OTL Logfile: Code:
OTL logfile created on: 13.02.2012 20:26:31 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Admin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
2.93 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 74.00% Memory free
4.77 Gb Paging File | 4.16 Gb Available in Paging File | 87.20% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298.08 Gb Total Space | 259.51 Gb Free Space | 87.06% Space Free | Partition Type: NTFS
Computer Name: HBSPC01 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Admin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\ouc.exe ()
PRC - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\HWDeviceService.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Addon\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG)
PRC - C:\Programme\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
PRC - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Programme\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe ()
PRC - C:\Programme\Adobe\Photoshop Elements 5.0\apdproxy.exe (Adobe Systems Incorporated)
PRC - C:\Addon\Fujitsu\SSUtility\FJSSDMN.exe (FUJITSU LIMITED)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\Programme\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
PRC - C:\Addon\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
PRC - C:\Programme\Fujitsu\BtnHnd\BtnHnd.exe (FUJITSU LIMITED)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\yorhhorz.default\extensions\{a1137e37-cecc-4cbb-ba8f-e598748d4bd3}\components\RadioWMPCoreGecko10.dll ()
MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\ouc.exe ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\QtNetwork4.dll ()
MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\QtCore4.dll ()
MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll ()
MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mobile Partner\OnlineUpdate\mingwm10.dll ()
MOD - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\HWDeviceService.exe ()
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - \\?\globalroot\systemroot\system32\mswsock.dll ()
MOD - \\.\globalroot\systemroot\system32\mswsock.dll ()
MOD - C:\Programme\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe ()
MOD - C:\WINDOWS\system32\redmonnt.dll ()
========== Win32 Services (SafeList) ==========
SRV - (WscNetDr) -- File not found
SRV - (VX3000) -- File not found
SRV - (UPATC) -- File not found
SRV - (TomTomHOMEService) -- File not found
SRV - (sscdserd) -- File not found
SRV - (SPFDRV) -- File not found
SRV - (se26unic) -- File not found
SRV - (sbcssvc) -- File not found
SRV - (sandboxu) -- File not found
SRV - (s3ssavage) -- File not found
SRV - (Rawwan) -- File not found
SRV - (qkbfiltr) -- File not found
SRV - (MSFWDrv) -- File not found
SRV - (mqdmserd) -- File not found
SRV - (monfilt) -- File not found
SRV - (mcods) -- File not found
SRV - (LUsbFilt) -- File not found
SRV - (imagedrv) -- File not found
SRV - (HWDeviceService.exe) -- File not found
SRV - (hsxhwazl) -- File not found
SRV - (hcf_msft) -- File not found
SRV - (getPlusHelper) getPlus(R) -- File not found
SRV - (gagp30kx) -- File not found
SRV - (euq_monitor) -- File not found
SRV - (DSI_SiUSBXp_3_1) -- File not found
SRV - (btwavdt) -- File not found
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Mobile Partner. RunOuc) -- C:\Programme\Mobile Partner\UpdateDog\ouc.exe ()
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (hap16v2k) -- C:\WINDOWS\system32\icollectservice.dll (Oak Technology Inc.)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (TOSHIBA Bluetooth Service) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AdobeActiveFileMonitor5.0) -- C:\Programme\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe ()
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
========== Driver Services (SafeList) ==========
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (ew_hwusbdev) -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_enumerator) -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (seehcri) -- C:\WINDOWS\system32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (FJGSDisk) -- C:\WINDOWS\system32\DRIVERS\FJGSDisk.sys (FUJITSU LIMITED)
DRV - (NETw5x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (IntcHdmiAddService) Intel(R) -- C:\WINDOWS\system32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (mf) -- C:\WINDOWS\system32\drivers\mf.sys (Microsoft Corporation)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (S3SavageNB) -- C:\WINDOWS\system32\drivers\s3gnbm.sys (S3 Graphics, Inc.)
DRV - (O2SCBUS) -- C:\WINDOWS\system32\drivers\ozscr.sys (O2Micro)
DRV - (e1yexpress) Intel(R) -- C:\WINDOWS\system32\drivers\e1y5132.sys (Intel Corporation)
DRV - (tosporte) -- C:\WINDOWS\system32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (HECI) Intel(R) -- C:\WINDOWS\system32\drivers\HECI.sys (Intel Corporation)
DRV - (tosrfbd) -- C:\WINDOWS\system32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (Tosrfhid) -- C:\WINDOWS\system32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (O2MDRDR) -- C:\WINDOWS\system32\drivers\o2media.sys (O2Micro )
DRV - (TosRfSnd) -- C:\WINDOWS\system32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (O2SDRDR) -- C:\WINDOWS\system32\drivers\o2sd.sys (O2Micro )
DRV - (tosrfbnp) -- C:\WINDOWS\system32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (tosrfusb) -- C:\WINDOWS\system32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (Tosrfcom) -- C:\WINDOWS\system32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (LVUVC) WebCam(UVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (lvselsus) -- C:\WINDOWS\system32\drivers\lvselsus.sys (Logitech Inc.)
DRV - (FilterService) -- C:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (IFXTPM) -- C:\WINDOWS\system32\drivers\ifxtpm.sys (Infineon Technologies AG)
DRV - (se44unic) Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM) -- C:\WINDOWS\system32\drivers\se44unic.sys (MCCI)
DRV - (se44obex) -- C:\WINDOWS\system32\drivers\se44obex.sys (MCCI)
DRV - (se44mgmt) Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\se44mgmt.sys (MCCI)
DRV - (se44mdm) -- C:\WINDOWS\system32\drivers\se44mdm.sys (MCCI)
DRV - (se44mdfl) -- C:\WINDOWS\system32\drivers\se44mdfl.sys (MCCI)
DRV - (se44bus) Sony Ericsson Device 068 driver (WDM) -- C:\WINDOWS\system32\drivers\se44bus.sys (MCCI)
DRV - (se44nd5) Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS) -- C:\WINDOWS\system32\drivers\se44nd5.sys (MCCI)
DRV - (BtnHnd) -- C:\Programme\Fujitsu\BtnHnd\BtnHnd.sys (FUJITSU LIMITED)
DRV - (FUJ02E3) -- C:\WINDOWS\system32\drivers\fuj02e3.sys (FUJITSU LIMITED)
DRV - (SMCIRDA) -- C:\WINDOWS\system32\drivers\smcirda.sys (SMC)
DRV - (BrUsbScn) Brother MFC-Scannertreiber (USB) -- C:\WINDOWS\system32\drivers\BrUsbScn.sys (Brother Industries Ltd.)
DRV - (brfilt) -- C:\WINDOWS\system32\drivers\BrFilt.sys (Brother Industries Ltd.)
DRV - (FUJ02B1) -- C:\WINDOWS\system32\drivers\fuj02b1.sys (FUJITSU LIMITED)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
IE - HKCU\..\URLSearchHook: {a1137e37-cecc-4cbb-ba8f-e598748d4bd3} - C:\Programme\MovaviDE\prxtbMov0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.02.11 18:24:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.02.09 11:25:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012.02.11 21:46:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
[2009.11.23 07:59:59 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Extensions
[2009.11.23 07:59:59 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com
[2012.01.31 09:36:45 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\yorhhorz.default\extensions
[2011.01.27 22:29:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\yorhhorz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.01.31 09:36:45 | 000,000,000 | ---D | M] (MovaviDE Community Toolbar) -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\yorhhorz.default\extensions\{a1137e37-cecc-4cbb-ba8f-e598748d4bd3}
[2009.09.17 08:28:44 | 000,002,171 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Mozilla\Firefox\Profiles\yorhhorz.default\searchplugins\bing.xml
[2012.02.13 09:49:57 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.02.08 21:31:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.08 18:36:16 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.19 14:28:56 | 000,003,766 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.02.08 18:21:19 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.02.08 18:36:16 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.08 18:36:16 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.08 18:36:16 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.08 18:36:16 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012.02.13 19:04:45 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG9\avgssie.dll File not found
O2 - BHO: (MovaviDE Toolbar) - {a1137e37-cecc-4cbb-ba8f-e598748d4bd3} - C:\Programme\MovaviDE\prxtbMov0.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (MovaviDE Toolbar) - {a1137e37-cecc-4cbb-ba8f-e598748d4bd3} - C:\Programme\MovaviDE\prxtbMov0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\WebBrowser: (MovaviDE Toolbar) - {A1137E37-CECC-4CBB-BA8F-E598748D4BD3} - C:\Programme\MovaviDE\prxtbMov0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Elements 5.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IndicatorUtility] C:\Programme\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [ITSecMng] C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LoadBtnHnd] C:\Programme\Fujitsu\BtnHnd\BtnHnd.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LoadFUJ02E3] C:\Programme\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Addon\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PSUtility] C:\Addon\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSUtility] C:\Addon\Fujitsu\SSUtility\FJSSDMN.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TvOutSwitch] C:\Addon\Fujitsu\DispSwitch\DispSwitchLauncher.exe (FUJITSU LIMITED)
O4 - HKCU..\Run: [Facebook Update] C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - c:\Programme\Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - %SystemRoot%\System32\nwprovau.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - %SystemRoot%\System32\nwprovau.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C38D4EB7-E0A3-4A88-B3D7-2C6E9F7CDF4C}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\PSUTY: DllName - (PSUWNP.dll) - C:\WINDOWS\System32\PSUWNP.dll (FUJITSU LIMITED)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O30 - LSA: Authentication Packages - (nwprovau) -C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.06.24 19:56:16 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.02.13 19:04:42 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\drivers\smcirda.sys
[2012.02.13 19:04:42 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012.02.13 19:04:35 | 000,027,165 | ---- | C] (VIA Technologies, Inc. ) -- C:\WINDOWS\System32\dllcache\fetnd5.sys
[2012.02.13 18:53:02 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.02.13 18:50:44 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.02.13 18:50:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.02.13 18:50:44 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.02.13 18:50:44 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.02.13 18:50:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012.02.13 18:50:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.02.13 18:27:22 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.02.13 17:49:42 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2012.02.13 17:49:42 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2012.02.13 17:49:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[2012.02.11 16:59:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Malwarebytes
[2012.02.11 16:59:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.02.11 16:59:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.02.11 16:59:06 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.02.11 16:59:06 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.02.11 16:48:03 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.02.11 16:44:13 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Admin\Recent
[2012.02.11 15:59:38 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Admin\Desktop\OTL.exe
[2012.02.10 21:50:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Startmenü\Programme\System Check
[2012.02.09 22:55:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Facebook
[2012.02.09 10:45:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012.01.26 19:15:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Thunderbird
[2012.01.26 19:15:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\Thunderbird
[2012.01.26 19:15:43 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Thunderbird
[2008.06.24 19:38:17 | 000,005,632 | ---- | C] (Oak Technology Inc.) -- C:\WINDOWS\System32\NWUSBPort.dll
========== Files - Modified Within 30 Days ==========
[2012.02.13 20:10:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.13 20:00:01 | 000,001,018 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2314300672-2348332469-2437391780-1005UA.job
[2012.02.13 19:43:40 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.02.13 19:43:15 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.13 19:43:12 | 000,000,000 | -HS- | M] () -- C:\WINDOWS\System32\dds_trash_log.cmd
[2012.02.13 19:43:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.02.13 19:43:08 | 3149,705,216 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.13 19:04:45 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.02.13 18:53:05 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.02.13 17:58:06 | 000,002,241 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2012.02.13 09:05:46 | 000,002,461 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Desktop\Microsoft Office Word 2007.lnk
[2012.02.12 23:00:01 | 000,000,996 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2314300672-2348332469-2437391780-1005Core.job
[2012.02.11 21:46:49 | 000,001,638 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Thunderbird.lnk
[2012.02.11 21:16:32 | 000,000,156 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.02.11 18:24:12 | 000,000,702 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.02.11 17:21:07 | 000,465,814 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.02.11 17:21:07 | 000,446,820 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.02.11 17:21:07 | 000,087,594 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.02.11 17:21:07 | 000,073,834 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.02.11 16:59:08 | 000,000,762 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.11 15:58:04 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Admin\Desktop\OTL.exe
[2012.01.22 20:45:49 | 000,034,304 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.19 20:55:02 | 000,006,296 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\.recently-used.xbel
[2012.01.19 20:54:37 | 000,000,088 | ---- | M] () -- C:\Dokumente und Einstellungen\Admin\.gtk-bookmarks
========== Files Created - No Company Name ==========
[2012.02.13 18:53:05 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.02.13 18:53:03 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2012.02.13 18:50:44 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.02.13 18:50:44 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.02.13 18:50:44 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.02.13 18:50:44 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.02.13 18:50:44 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.02.13 17:49:42 | 000,002,241 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2012.02.11 21:46:49 | 000,001,644 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Thunderbird.lnk
[2012.02.11 21:46:49 | 000,001,638 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Thunderbird.lnk
[2012.02.11 18:24:12 | 000,000,708 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2012.02.11 18:24:12 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.02.11 16:59:08 | 000,000,762 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.10 22:07:04 | 3149,705,216 | -HS- | C] () -- C:\hiberfil.sys
[2012.02.10 21:42:30 | 000,000,000 | -HS- | C] () -- C:\WINDOWS\System32\dds_trash_log.cmd
[2012.02.09 22:55:38 | 000,001,018 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2314300672-2348332469-2437391780-1005UA.job
[2012.02.09 22:55:38 | 000,000,996 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-2314300672-2348332469-2437391780-1005Core.job
[2012.01.19 20:55:02 | 000,006,296 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\.recently-used.xbel
[2012.01.19 20:54:37 | 000,000,088 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\.gtk-bookmarks
[2011.09.25 17:00:28 | 000,004,873 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\qjaxlkio.dss
[2011.04.04 05:59:14 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.02.18 11:28:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2009.10.21 06:54:33 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2009.10.16 06:47:33 | 000,000,156 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.09.18 12:34:12 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDEB300EURO.ini
[2009.09.09 07:05:45 | 000,002,653 | ---- | C] () -- C:\WINDOWS\BRMFBIDI.INI
[2009.09.04 06:42:21 | 000,048,338 | ---- | C] () -- C:\WINDOWS\hpiins01.dat
[2009.09.04 06:42:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpimdl01.dat
[2009.08.20 12:48:07 | 000,034,304 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.13 10:29:55 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009.08.13 10:29:55 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2030.DAT
[2009.08.04 12:56:57 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2009.08.04 12:56:57 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.08.03 14:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009.07.27 16:02:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.07.27 15:23:54 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009.07.27 15:12:47 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2009.07.27 15:12:00 | 000,050,127 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009.07.27 15:11:53 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4953.dll
[2009.07.27 15:11:52 | 001,991,464 | ---- | C] () -- C:\WINDOWS\System32\igkrng500.bin
[2009.07.27 15:11:52 | 000,432,400 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng500.bin
[2008.06.24 20:46:41 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.06.24 20:45:36 | 000,274,968 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.06.24 20:20:23 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2008.06.24 20:00:13 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.06.24 19:52:44 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.06.24 19:38:48 | 000,001,052 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008.06.24 19:38:31 | 000,465,814 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2008.06.24 19:38:31 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2008.06.24 19:38:31 | 000,087,594 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2008.06.24 19:38:31 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2008.06.24 19:38:11 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.06.24 19:38:08 | 000,446,820 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.06.24 19:38:08 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.06.24 19:38:08 | 000,073,834 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.06.24 19:38:08 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.06.24 19:38:06 | 000,004,711 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008.06.24 19:38:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008.06.24 19:38:03 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008.06.24 19:37:55 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.06.24 19:37:55 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.06.24 19:37:46 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.06.24 19:37:36 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007.12.21 16:46:32 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005.07.22 21:30:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2001.07.13 01:00:14 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\brmsl06f.bin
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 13.02.2012 20:26:31 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Admin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
2.93 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 74.00% Memory free
4.77 Gb Paging File | 4.16 Gb Available in Paging File | 87.20% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298.08 Gb Total Space | 259.51 Gb Free Space | 87.06% Space Free | Partition Type: NTFS
Computer Name: HBSPC01 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Office\Office12\OUTLOOK.EXE" = C:\Programme\Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Dokumente und Einstellungen\Admin\Lokale Einstellungen\Anwendungsdaten\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1AD5F465-8282-4DAD-B957-E09C0B783D18}" = InstantShare
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{271274D2-92C6-4EEC-A0AD-9DA5272AD5C9}" = Lifebook Application Panel
"{272979FC-6D4A-4C25-B71A-32DD4974A022}" = Fujitsu Hotkey Utility
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft VC80 Support DLLs
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{58787BF5-1C5E-4554-9E44-9849FF932F4D}" = Fujitsu Display Manager
"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}" = Rhinoceros 4.0
"{5E8D588F-307C-4250-B622-26969027319A}" = PanoStandAlone
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{644D04A2-C682-4FD5-977D-03B804C4B9C5}" = CreativeProjects
"{646A65DD-23FC-418E-B9F0-E0500FB42CB1}" = PhotoGallery
"{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{68963635-14A4-48D9-B431-DF3A74D1AAE1}" = Destinations
"{6B9DD988-5ECB-4623-BBFF-8A8F2DA3ED16}" = Rhinoceros 4.0 SR6
"{6DE39343-0C7E-4b3a-8BDC-A846B7A8CAFE}" = CameraDrivers
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{70B6A483-F815-4879-9AA4-3DCE9BCC61A0}" = Shock Sensor Utility
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78FD2974-C98B-4b84-9E9F-1AEE16AE0029}" = HP Photosmart Kameras 4.5
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{A157DF9D-462F-4BF9-8C5E-3854BC9CC08F}" = HP Digital Photo Advisor
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}" = Adobe Photoshop Elements 5.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{E304EDA1-5C87-412A-98D0-950BDCF58E6B}" = Power Saving Utility
"{E64404F1-98DC-4CC8-A1A7-EF36E4E21031}" = Nero 8 Essentials
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC22D020-3005-4715-8DF9-F3EDE81DEB3D}" = CreativeProjectsTemplates
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 5" = Adobe Photoshop Elements 5.0
"AFPL Ghostscript 8.53" = AFPL Ghostscript 8.53
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"EPSON B-300" = EPSON B-300 Printer Uninstall
"EPSON B-300_B-500DN Benutzerhandbuch" = EPSON B-300_B-500DN Handbuch
"FreePDF_XP" = FreePDF (Remove only)
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Photo & Imaging" = HP Image Zone 4.5
"ie8" = Windows Internet Explorer 8
"InstallShield_{58787BF5-1C5E-4554-9E44-9849FF932F4D}" = Fujitsu Display Manager
"InstallShield_{70B6A483-F815-4879-9AA4-3DCE9BCC61A0}" = Shock Sensor Utility
"InstallShield_{E304EDA1-5C87-412A-98D0-950BDCF58E6B}" = Power Saving Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MiniMagics" = MiniMagics
"Mobile Partner" = Mobile Partner
"Movavi Video Converter 11" = Movavi Video Converter 11
"MovaviDE Toolbar" = MovaviDE Toolbar
"Mozilla Firefox 10.0.1 (x86 de)" = Mozilla Firefox 10.0.1 (x86 de)
"Mozilla Thunderbird 10.0 (x86 de)" = Mozilla Thunderbird 10.0 (x86 de)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"pepakura_viewer3en" = Pepakura Viewer 3
"PROHYBRIDR" = 2007 Microsoft Office system
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.11
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 13.02.2012 03:44:31 | Computer Name = HBSPC01 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung skype.exe, Version 5.8.0.154, fehlgeschlagenes
Modul skype.exe, Version 5.8.0.154, Fehleradresse 0x001e4187.
Error - 13.02.2012 04:00:23 | Computer Name = HBSPC01 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung skype.exe, Version 5.8.0.154, fehlgeschlagenes
Modul skype.exe, Version 5.8.0.154, Fehleradresse 0x001e4187.
Error - 13.02.2012 04:00:39 | Computer Name = HBSPC01 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung nmindexstoresvr.exe, Version 3.3.3.0, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x0066325a.
Error - 13.02.2012 04:48:18 | Computer Name = HBSPC01 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung skype.exe, Version 5.8.0.154, fehlgeschlagenes
Modul skype.exe, Version 5.8.0.154, Fehleradresse 0x001e4187.
Error - 13.02.2012 12:50:34 | Computer Name = HBSPC01 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung skype.exe, Version 5.8.0.154, fehlgeschlagenes
Modul skype.exe, Version 5.8.0.154, Fehleradresse 0x001e4187.
Error - 13.02.2012 12:58:15 | Computer Name = HBSPC01 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung skype.exe, Version 5.8.0.154, fehlgeschlagenes
Modul skype.exe, Version 5.8.0.154, Fehleradresse 0x001e4187.
Error - 13.02.2012 14:01:24 | Computer Name = HBSPC01 | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 13.02.2012 14:01:24 | Computer Name = HBSPC01 | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 13.02.2012 14:01:24 | Computer Name = HBSPC01 | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 13.02.2012 14:01:28 | Computer Name = HBSPC01 | Source = crypt32 | ID = 131080
Description = Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer
von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
ist fehlgeschlagen mit dem Fehler: A connection with the server could not be established
.
[ OSession Events ]
Error - 20.04.2010 03:58:40 | Computer Name = HBSPC01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.
Error - 20.04.2010 03:58:54 | Computer Name = HBSPC01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.
Error - 20.04.2010 03:59:08 | Computer Name = HBSPC01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.
Error - 22.04.2010 03:52:38 | Computer Name = HBSPC01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19
seconds with 0 seconds of active time. This session ended with a crash.
Error - 22.04.2010 03:52:57 | Computer Name = HBSPC01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.
Error - 27.09.2010 05:07:37 | Computer Name = HBSPC01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.
Error - 17.11.2010 05:55:54 | Computer Name = HBSPC01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.
Error - 17.11.2010 05:56:13 | Computer Name = HBSPC01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8
seconds with 0 seconds of active time. This session ended with a crash.
Error - 17.11.2010 05:56:29 | Computer Name = HBSPC01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.
Error - 17.11.2010 05:56:53 | Computer Name = HBSPC01 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 13.02.2012 14:43:36 | Computer Name = HBSPC01 | Source = Service Control Manager | ID = 7023
Description = Der Dienst ".netframework" wurde mit folgendem Fehler beendet: %%126
Error - 13.02.2012 14:43:36 | Computer Name = HBSPC01 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Db2" wurde mit folgendem Fehler beendet: %%126
Error - 13.02.2012 14:43:36 | Computer Name = HBSPC01 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Iwebcal" wurde mit folgendem Fehler beendet: %%126
Error - 13.02.2012 14:43:36 | Computer Name = HBSPC01 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Zenos1" wurde mit folgendem Fehler beendet: %%126
Error - 13.02.2012 14:43:36 | Computer Name = HBSPC01 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Nimcdfxk" wurde mit folgendem Fehler beendet: %%126
Error - 13.02.2012 14:43:36 | Computer Name = HBSPC01 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Dnetc" wurde mit folgendem Fehler beendet: %%126
Error - 13.02.2012 14:43:36 | Computer Name = HBSPC01 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TomTomHOMEService" wurde aufgrund folgenden Fehlers nicht
gestartet: %%3
Error - 13.02.2012 14:43:36 | Computer Name = HBSPC01 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "MXOPSWD" wurde mit folgendem Fehler beendet: %%126
Error - 13.02.2012 14:43:36 | Computer Name = HBSPC01 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Udfreadr_xp" wurde mit folgendem Fehler beendet: %%126
Error - 13.02.2012 14:43:36 | Computer Name = HBSPC01 | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Sntnlusb" wurde mit folgendem Fehler beendet: %%126
< End of report >
--- --- --- |
