.11.13 21:54:28 | 000,081,288 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\iksyssec.sys -- (IKSysSec)
DRV - [2008.11.13 21:54:28 | 000,066,952 | ---- | M] (PCTools Research Pty Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\iksysflt.sys -- (IKSysFlt)
DRV - [2008.11.13 21:54:28 | 000,040,840 | ---- | M] (PCTools Research Pty Ltd.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\ikfilesec.sys -- (IKFileSec)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.02 03:55:26 | 000,024,248 | ---- | M] (OMICRON electronics GmbH & Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OMRSp50.sys -- (OMRSp50)
DRV - [2008.07.02 03:55:22 | 000,025,400 | ---- | M] (OMICRON electronics GmbH & Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OMRMp50.sys -- (OMRMp50)
DRV - [2008.04.14 01:26:08 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 01:06:40 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008.04.14 01:06:40 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008.04.14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.04.13 23:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.12.02 20:26:22 | 000,989,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2007.12.02 20:26:20 | 000,731,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2007.12.02 20:26:20 | 000,211,200 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007.11.28 18:18:24 | 000,062,208 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007.10.24 11:47:26 | 000,023,288 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\synasUSB.sys -- (SynasUSB)
DRV - [2007.09.24 22:35:46 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007.09.10 11:55:00 | 000,161,280 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2007.09.07 11:57:14 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2007.09.06 11:18:40 | 000,018,176 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WaveFDE.sys -- (WaveFDE)
DRV - [2007.08.12 20:05:34 | 002,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel(R)
DRV - [2007.06.29 18:32:56 | 000,187,368 | ---- | M] (XIMETA, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndasscsi.sys -- (ndasscsi)
DRV - [2007.06.29 18:32:54 | 000,372,584 | ---- | M] (XIMETA, Inc.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ndasfat.sys -- (ndasfat)
DRV - [2007.06.29 18:32:54 | 000,075,880 | ---- | M] (XIMETA, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndasbus.sys -- (ndasbus)
DRV - [2007.06.29 18:32:52 | 000,254,440 | ---- | M] (XIMETA, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\lfsfilt.sys -- (lfsfilt)
DRV - [2007.06.29 18:32:52 | 000,062,056 | ---- | M] (XIMETA, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\lpx.sys -- (lpx)
DRV - [2007.06.17 12:43:50 | 000,186,592 | ---- | M] (Jungo) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\windrvr6.sys -- (WinDriver6)
DRV - [2007.05.31 21:11:04 | 000,013,312 | ---- | M] (Topfield (visit www.topfield.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TfBulk.SYS -- (TfBulk)
DRV - [2007.05.31 17:50:20 | 006,727,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007.05.29 17:29:30 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007.04.26 16:29:30 | 000,053,504 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007.04.26 16:29:30 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007.04.26 16:29:28 | 000,073,600 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007.04.26 16:29:28 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007.04.26 16:29:28 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2007.04.26 16:29:26 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007.04.26 16:29:26 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007.04.26 16:29:24 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2007.03.18 17:44:38 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007.02.19 01:27:34 | 001,228,296 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006.12.19 16:21:52 | 000,010,480 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Programme\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
DRV - [2006.11.02 14:32:32 | 000,097,536 | ---- | M] (Knowles Acoustics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dxec01.sys -- (DXEC01)
DRV - [2006.08.18 15:18:06 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006.08.18 15:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006.08.18 15:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006.08.18 15:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006.08.18 15:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006.08.18 15:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006.08.18 15:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006.08.18 15:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006.08.11 13:05:58 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2006.08.11 12:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006.08.11 12:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2006.07.21 13:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2006.01.30 12:18:00 | 000,023,552 | ---- | M] (Telekom) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fwrnusb.sys -- (fwrnusb)
DRV - [2005.09.23 22:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005.08.12 19:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2004.10.14 16:43:02 | 000,052,480 | ---- | M] (OMICRON electronics) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ParCMC.sys -- (ParCMC)
DRV - [2004.08.04 16:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.04 16:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2003.07.24 13:10:34 | 000,017,149 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\DNINDIS5.sys -- (DNINDIS5)
DRV - [2001.08.18 06:22:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001.08.17 16:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001.08.17 16:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001.08.17 16:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001.08.17 16:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001.08.17 16:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001.08.17 15:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001.08.17 15:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001.08.17 15:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001.08.17 15:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001.08.17 15:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001.08.17 15:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001.08.17 15:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001.08.17 15:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001.08.17 15:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.de/ig/dell?hl=de&client=dell-row-rel&channel=de&ibd=1080207
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.de/hws/sb/dell-row-rel/de/side.html?channel=de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.de/ig/dell?hl=de&client=dell-row-rel&channel=de&ibd=1080207
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.de/ig/dell?hl=de&client=dell-row-rel&channel=de&ibd=1080207
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.de/hws/sb/dell-row-rel/de/side.html?channel=de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/hxxp://www.amazon.de/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ytff-divx&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009.12.31 15:47:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Programme\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.06.23 16:30:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.08.02 19:53:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.07.26 11:06:18 | 000,000,000 | ---D | M]
 
[2009.01.24 19:32:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Systemcontrolling\Anwendungsdaten\Mozilla\Extensions
[2010.08.14 22:14:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Systemcontrolling\Anwendungsdaten\Mozilla\Firefox\Profiles\klnn5us4.default\extensions
[2010.08.03 20:14:06 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Systemcontrolling\Anwendungsdaten\Mozilla\Firefox\Profiles\klnn5us4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.07.04 16:44:04 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Systemcontrolling\Anwendungsdaten\Mozilla\Firefox\Profiles\klnn5us4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.09 22:47:58 | 000,000,951 | ---- | M] () -- C:\Dokumente und Einstellungen\Systemcontrolling\Anwendungsdaten\Mozilla\Firefox\Profiles\klnn5us4.default\searchplugins\icqplugin.xml
[2010.08.14 22:14:49 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.05.22 09:05:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.05.22 09:05:04 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.26 11:06:13 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.26 11:06:13 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.26 11:06:13 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.26 11:06:13 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.26 11:06:13 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2004.08.04 16:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programme\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (pdfMachine) - {56CF4856-ECB4-4e46-A897-A378821F97B9} - C:\WINDOWS\system32\bgstb.dll (Broadgun Software)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll (kikin)
O3 - HKLM\..\Toolbar: (Dealio Toolbar) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Programme\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (pdfMachine) - {56CF4856-ECB4-4e46-A897-A378821F97B9} - C:\WINDOWS\system32\bgstb.dll (Broadgun Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (pdfMachine) - {56CF4856-ECB4-4E46-A897-A378821F97B9} - C:\WINDOWS\system32\bgstb.dll (Broadgun Software)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [bgsmsnd.exe] C:\WINDOWS\system32\bgsmsnd.exe (Broadgun Software)
O4 - HKLM..\Run: [ECenter] C:\dell\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [EEventManager] C:\Programme\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [Google Desktop Search] C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [Google Updater] C:\Programme\Google\Google Updater\GoogleUpdater.exe (Google)
O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe (Knowles Acoustics)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PDVDDXSrv] C:\Programme\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Programme\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [SearchSettings] C:\Programme\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SecureUpgrade] C:\Programme\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [USBToolTip] C:\Programme\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe (Pinnacle Systems GmbH)
O4 - HKLM..\Run: [WavXMgr] C:\Programme\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.)
O4 - HKCU..\Run: [EPSON BX310FN Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFHE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [PC Suite Tray] C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AVer HID Receiver.lnk = C:\Programme\Gemeinsame Dateien\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AVerQuick.lnk = C:\Programme\Gemeinsame Dateien\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Manager.lnk = C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\NDAS Device Management.lnk = C:\Programme\NDAS\System\ndasmgmt.exe (XIMETA, Inc.)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Systemcontrolling\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll (kikin)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: SIPROTRACE ([]* in My Computer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\gemsafe: DllName - C:\Programme\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll - C:\Programme\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll (Gemplus)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Systemcontrolling\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Systemcontrolling\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (wvauth) - C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.08.13 14:54:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.15 21:21:52 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Systemcontrolling\Desktop\OTL.exe
[2010.08.15 09:31:42 | 000,000,000 | ---D | C] -- C:\AVZ
[2010.08.14 09:56:47 | 000,000,000 | ---D | C] -- C:\Programme\trend micro
[2010.08.14 09:56:46 | 000,000,000 | ---D | C] -- C:\rsit
[2010.08.14 09:20:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Systemcontrolling\Anwendungsdaten\Malwarebytes
[2010.08.14 09:20:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.08.14 09:19:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.08.14 09:19:59 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.14 09:19:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.08.14 09:15:22 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Systemcontrolling\Recent
[2010.08.14 09:11:56 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.08.10 18:34:14 | 000,000,000 | ---D | C] -- C:\Programme\TopSet
[2010.08.10 18:31:53 | 000,000,000 | ---D | C] -- C:\Programme\Topfield
[2010.07.30 16:01:51 | 000,000,000 | ---D | C] -- C:\Programme\Epson Software
[2010.07.30 13:17:45 | 000,110,592 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\EEBDSCVR.dll
[2010.07.30 13:17:45 | 000,077,824 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\EBAPI.dll
[2010.07.30 13:17:45 | 000,055,808 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\EEBSDKIF.dll
[2010.07.30 12:50:04 | 000,000,000 | ---D | C] -- C:\Programme\EpsonNet
[2010.07.30 12:46:20 | 000,342,016 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\eswiaud.dll
[2010.07.30 12:46:20 | 000,128,392 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\esdevapp.exe
[2010.07.30 12:46:20 | 000,015,872 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\escdev.dll
[2010.07.30 11:27:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Systemcontrolling\Anwendungsdaten\EPSON
[2010.07.30 11:21:51 | 000,000,000 | ---D | C] -- C:\Programme\epson
[2010.07.30 11:17:44 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2010.07.30 10:46:03 | 000,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\PICSDK2.dll
[2010.07.30 10:46:03 | 000,120,992 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\EpPicPrt.dll
[2010.07.30 10:46:03 | 000,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\PICEntry.dll
[2010.07.30 10:46:03 | 000,080,024 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\PICSDK.dll
[2010.07.30 10:46:03 | 000,071,840 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\EPPicMgr.dll
[2010.07.30 10:30:05 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\E_DCINST.DLL
[2010.07.30 10:30:03 | 000,093,696 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FLBFHE.DLL
[2010.07.30 10:30:03 | 000,079,360 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FD4BFHE.DLL
[2010.07.30 10:26:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Systemcontrolling\Eigene Dateien\EpsonNet Config V3
[2010.07.30 10:23:04 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\EPSON
[2010.07.29 21:45:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON
[2010.07.29 09:13:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2010.07.25 18:16:48 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.07.24 17:32:11 | 000,000,000 | ---D | C] -- C:\Programme\Siemens
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.15 21:25:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.15 21:21:49 | 000,043,575 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2010.08.15 21:20:15 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Systemcontrolling\Desktop\OTL.exe
[2010.08.15 21:11:54 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.08.15 21:11:38 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Systemcontrolling\Lokale Einstellungen\Anwendungsdaten\WavXMapDrive.bat
[2010.08.15 21:11:36 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.15 21:11:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.15 21:11:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.15 21:11:29 | 2145,353,728 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.15 14:44:50 | 006,029,312 | -H-- | M] () -- C:\Dokumente und Einstellungen\Systemcontrolling\NTUSER.DAT
[2010.08.14 09:20:03 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.14 09:11:58 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\Systemcontrolling\Desktop\CCleaner.lnk
[2010.08.12 20:38:52 | 000,002,121 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2010.08.12 20:11:39 | 000,000,895 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.08.12 17:17:11 | 000,000,125 | -HS- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2010.08.10 18:34:15 | 000,000,598 | ---- | M] () -- C:\Dokumente und Einstellungen\Systemcontrolling\Desktop\Top Set 2.00.lnk
[2010.08.10 06:10:48 | 000,000,087 | ---- | M] () -- C:\WINDOWS\Altair_1.250.INI
[2010.07.31 14:17:08 | 000,000,000 | ---- | M] () -- C:\WINDOWS\EEventManager.INI
[2010.07.30 16:14:51 | 000,077,685 | ---- | M] () -- C:\Dokumente und Einstellungen\Systemcontrolling\Eigene Dateien\img001.pdf
[2010.07.30 15:38:01 | 000,000,566 | ---- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Systemcontrolling.job
[2010.07.30 12:46:21 | 000,000,665 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EPSON Scan.lnk
[2010.07.27 10:25:01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.07.24 19:14:08 | 000,000,617 | ---- | M] () -- C:\WINDOWS\simeas.ini
[2010.07.24 19:14:08 | 000,000,031 | ---- | M] () -- C:\WINDOWS\SimIndi.Ini
[2010.07.23 10:07:13 | 000,043,575 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.08.14 09:20:03 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.14 09:11:58 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\Systemcontrolling\Desktop\CCleaner.lnk
[2010.08.10 18:34:30 | 000,000,598 | ---- | C] () -- C:\Dokumente und Einstellungen\Systemcontrolling\Desktop\Top Set 2.00.lnk
[2010.08.09 18:51:43 | 000,000,087 | ---- | C] () -- C:\WINDOWS\Altair_1.250.INI
[2010.08.08 22:31:24 | 000,000,842 | ---- | C] () -- C:\Dokumente und Einstellungen\Systemcontrolling\Desktop\CloneDVD2.lnk
[2010.08.08 22:31:13 | 000,000,744 | ---- | C] () -- C:\Dokumente und Einstellungen\Systemcontrolling\Desktop\AnyDVD.lnk
[2010.07.31 14:17:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010.07.30 16:14:51 | 000,077,685 | ---- | C] () -- C:\Dokumente und Einstellungen\Systemcontrolling\Eigene Dateien\img001.pdf
[2010.07.30 12:46:21 | 000,000,665 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\EPSON Scan.lnk
[2010.07.30 10:46:03 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010.07.30 10:46:03 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010.07.30 10:46:03 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010.07.30 10:46:03 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010.07.30 10:46:03 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010.07.30 10:46:03 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010.07.30 10:46:03 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010.07.30 10:46:03 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010.07.30 10:46:03 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010.07.30 10:46:03 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2010.07.30 10:46:03 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010.07.30 10:46:03 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010.07.30 10:46:03 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010.07.30 10:46:03 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010.07.30 10:46:03 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010.07.30 10:46:03 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2010.07.30 10:46:03 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2010.07.30 10:46:03 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010.07.30 10:46:03 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010.07.30 10:46:02 | 000,013,732 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_EN.cfg
[2010.07.30 10:46:02 | 000,006,442 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_IT.cfg
[2010.07.30 10:46:02 | 000,006,347 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_PT.cfg
[2010.07.30 10:46:02 | 000,006,347 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_BP.cfg
[2010.07.30 10:46:02 | 000,006,335 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_GE.cfg
[2010.07.30 10:46:02 | 000,006,195 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_FR.cfg
[2010.07.30 10:46:02 | 000,006,195 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_CF.cfg
[2010.07.30 10:46:02 | 000,006,122 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_DU.cfg
[2010.07.30 10:46:02 | 000,006,103 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_ES.cfg
[2010.07.30 10:46:02 | 000,005,817 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_KO.cfg
[2010.07.30 10:46:02 | 000,005,436 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_SC.cfg
[2010.07.30 10:46:02 | 000,002,889 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_RU.cfg
[2010.07.30 10:46:02 | 000,002,426 | ---- | C] () -- C:\WINDOWS\System32\EPPICLocal_TC.cfg
[2010.07.29 20:45:50 | 000,002,025 | ---- | C] () -- C:\Dokumente und Einstellungen\Systemcontrolling\Desktop\Konfiguration der Telefonanlage.lnk
[2010.07.24 19:14:08 | 000,000,031 | ---- | C] () -- C:\WINDOWS\SimIndi.Ini
[2010.07.11 10:55:53 | 000,000,099 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2010.07.04 14:25:42 | 000,290,816 | ---- | C] () -- C:\WINDOWS\System32\decdll.dll
[2010.06.20 13:24:56 | 000,044,491 | ---- | C] () -- C:\WINDOWS\System32\MiiIniFile13.ini
[2010.06.11 19:09:42 | 000,000,064 | ---- | C] () -- C:\WINDOWS\AVerText.ini
[2010.06.10 17:32:54 | 000,000,135 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010.06.05 19:44:48 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010.06.05 19:42:08 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\AVerIO.dll
[2010.06.05 19:42:08 | 000,003,456 | R--- | C] () -- C:\WINDOWS\System32\AVerIO.sys
[2010.06.05 19:41:43 | 000,598,016 | R--- | C] () -- C:\WINDOWS\System32\sptlib21.dll
[2010.06.05 19:41:43 | 000,307,200 | R--- | C] () -- C:\WINDOWS\System32\sptlib01.dll
[2010.06.05 19:41:43 | 000,294,912 | R--- | C] () -- C:\WINDOWS\System32\sptlib11.dll
[2010.06.05 19:41:43 | 000,290,816 | R--- | C] () -- C:\WINDOWS\System32\sptlib22.dll
[2010.06.05 19:41:43 | 000,249,856 | R--- | C] () -- C:\WINDOWS\System32\sptlib03.dll
[2010.06.05 19:41:43 | 000,225,280 | R--- | C] () -- C:\WINDOWS\System32\sptlib02.dll
[2010.06.05 19:41:43 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\sptlib12.dll
[2010.03.30 21:41:49 | 000,074,120 | ---- | C] () -- C:\WINDOWS\System32\bgsresen.dll
[2010.03.30 21:41:49 | 000,070,024 | ---- | C] () -- C:\WINDOWS\System32\bgsresfr.dll
[2010.03.30 21:41:49 | 000,070,024 | ---- | C] () -- C:\WINDOWS\System32\bgsreses.dll
[2010.03.30 21:41:49 | 000,070,024 | ---- | C] () -- C:\WINDOWS\System32\bgsresde.dll
[2010.03.30 21:41:48 | 000,057,736 | ---- | C] () -- C:\WINDOWS\System32\bgspmnt.dll
[2010.03.29 18:36:17 | 000,000,503 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini
[2010.03.29 18:36:17 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini
[2010.03.29 18:35:41 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\SYNSOACC.dll
[2010.01.21 20:15:47 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7A.DLL
[2010.01.21 13:58:13 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010.01.21 13:55:34 | 000,450,560 | ---- | C] () -- C:\WINDOWS\System32\PEGRC32B.DLL
[2010.01.21 13:46:28 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\oncrpc.dll
[2010.01.21 11:43:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Digsi4.INI
[2010.01.21 11:41:51 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2010.01.21 11:40:03 | 000,103,360 | ---- | C] () -- C:\WINDOWS\System32\S7OSC16X.DLL
[2010.01.21 11:40:03 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\S7OSC32X.DLL
[2010.01.21 11:21:22 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.11.21 19:30:46 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2008.11.21 19:30:46 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2008.10.19 21:08:47 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2008.09.29 20:11:33 | 000,000,357 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2008.02.07 10:55:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2008.02.07 10:55:47 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008.02.07 10:52:52 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2008.02.07 10:52:52 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.02.07 10:45:56 | 000,080,368 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2008.02.07 10:43:22 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2008.02.07 10:43:21 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2008.02.07 10:13:20 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.02.07 10:13:20 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\_nview.dll
[2008.02.07 10:13:20 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.02.07 10:13:20 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.02.07 10:12:02 | 000,001,503 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007.09.13 16:42:30 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2007.09.13 16:42:30 | 000,471,040 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2007.09.13 16:42:28 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2007.09.13 16:42:28 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2007.09.13 16:42:28 | 000,462,848 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2007.09.13 16:42:28 | 000,458,752 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2007.09.13 16:42:26 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2007.09.13 16:42:26 | 000,487,424 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2007.09.13 16:42:26 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2007.09.13 16:42:26 | 000,434,176 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2007.09.13 16:36:24 | 000,438,272 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2007.09.12 17:05:08 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2007.09.12 17:04:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2007.09.12 17:04:26 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2007.09.12 17:04:06 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2007.09.12 17:03:44 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2007.09.12 17:03:24 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2007.09.12 17:03:04 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2007.09.12 17:02:44 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2007.09.12 17:02:22 | 000,102,400 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2007.09.12 17:02:02 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2007.09.10 11:53:26 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2007.06.15 12:19:20 | 000,835,584 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2007.02.21 02:44:30 | 000,001,252 | ---- | C] () -- C:\WINDOWS\System32\OMRN55.INI
[2006.11.07 06:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006.09.17 01:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006.09.17 01:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006.08.14 13:02:10 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2006.08.08 06:02:38 | 000,000,617 | ---- | C] () -- C:\WINDOWS\simeas.ini
[2006.06.12 10:01:16 | 000,348,160 | ---- | C] () -- C:\WINDOWS\tsp.dll
[2005.09.02 16:44:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005.07.22 23:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004.09.10 15:34:00 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004.09.10 15:34:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2004.08.13 15:04:30 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004.08.13 14:51:43 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004.08.13 14:40:35 | 000,585,728 | ---- | C] () -- C:\WINDOWS\System32\png7tqx2.dll
[2004.08.13 14:40:35 | 000,585,728 | ---- | C] () -- C:\WINDOWS\System32\_png7tqx2.dll
[2004.07.20 19:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004.01.15 16:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 114 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:FA5F15C4
@Alternate Data Stream - 112 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
< End of report >
--- --- ---
__________________
Antwort

Themen zu png7tqx2.dll' enthielt TR/Spy.585728.35[trojan]
.dll, antivir, beseitigt, ergebnisse, fehlerbehebung, melde, neustart, poste, posten, problem, software, suche, thema, tr/spy., troja, trojan, virensuche


« Auswertung von Malwarebytes Bericht | Backdoor Trojaner, JAVA Virus? Nach AntiVir Bereinigung und Malewarebites wieder sauber? »


Ähnliche Themen: png7tqx2.dll' enthielt TR/Spy.585728.35[trojan]


  1. Datei xyz.exe enthielt einen Virus und wurde gelöscht
    Plagegeister aller Art und deren Bekämpfung - 12.01.2015 (23)
  2. E-Mail-Anhang geöffnet, der Schadsoftware enthielt; Avira-Meldung versehentlich gelöscht/ignoriert
    Plagegeister aller Art und deren Bekämpfung - 10.01.2015 (13)
  3. Link angeklickt, Seite enthielt merkwürdiges javascript Element.
    Log-Analyse und Auswertung - 28.12.2014 (2)
  4. [Win XP] botnet: ntp-muliplier; desinfect: Trojan.Script.Iframer, Trojan.Heur.TP, Win.Trojan.Iniduoh, Win.Trojan.Ramnit
    Log-Analyse und Auswertung - 08.02.2014 (16)
  5. XYZ.exe enthielt einen Virus und wurde gelöscht - Permanent
    Plagegeister aller Art und deren Bekämpfung - 16.11.2013 (10)
  6. C:\Users\Helmut\AppData\Local\Temp\wpbt0.dll' enthielt einen Virus oder unerwünschtes Programm 'TR/Reveton.N.370' [trojan].
    Log-Analyse und Auswertung - 25.09.2013 (11)
  7. C:\Program Files (x86)\Electronic Arts\FIFA Manager 13\Manager13.exe' enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2'
    Plagegeister aller Art und deren Bekämpfung - 24.08.2013 (3)
  8. Mehrere Trojaner im Temp Ordner (Trojan.Citadel.IE, Trojan.Ransom.CT, Trojan.Zlob)
    Log-Analyse und Auswertung - 14.04.2013 (7)
  9. Trojan.Ransom.ED, Trojan.Agent.ED, Trojan.FakeMS.PRGen und Bublik b. durch Email erhalten?
    Plagegeister aller Art und deren Bekämpfung - 02.04.2013 (29)
  10. BKA-Trojaner u.a. (Trojan.Bublik, Trojan-Ransom.Foreign, Worm.Cridex, Trojan.Yakes)
    Log-Analyse und Auswertung - 17.03.2013 (4)
  11. Bei Adresse vertippt, nun unsicher ob die Seite Viren enthielt
    Plagegeister aller Art und deren Bekämpfung - 08.03.2013 (4)
  12. Wohl mehrere Viren: Rootkit.0Access Trojan.Zaccess Trojan.RansomP.Gen Trojan.Agent bzw. TR/ATRAPS.Gen2
    Plagegeister aller Art und deren Bekämpfung - 25.09.2012 (13)
  13. Trojan.Apppatch,Trojan.Agent.BVXGen und Trojan.Midhos in C:\Users\inet-kid\AppData,TR/ATRAPS.Gen2
    Plagegeister aller Art und deren Bekämpfung - 13.09.2012 (35)
  14. Hilfe! Trojan.Small; Trojan.Sirefef; Rootkit.0Access; Trojan.Atraps.Gen2 auf meinem Rechner.
    Plagegeister aller Art und deren Bekämpfung - 29.06.2012 (11)
  15. Vermeintlicher Patch für Internet Explorer enthielt Trojaner
    Nachrichten - 12.11.2010 (0)
  16. png777fh.dll' enthielt TR/Spy.585728.35[trojan]
    Plagegeister aller Art und deren Bekämpfung - 12.08.2010 (24)
  17. Diverse Trojaner vom Typ Trojan.Rodecap, Trojan.Dropper und Trojan.Agent! Brauche dringend Hilfe!
    Log-Analyse und Auswertung - 09.08.2010 (16)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema png7tqx2.dll' enthielt TR/Spy.585728.35[trojan] - Hallo, mein Thema wurde bei euch schon mal behandelt. siehe: png777fh.dll' enthielt TR/Spy.585728.35[trojan] Bei mir stellt sich das Problem genauso dar, AntiVir meldet leider ist er wie im o.g. Thema - png7tqx2.dll' enthielt TR/Spy.585728.35[trojan]...
Archiv
Du betrachtest: png7tqx2.dll' enthielt TR/Spy.585728.35[trojan] auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55