Fortsetzung ... Code:
OTL logfile created on: 04.07.2013 00:24:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
502,42 Mb Total Physical Memory | 112,44 Mb Available Physical Memory | 22,38% Memory free
1,20 Gb Paging File | 0,76 Gb Available in Paging File | 63,27% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 36,76 Gb Free Space | 49,33% Space Free | Partition Type: NTFS
Computer Name: JOSEF | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\EaseUS\Todo Backup\bin\GuardAgent.exe (CHENGDU YIWO Tech Development Co., Ltd)
PRC - C:\Programme\EaseUS\Todo Backup\bin\TrayNotify.exe (CHENGDU YIWO Tech Development Co., Ltd)
PRC - C:\Programme\EaseUS\Todo Backup\bin\EuWatch.exe (CHENGDU YIWO Tech Development Co., Ltd)
PRC - C:\Programme\EaseUS\Todo Backup\bin\Agent.exe (CHENGDU YIWO Tech Development Co., Ltd)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Marmiko Shared\MWLaMaS.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\TCtrlIOHook.exe (TOSHIBA)
PRC - C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\WINDOWS\system32\TPSBattM.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\Accessibility\FnKeyHook.exe (TOSHIBA)
PRC - C:\Programme\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
PRC - C:\Programme\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
PRC - C:\Programme\TOSHIBA\TOSHIBA Controls\TFncKy.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\Bluetooth Monitor\BtMon2.exe ()
PRC - C:\WINDOWS\system32\ZoomingHook.exe (TOSHIBA)
PRC - C:\Programme\TOSHIBA\Touch and Launch\PadExe.exe (TOSHIBA)
PRC - C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
PRC - C:\WINDOWS\system32\DVDRAMSV.exe (Matsushita Electric Industrial Co., Ltd.)
PRC - C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
========== Modules (No Company Name) ==========
MOD - C:\Programme\AVAST Software\Avast\defs\13070300\algo.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\TbTapeBrowse.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\TBFireWall.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\NASOperator.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\ExImage.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\ExchBackupSizeEx.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\ExchBackupSize.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\EnumTapeDevice.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\CloudOperator.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\CodeLog.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\ActivationOnline.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\ActiveOnline.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\CompressFile.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\AccountManager.dll ()
MOD - C:\WINDOWS\system32\sst7clm.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\libxml2.dll ()
MOD - C:\Programme\TOSHIBA\TouchPad\TPECioctl.dll ()
MOD - C:\WINDOWS\system32\EKECioCtl.dll ()
MOD - C:\Programme\EaseUS\Todo Backup\bin\zlib1.dll ()
MOD - C:\Programme\TOSHIBA\Bluetooth Monitor\BtMon2.exe ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (Guard Agent) -- C:\Programme\EaseUS\Todo Backup\bin\GuardAgent.exe (CHENGDU YIWO Tech Development Co., Ltd)
SRV - (EaseUS Agent) -- C:\Programme\EaseUS\Todo Backup\bin\Agent.exe (CHENGDU YIWO Tech Development Co., Ltd)
SRV - (MZCCntrl) -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
SRV - (CFSvcs) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (DVD-RAM_Service) -- C:\WINDOWS\system32\DVDRAMSV.exe (Matsushita Electric Industrial Co., Ltd.)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (mbr) -- C:\DOKUME~1\JOSEFC~1\LOKALE~1\Temp\mbr.sys File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys ()
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys ()
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (AswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (EUFDDISK) -- C:\WINDOWS\system32\drivers\EuFdDisk.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV - (EUBKMON) -- C:\WINDOWS\system32\drivers\EUBKMON.sys ()
DRV - (EUDSKACS) -- C:\WINDOWS\system32\drivers\eudskacs.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV - (EUBAKUP) -- C:\WINDOWS\system32\drivers\eubakup.sys (CHENGDU YIWO Tech Development Co., Ltd)
DRV - (MTOnlPktAlyX) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys ()
DRV - (MIINPazX) -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MInfraIS\MIINPazx.sys (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
DRV - (MACNDIS5) -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MAcNdis5.sys (Marmiko IT-Solutions GmbH)
DRV - (rt2500usb) -- C:\WINDOWS\system32\drivers\rt2500usb.sys (Ralink Technology Inc.)
DRV - (AR5211) -- C:\WINDOWS\system32\drivers\ar5211.sys (Atheros Communications, Inc.)
DRV - (TPwSav) -- C:\WINDOWS\system32\drivers\TPwSav.sys (TOSHIBA )
DRV - (SPCtl) -- C:\Programme\TOSHIBA\Windows Utilities\spDispatch.sys (TOSHIBA )
DRV - (HWSCtrl) -- C:\Programme\TOSHIBA\TOSHIBA Applet\HWS_IoDispatch.sys ()
DRV - (TCtrlIO) -- C:\WINDOWS\system32\drivers\TCtrlIO.sys (TOSHIBA )
DRV - (StickyMesger) -- C:\Programme\TOSHIBA\Accessibility\StickyMesger.sys (TOSHIBA)
DRV - (TPECioCtl) -- C:\Programme\TOSHIBA\TouchPad\TPECioCtl.sys (TOAHIBA, )
DRV - (EKECioCtl) -- C:\Programme\TOSHIBA\E-KEY\EKECioCtl.sys (TOAHIBA, )
DRV - (Tvs) -- C:\WINDOWS\system32\drivers\Tvs.sys (TOSHIBA Corporation)
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (USTOR) -- C:\WINDOWS\system32\drivers\UStork.sys (USB Mass Storage.)
DRV - (w29n51) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (ALCXWDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (SerTVOutCtlr) -- C:\WINDOWS\system32\drivers\EPIOMngr.sys (COMPAL ELECTRONIC INC.)
DRV - (SrvcSSIOMngr) -- C:\Programme\TOSHIBA\E-KEY\SSIOMngr.sys (COMPAL ELECTRONIC INC.)
DRV - (SrvcEKIOMngr) -- C:\Programme\TOSHIBA\E-KEY\EKIOMngr.sys (COMPAL ELECTRONIC INC.)
DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMSC)
DRV - (tosrfec) -- C:\WINDOWS\system32\drivers\Tosrfec.sys (TOSHIBA Corporation)
DRV - (meiudf) -- C:\WINDOWS\system32\drivers\meiudf.sys (Matsushita Electric Industrial Co.,Ltd.)
DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=3.2&ts=1372704221234&tguid=46364-3869-1372704221234-6D69D784372C6797BEF643EB6596AAC4&q={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dsl-start.computerbild.de/
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://t-online.de/ [binary data]
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = about:newtab
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = about:newtab
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = about:newtab
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GGIT_de
IE - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Programme\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\Lyrics@LyricsContainer.co: C:\Programme\LyricsContainer\116.xpi
[2013.07.01 19:33:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
O1 HOSTS File: ([2006.08.04 11:56:44 | 000,000,847 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (HomeTab) - {ba696155-d96e-4281-b467-0367a0456474} - C:\Dokumente und Einstellungen\***\Anwendungsdaten\HomeTab\HomeTab.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (HomeTab) - {ba696155-d96e-4281-b467-0367a0456474} - C:\Dokumente und Einstellungen\***\Anwendungsdaten\HomeTab\HomeTab.dll File not found
O3 - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CeEKEY] C:\Programme\TOSHIBA\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EaseUs Tray] C:\Programme\EaseUS\Todo Backup\bin\TrayNotify.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [EaseUs Watch] C:\Programme\EaseUS\Todo Backup\bin\EuWatch.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [HWSetup] C:\Programme\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [PadTouch] C:\Programme\TOSHIBA\Touch and Launch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl05a\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [SetDefPrt2] C:\Programme\Brother\Brmfl06a\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Programme\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TCtryIOHook] C:\WINDOWS\System32\TCtrlIOHook.exe (TOSHIBA)
O4 - HKLM..\Run: [TFncKy] TFncKy.exe File not found
O4 - HKLM..\Run: [TOSHIBA Accessibility] C:\Programme\TOSHIBA\Accessibility\FnKeyHook.exe (TOSHIBA)
O4 - HKLM..\Run: [TPNF] C:\Programme\TOSHIBA\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Tvs] C:\Programme\TOSHIBA\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Zooming] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)
O4 - HKU\.DEFAULT..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKU\S-1-5-18..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKU\S-1-5-21-391628973-3864207608-2691049925-1006..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKU\S-1-5-21-391628973-3864207608-2691049925-1006..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth Monitor.lnk = C:\Programme\TOSHIBA\Bluetooth Monitor\BtMon2.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-391628973-3864207608-2691049925-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1362509239116 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1362583177625 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 1.7.0_17)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 1.7.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9056B900-B80B-49E2-B404-419035422A73}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\dokume~1\alluse~1\anwend~1\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.12.27 13:59:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{006dd44c-7a78-11e1-9b3c-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{006dd44c-7a78-11e1-9b3c-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{006dd44c-7a78-11e1-9b3c-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{006dd44d-7a78-11e1-9b3c-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{006dd44d-7a78-11e1-9b3c-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{006dd44d-7a78-11e1-9b3c-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{097e0120-894f-11e1-9b51-000fb08be9d9}\Shell - "" = AutoRun
O33 - MountPoints2\{097e0120-894f-11e1-9b51-000fb08be9d9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{097e0120-894f-11e1-9b51-000fb08be9d9}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{1cd3ffc0-7ffb-11e1-9b4d-ba8cd511fb9d}\Shell - "" = AutoRun
O33 - MountPoints2\{1cd3ffc0-7ffb-11e1-9b4d-ba8cd511fb9d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1cd3ffc0-7ffb-11e1-9b4d-ba8cd511fb9d}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{20f26a6e-7e53-11e1-9b47-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{20f26a6e-7e53-11e1-9b47-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{20f26a6e-7e53-11e1-9b47-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{20f26a6f-7e53-11e1-9b47-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{20f26a6f-7e53-11e1-9b47-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{20f26a6f-7e53-11e1-9b47-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{2e12662e-7e71-11e1-9b4a-fd9cc8130f9e}\Shell - "" = AutoRun
O33 - MountPoints2\{2e12662e-7e71-11e1-9b4a-fd9cc8130f9e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2e12662e-7e71-11e1-9b4a-fd9cc8130f9e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5a8c43ac-7a67-11e1-9b38-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{5a8c43ac-7a67-11e1-9b38-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5a8c43ac-7a67-11e1-9b38-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{6a45b86e-7e59-11e1-9b48-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{6a45b86e-7e59-11e1-9b48-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6a45b86e-7e59-11e1-9b48-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{6d3e87bb-1eb5-11e2-9bb5-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{6d3e87bb-1eb5-11e2-9bb5-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6d3e87bb-1eb5-11e2-9bb5-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{6d3e87be-1eb5-11e2-9bb5-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{6d3e87be-1eb5-11e2-9bb5-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6d3e87be-1eb5-11e2-9bb5-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{6f25c038-7a83-11e1-9b3f-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{6f25c038-7a83-11e1-9b3f-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6f25c038-7a83-11e1-9b3f-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{6f25c03b-7a83-11e1-9b3f-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{6f25c03b-7a83-11e1-9b3f-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6f25c03b-7a83-11e1-9b3f-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{70f4abc6-7a7f-11e1-9b3e-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{70f4abc6-7a7f-11e1-9b3e-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{70f4abc6-7a7f-11e1-9b3e-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{70f4abc7-7a7f-11e1-9b3e-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{70f4abc7-7a7f-11e1-9b3e-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{70f4abc7-7a7f-11e1-9b3e-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{72d51078-7e50-11e1-9b45-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{72d51078-7e50-11e1-9b45-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{72d51078-7e50-11e1-9b45-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{7f619860-8f9f-11e1-9b5a-000fb08be9d9}\Shell - "" = AutoRun
O33 - MountPoints2\{7f619860-8f9f-11e1-9b5a-000fb08be9d9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{7f619860-8f9f-11e1-9b5a-000fb08be9d9}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{90c76efc-7a54-11e1-9b36-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{90c76efc-7a54-11e1-9b36-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{90c76efc-7a54-11e1-9b36-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{92859bea-7a63-11e1-9b37-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{92859bea-7a63-11e1-9b37-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{92859bea-7a63-11e1-9b37-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{92859beb-7a63-11e1-9b37-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{92859beb-7a63-11e1-9b37-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{92859beb-7a63-11e1-9b37-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a15ed934-822d-11e1-9b4f-000fb08be9d9}\Shell - "" = AutoRun
O33 - MountPoints2\{a15ed934-822d-11e1-9b4f-000fb08be9d9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a15ed934-822d-11e1-9b4f-000fb08be9d9}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a15ed935-822d-11e1-9b4f-000fb08be9d9}\Shell - "" = AutoRun
O33 - MountPoints2\{a15ed935-822d-11e1-9b4f-000fb08be9d9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{a15ed935-822d-11e1-9b4f-000fb08be9d9}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{c49e08a8-7a89-11e1-9b40-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{c49e08a8-7a89-11e1-9b40-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c49e08a8-7a89-11e1-9b40-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{dadf4d86-7e51-11e1-9b46-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{dadf4d86-7e51-11e1-9b46-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{dadf4d86-7e51-11e1-9b46-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{f911ef39-7a7b-11e1-9b3d-0012f0c23384}\Shell - "" = AutoRun
O33 - MountPoints2\{f911ef39-7a7b-11e1-9b3d-0012f0c23384}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f911ef39-7a7b-11e1-9b3d-0012f0c23384}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.07.04 00:18:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.07.04 00:16:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe
[2013.07.03 22:56:16 | 000,700,783 | R--- | C] (Swearware) -- C:\Dokumente und Einstellungen\***\Desktop\dds+.exe
[2013.07.03 22:29:00 | 000,000,000 | ---D | C] -- C:\FRST
[2013.07.03 22:26:21 | 001,372,941 | ---- | C] (Farbar) -- C:\Dokumente und Einstellungen\***\Desktop\FRST.exe
[2013.07.03 20:15:20 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013.07.03 20:11:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes
[2013.07.03 20:09:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2013.07.03 20:09:47 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.07.03 20:09:47 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2013.07.03 15:19:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner
[2013.07.03 15:13:55 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***\Recent
[2013.07.01 20:39:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Package Cache
[2013.07.01 19:45:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\MyPhoneExplorer
[2013.07.01 19:44:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MyPhoneExplorer
[2013.07.01 19:44:24 | 000,000,000 | ---D | C] -- C:\Programme\MyPhoneExplorer
[2013.07.01 19:35:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Extensions
[2013.07.01 19:35:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\searchplugins
[2013.07.01 19:33:15 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.07.04 00:35:00 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{FD17DFBD-04D6-4F8D-92D8-41CA67B86C93}.job
[2013.07.04 00:33:00 | 000,000,432 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{FF16EB21-4D3E-4D40-A9B7-20C03EBABCCB}.job
[2013.07.04 00:16:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe
[2013.07.04 00:08:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.07.03 23:45:08 | 000,139,264 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\SystemLook.exe
[2013.07.03 22:56:29 | 000,700,783 | R--- | M] (Swearware) -- C:\Dokumente und Einstellungen\***\Desktop\dds+.exe
[2013.07.03 22:26:21 | 001,372,941 | ---- | M] (Farbar) -- C:\Dokumente und Einstellungen\***\Desktop\FRST.exe
[2013.07.03 22:13:59 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.07.03 22:11:53 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.07.03 22:11:48 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2013.07.03 22:11:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.07.03 22:09:54 | 000,770,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.07.03 22:09:54 | 000,369,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.07.03 22:09:54 | 000,175,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.07.03 22:09:54 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.07.03 22:09:54 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.07.03 22:09:54 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.07.03 22:08:58 | 000,002,951 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013.07.03 21:21:17 | 000,650,027 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\adwcleaner.exe
[2013.07.03 20:15:20 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013.07.03 20:09:58 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.03 19:59:59 | 000,000,210 | -HS- | M] () -- C:\boot.ini
[2013.07.01 21:30:23 | 000,078,848 | ---- | M] () -- C:\1031.MST
[2013.07.01 21:30:20 | 000,015,904 | ---- | M] () -- C:\0x0407.ini
[2013.07.01 19:53:22 | 001,114,112 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Outlook.pst
[2013.07.01 19:50:12 | 000,002,593 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Outlook.lnk
[2013.07.01 19:44:44 | 000,001,720 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MyPhoneExplorer.lnk
[2013.06.26 15:00:39 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Office Word 2003.lnk
[2013.06.26 14:53:19 | 000,233,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.06.26 10:45:17 | 000,507,808 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.06.26 10:45:17 | 000,485,588 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.06.26 10:45:17 | 000,097,178 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.06.26 10:45:17 | 000,081,410 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.06.20 09:15:27 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.06.20 09:15:20 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.07.03 23:45:08 | 000,139,264 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\SystemLook.exe
[2013.07.03 22:09:54 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.07.03 22:09:54 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.07.03 22:09:54 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.07.03 21:21:02 | 000,650,027 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\adwcleaner.exe
[2013.07.03 20:09:58 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.01 21:36:53 | 000,078,848 | ---- | C] () -- C:\1031.MST
[2013.07.01 21:36:53 | 000,015,904 | ---- | C] () -- C:\0x0407.ini
[2013.07.01 20:49:39 | 000,023,624 | ---- | C] () -- C:\WINDOWS\Launcher.exe
[2013.07.01 19:44:44 | 000,001,720 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MyPhoneExplorer.lnk
[2013.03.12 12:42:17 | 000,040,648 | ---- | C] () -- C:\WINDOWS\System32\drivers\EUBKMON.sys
[2013.03.09 15:15:36 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.03.09 15:15:35 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.01.01 09:40:11 | 000,302,592 | R--- | C] () -- C:\WINDOWS\System32\SaXPWIA.dll
[2013.01.01 09:40:11 | 000,145,920 | R--- | C] () -- C:\WINDOWS\System32\SaXPUIEx.dll
[2012.02.17 09:46:35 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\{F600259E-3D22-4322-82C2-A4A1322DC0CE}
[2012.01.09 13:50:07 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\sst7clm.dll
[2008.04.25 13:24:09 | 000,002,508 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\$_hpcst$.hpc
[2007.12.18 17:16:32 | 000,015,107 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\AVSDVDPlayer.m3u
[2006.09.13 18:54:35 | 000,001,763 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2006.08.04 12:04:34 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006.05.14 21:02:43 | 000,014,336 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005.12.13 19:27:14 | 000,000,145 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2005.09.05 14:54:12 | 000,006,070 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\wklnhst.dat
========== ZeroAccess Check ==========
[2004.12.27 14:08:44 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.03.05 21:27:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ashampoo
[2013.03.09 15:08:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2007.02.05 19:02:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BTrieve
[2007.02.05 14:22:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Haufe
[2007.02.05 14:25:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware
[2013.07.01 20:59:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Package Cache
[2007.11.05 13:11:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2013.01.01 09:43:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2007.06.25 16:25:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2008.10.28 15:32:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2005.09.10 15:17:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL
[2004.12.28 16:35:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\toshiba
[2013.02.10 11:37:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Ashampoo
[2010.09.27 13:25:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ElevatedDiagnostics
[2007.02.05 19:15:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Haufe
[2005.09.05 15:03:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\InterVideo
[2007.02.05 19:02:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Lexware
[2013.07.01 19:45:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\MyPhoneExplorer
[2008.10.11 13:51:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ScanSoft
[2007.11.07 16:42:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Sony Setup
[2007.06.25 16:25:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\T-Online
[2005.09.05 14:54:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Template
[2004.12.28 16:35:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\toshiba
========== Purity Check ==========
< End of report > Code:
OTL Extras logfile created on: 04.07.2013 00:24:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
502,42 Mb Total Physical Memory | 112,44 Mb Available Physical Memory | 22,38% Memory free
1,20 Gb Paging File | 0,76 Gb Available in Paging File | 63,27% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 36,76 Gb Free Space | 49,33% Space Free | Partition Type: NTFS
Computer Name: JOSEF | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\ADAC\ACCF2006_2\ADAC_Browser.exe" = C:\Programme\ADAC\ACCF2006_2\ADAC_Browser.exe:*:Disabled:ADAC_Browser
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\LEGO Media\Games\LEGO Schach\Lego Chess.exe" = C:\Programme\LEGO Media\Games\LEGO Schach\Lego Chess.exe:*:Disabled:Lego Chess
"C:\Programme\ADAC\ACCF2006_1\ADAC_Browser.exe" = C:\Programme\ADAC\ACCF2006_1\ADAC_Browser.exe:*:Disabled:ADAC_Browser
"C:\WINDOWS\system32\spool\drivers\w32x86\3\SAGENT4.EXE" = C:\WINDOWS\system32\spool\drivers\w32x86\3\SAGENT4.EXE:*:Enabled:SAgent4 -- (SEIKO EPSON CORPORATION)
"C:\Programme\Internet Explorer\iexplore.exe" = C:\Programme\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programme\EaseUS\Todo Backup\bin\Agent.exe" = C:\Programme\EaseUS\Todo Backup\bin\Agent.exe:*:Enabled:Agent.exe -- (CHENGDU YIWO Tech Development Co., Ltd)
"C:\Programme\EaseUS\Todo Backup\bin\TbService.exe" = C:\Programme\EaseUS\Todo Backup\bin\TbService.exe:*:Enabled:TbService.exe -- (CHENGDU YIWO Tech Development Co., Ltd)
"C:\Programme\EaseUS\Todo Backup\bin\TBConsoleUI.exe" = C:\Programme\EaseUS\Todo Backup\bin\TBConsoleUI.exe:*:Enabled:Local TBConsoleUI.exe -- (CHENGDU YIWO Tech Development Co., Ltd)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{05832D65-6EDB-4D32-BA78-BCD0E2B91C02}" = Atheros Wireless LAN MiniPCI card Driver
"{109D28C7-FB38-483A-9C91-001CB59E2699}" = EPSON CardMonitor
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{188BA1CC-F3A1-49B0-A34D-8C861C64E1AE}" = TOSHIBA Benutzerhandbücher
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23B59B9F-C360-11D7-875B-0090CC005647}" = PIF DESIGNER2.1
"{23B59ED4-C360-11D7-875B-0090CC005647}" = EPSON PRINT Image Framer Tool2.1
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3879E12E-DA5B-4451-B973-DA0E2FEE7039}" = Garmin City Navigator Europe v8
"{3a4935b3-b7a0-4065-8ccc-0030471b33f1}_is1" = HomeTab 3.2
"{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility
"{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}" = Google Earth
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD-Speicherkarten-Formatierung
"{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{59FDFDFB-52FE-45B1-8A2A-A00079B07FF0}" = TOSHIBA Power Saver Driver
"{5BCA8D15-BCB6-421E-9654-238B43456A4F}" = TOSHIBA Controls Driver
"{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch
"{61539202-097E-487E-9237-B291AB56D54C}" = Bluetooth Monitor 2
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zoom-Dienstprogramm
"{65F5B7AF-3363-11D7-BB6B-00018021113F}" = EPSON PhotoQuicker3.5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73B2BC65-F997-4208-AEE5-CF8B809A3A71}" = TIxx21/x515
"{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility
"{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}" = Brother MFL-Pro Suite
"{9B2ADD3A-AFAF-4622-AC6F-C86FF36CC245}" = USB Flash Disk Utility
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM-Treiber
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B1275E23-717A-4D52-997A-1AD1E24BC7F3}" = T-Online 6.0
"{B1310222-C64A-4E1E-ABE7-2489B33955FB}" = TOSHIBA PC-Diagnose-Tool
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C24C3F25-CC7F-41D5-B03D-24F8059BABAD}" = Garmin USB Drivers
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{C48817E7-AA05-4151-A99D-1E1E550CE801}" = EPSON PhotoStarter3.1
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}" = SMSC IrCC V5.1.3600.5 SP2
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCE19796-1ADF-42DF-81D8-3563867FC2C2}" = TOSHIBA Zooming Hook
"{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Ashampoo Burning Studio 6" = Ashampoo Burning Studio 6
"avast" = avast! Free Antivirus
"AVS DVD Player_is1" = AVS DVD Player version 2.4
"CCleaner" = CCleaner
"ClearProg" = ClearProg 1.5.0 Final
"EaseUS Todo Backup Free 5.6_is1" = EaseUS Todo Backup Free 5.6
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Google Updater" = Google Updater
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{73B2BC65-F997-4208-AEE5-CF8B809A3A71}" = Texas Instruments PCIxx21/x515 drivers.
"InstallShield_{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey-Dienstprogramm
"InstallShield_{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = Touchpad EIN/AUS-Utility
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mobile Partner" = Mobile Partner
"MPE" = MyPhoneExplorer
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Picasa 3" = Picasa 3
"Power Saver" = TOSHIBA Power Saver
"Revo Uninstaller" = Revo Uninstaller 1.75
"Samsung Printer Live Update" = Samsung Printer Live Update
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.04.2013 09:48:42 | Computer Name = JOSEF | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 13.04.2013 09:49:53 | Computer Name = JOSEF | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 1180947459.
Error - 13.04.2013 13:17:28 | Computer Name = JOSEF | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 01.07.2013 14:12:57 | Computer Name = JOSEF | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 01.07.2013 14:51:12 | Computer Name = JOSEF | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung explorer.exe, Version 6.0.2900.5512, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 01.07.2013 14:57:12 | Computer Name = JOSEF | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung hometab.tmp, Version 51.1052.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 01.07.2013 14:57:14 | Computer Name = JOSEF | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung hometab.tmp, Version 51.1052.0.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 01.07.2013 15:10:51 | Computer Name = JOSEF | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 8.0.6001.18702, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 01.07.2013 15:19:01 | Computer Name = JOSEF | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung explorer.exe, Version 6.0.2900.5512, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 01.07.2013 15:19:03 | Computer Name = JOSEF | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung explorer.exe, Version 6.0.2900.5512, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
[ System Events ]
Error - 03.07.2013 07:40:57 | Computer Name = JOSEF | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Infrarotüberwachung" ist vom Dienst "Terminaldienste"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 03.07.2013 08:31:49 | Computer Name = JOSEF | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.179.39 für die Netzwerkkarte mit der Netzwerkadresse
0012F0C23384 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat
eine DHCPNACK-Meldung gesendet).
Error - 03.07.2013 13:13:05 | Computer Name = JOSEF | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Infrarotüberwachung" ist vom Dienst "Terminaldienste"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 03.07.2013 13:13:05 | Computer Name = JOSEF | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WebCake Desktop Updater" wurde aufgrund folgenden Fehlers
nicht gestartet: %%3
Error - 03.07.2013 13:56:15 | Computer Name = JOSEF | Source = Service Control Manager | ID = 7031
Description = Der Dienst "BrowserDefendert" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Starten Sie den Dienst neu..
Error - 03.07.2013 13:56:44 | Computer Name = JOSEF | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "BrowserDefendert" Korrekturmaßnahmen (Starten Sie den Dienst neu.)
durchzuführen, ist fehlgeschlagen. Fehler: %%1056
Error - 03.07.2013 14:02:30 | Computer Name = JOSEF | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WebCake Desktop Updater" wurde aufgrund folgenden Fehlers
nicht gestartet: %%3
Error - 03.07.2013 15:27:35 | Computer Name = JOSEF | Source = Service Control Manager | ID = 7000
Description = Der Dienst "WebCake Desktop Updater" wurde aufgrund folgenden Fehlers
nicht gestartet: %%3
Error - 03.07.2013 15:28:11 | Computer Name = JOSEF | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
IntelIde
Error - 03.07.2013 16:57:52 | Computer Name = JOSEF | Source = Service Control Manager | ID = 7016
Description = Der Dienst "BrSplService" hat einen ungültigen aktuellen Status gemeldet:
0
< End of report > |