| McAllistair | 09.11.2012 16:39 |
Ist das so ok?
OTL Logfile: Code:
OTL logfile created on: 09.11.2012 15:43:32 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\***\Eigene Dateien\PC-Technik u.a\Viren, Trojaner usw\Trojaner-Board
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1023,00 Mb Total Physical Memory | 415,51 Mb Available Physical Memory | 40,62% Memory free
1,65 Gb Paging File | 0,89 Gb Available in Paging File | 53,57% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 55,84 Gb Total Space | 3,54 Gb Free Space | 6,35% Space Free | Partition Type: NTFS
Computer Name: ARBEITSZIMMER | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ==========
PRC - [2012.11.09 15:39:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Eigene Dateien\PC-Technik u.a\Viren, Trojaner usw\Trojaner-Board\OTL.exe
PRC - [2012.10.16 13:02:04 | 001,111,432 | ---- | M] (Spigot, Inc.) -- C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe
PRC - [2012.10.09 15:44:44 | 000,799,112 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe
PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.01.18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\UMVPFSrv.exe
PRC - [2011.11.11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Dokumente und Einstellungen\***\Eigene Dateien\PC-Technik u.a\Webcam\LWS\Webcam Software\LWS.exe
PRC - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton 360\Engine\5.2.2.3\ccsvchst.exe
PRC - [2011.01.27 22:13:50 | 000,226,624 | ---- | M] () -- C:\Programme\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011.01.27 22:13:40 | 000,673,088 | ---- | M] () -- C:\Programme\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2010.11.05 15:11:52 | 000,081,920 | R--- | M] (Nero AG) -- C:\Programme\Motorola Media Link\NServiceEntry.exe
PRC - [2010.11.04 02:58:46 | 000,497,240 | ---- | M] (PacketVideo) -- C:\Programme\TwonkyMedia\twonkymediaserverwatchdog.exe
PRC - [2010.11.04 02:58:44 | 000,595,544 | ---- | M] (PacketVideo) -- C:\Programme\TwonkyMedia\twonkymediaserverconfig.exe
PRC - [2010.11.04 02:58:42 | 001,439,320 | ---- | M] () -- C:\Programme\TwonkyMedia\twonkymediaserver.exe
PRC - [2010.07.29 11:36:28 | 004,792,320 | ---- | M] () -- C:\Programme\USIM Editor\iconcs859406.exe
PRC - [2010.07.29 11:36:26 | 000,065,536 | ---- | M] () -- C:\WINDOWS\SYSTEM32\afasrv32.exe
PRC - [2010.04.13 11:40:20 | 000,110,592 | ---- | M] (Books on Demand) -- C:\Programme\BoD easyPrint\BoDeasyPrint.exe
PRC - [2010.04.13 11:40:20 | 000,028,672 | ---- | M] (Books on Demand) -- C:\Programme\BoD easyPrint\BoDeasyPrint_Monitor.exe
PRC - [2008.04.14 03:22:56 | 000,422,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\ntvdm.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.03.16 10:45:30 | 000,063,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
PRC - [2002.12.17 12:28:00 | 000,684,032 | ---- | M] (Roxio) -- C:\Programme\Roxio\Easy CD Creator 5\DirectCD\Directcd.exe
PRC - [2002.08.14 18:22:52 | 000,028,672 | ---- | M] (Dell - Advanced Desktop Engineering) -- C:\WINDOWS\SYSTEM32\DSentry.exe
PRC - [1998.10.22 16:07:20 | 000,044,032 | ---- | M] (Caere Corporation) -- C:\Programme\Caere\OmniPagePro90\OPware32.exe
========== Modules (No Company Name) ==========
MOD - [2012.07.27 21:51:38 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2011.03.01 23:15:28 | 000,126,808 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\PC-Technik u.a\Webcam\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011.03.01 23:15:28 | 000,027,480 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\PC-Technik u.a\Webcam\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011.03.01 23:15:04 | 000,340,824 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\PC-Technik u.a\Webcam\LWS\Webcam Software\QTXml4.dll
MOD - [2011.03.01 23:14:42 | 007,954,776 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\PC-Technik u.a\Webcam\LWS\Webcam Software\QTGui4.dll
MOD - [2011.03.01 23:14:30 | 002,143,576 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\PC-Technik u.a\Webcam\LWS\Webcam Software\QTCore4.dll
MOD - [2011.01.27 22:13:50 | 000,226,624 | ---- | M] () -- C:\Programme\Motorola\MotoHelper\MotoHelperService.exe
MOD - [2011.01.27 22:13:40 | 000,673,088 | ---- | M] () -- C:\Programme\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010.11.05 15:12:00 | 000,460,199 | R--- | M] () -- C:\Programme\Motorola Media Link\sqlite3.dll
MOD - [2010.11.05 15:11:48 | 000,036,864 | R--- | M] () -- C:\Programme\Motorola Media Link\NLog.dll
MOD - [2010.11.05 15:11:44 | 000,057,344 | R--- | M] () -- C:\Programme\Motorola Media Link\NetSharingService.dll
MOD - [2010.11.05 15:11:44 | 000,026,624 | R--- | M] () -- C:\Programme\Motorola Media Link\NFileCacheDBAccess.dll
MOD - [2010.11.05 15:11:42 | 000,038,912 | R--- | M] () -- C:\Programme\Motorola Media Link\NAdvLog.dll
MOD - [2010.11.05 15:11:24 | 000,114,688 | R--- | M] () -- C:\Programme\Motorola Media Link\LiveupdateTactics.dll
MOD - [2010.11.05 15:11:22 | 000,044,032 | R--- | M] () -- C:\Programme\Motorola Media Link\InterProcessChannel.dll
MOD - [2010.11.05 15:11:12 | 000,018,432 | R--- | M] () -- C:\Programme\Motorola Media Link\DbAccess.dll
MOD - [2010.11.04 02:58:42 | 001,439,320 | ---- | M] () -- C:\Programme\TwonkyMedia\twonkymediaserver.exe
MOD - [2010.11.04 02:54:42 | 000,143,360 | ---- | M] () -- C:\Programme\TwonkyMedia\wmdrmdll.dll
MOD - [2010.07.29 11:36:28 | 004,792,320 | ---- | M] () -- C:\Programme\USIM Editor\iconcs859406.exe
MOD - [2010.07.29 11:36:26 | 000,065,536 | ---- | M] () -- C:\WINDOWS\SYSTEM32\afasrv32.exe
MOD - [2010.04.13 11:40:20 | 000,880,128 | ---- | M] () -- C:\Programme\BoD easyPrint\libeay32.dll
MOD - [2010.04.13 11:40:20 | 000,171,520 | ---- | M] () -- C:\Programme\BoD easyPrint\ssleay32.dll
MOD - [2010.04.13 11:40:20 | 000,055,808 | ---- | M] () -- C:\Programme\BoD easyPrint\zlib1.dll
MOD - [2001.10.28 16:42:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\SYSTEM32\pdfcmnnt.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.10.30 09:44:55 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.09 15:44:44 | 000,799,112 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Norton 360\Engine\5.2.2.3\ccSvcHst.exe -- (N360)
SRV - [2011.01.27 22:13:50 | 000,226,624 | ---- | M] () [Auto | Running] -- C:\Programme\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010.11.05 15:11:52 | 000,081,920 | R--- | M] (Nero AG) [Auto | Running] -- C:\Programme\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010.11.04 02:58:46 | 000,497,240 | ---- | M] (PacketVideo) [Auto | Running] -- C:\Programme\TwonkyMedia\twonkymediaserverwatchdog.exe -- (TwonkyMedia)
SRV - [2010.07.29 11:36:26 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SYSTEM32\afasrv32.exe -- (AfaService)
SRV - [2008.10.23 16:45:14 | 000,307,200 | ---- | M] (T-Systems Enterprise Services GmbH) [On_Demand | Stopped] -- C:\Programme\DSL-Manager\DslMgrSvc.exe -- (TDslMgrService)
SRV - [2004.10.22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
SRV - [2002.10.10 04:18:36 | 001,118,208 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\NMSSvc.Exe -- (NMSSvc)
SRV - [2002.02.13 11:18:24 | 000,196,668 | ---- | M] (AVM Berlin) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\AVM\De_serv.exe -- (de_serv)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMNDIS.SYS -- (SYMNDIS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMIDS.SYS -- (SYMIDS)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\N360\0308000.029\SYMFW.SYS -- (SYMFW)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\DELUSB_51.sys -- (PRISM_USB)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wATV03nt.sys -- (iAimTV2)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.10.05 19:23:26 | 000,995,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20121030.002\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012.09.13 12:40:19 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20121108.019\NAVEX15.SYS -- (NAVEX15)
DRV - [2012.09.13 12:40:18 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20121108.019\NAVENG.SYS -- (NAVENG)
DRV - [2012.09.06 09:58:42 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20121108.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2012.08.09 12:26:48 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012.08.09 12:26:47 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012.01.18 07:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\lvuvc.sys -- (LVUVC)
DRV - [2012.01.18 07:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\lvrs.sys -- (LVRS)
DRV - [2011.06.24 12:20:10 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\SYMEVENT.SYS -- (SymEvent)
DRV - [2011.04.21 02:37:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\N360\0502020.003\symtdi.sys -- (SYMTDI)
DRV - [2011.03.31 04:00:09 | 000,516,216 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\N360\0502020.003\srtsp.sys -- (SRTSP)
DRV - [2011.03.31 04:00:09 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\N360\0502020.003\srtspx.sys -- (SRTSPX)
DRV - [2011.03.15 03:31:23 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\N360\0502020.003\symefa.sys -- (SymEFA)
DRV - [2011.01.27 07:47:10 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\N360\0502020.003\symds.sys -- (SymDS)
DRV - [2011.01.27 06:07:05 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\N360\0502020.003\ironx86.sys -- (SymIRON)
DRV - [2010.12.03 13:03:08 | 000,020,352 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motccgp.sys -- (motccgp)
DRV - [2010.09.29 16:13:46 | 000,024,064 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motmodem.sys -- (motmodem)
DRV - [2010.04.01 12:31:50 | 000,023,424 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\Motousbnet.sys -- (Motousbnet)
DRV - [2010.01.25 17:56:44 | 000,009,472 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motusbdevice.sys -- (motusbdevice)
DRV - [2009.12.12 00:48:04 | 000,025,984 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\tap0901.sys -- (tap0901)
DRV - [2009.10.22 12:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\70370822.sys -- (70370822)
DRV - [2009.10.09 22:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\7037082.sys -- (setup_9.0.0.722_21.10.2012_06-07drv)
DRV - [2009.09.25 16:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\70370821.sys -- (70370821)
DRV - [2009.01.29 15:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motccgpfl.sys -- (motccgpfl)
DRV - [2009.01.29 15:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motfilt.sys -- (BTCFilterService)
DRV - [2008.05.27 09:52:18 | 000,051,072 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\MHIKEY10.sys -- (MHIKEY10)
DRV - [2007.11.02 13:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motswch.sys -- (MotoSwitchService)
DRV - [2007.09.12 16:24:00 | 000,026,816 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\DslTestSp5.sys -- (dsltestSp5)
DRV - [2007.06.26 10:53:54 | 000,013,824 | ---- | M] (T-Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\tsmpkt.sys -- (TSMPacket)
DRV - [2004.08.04 06:29:49 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wvchntxx.sys -- (iAimFP4)
DRV - [2004.08.04 06:29:47 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wsiintxx.sys -- (iAimFP3)
DRV - [2004.08.04 06:29:45 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wch7xxnt.sys -- (iAimTV4)
DRV - [2004.08.04 06:29:43 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv04nt.sys -- (iAimTV3)
DRV - [2004.08.04 06:29:42 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv02nt.sys -- (iAimTV1)
DRV - [2004.08.04 06:29:41 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\watv01nt.sys -- (iAimTV0)
DRV - [2004.08.04 06:29:37 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv01nt.sys -- (iAimFP0)
DRV - [2004.08.04 06:29:37 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv02nt.sys -- (iAimFP1)
DRV - [2004.08.04 06:29:37 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wadv05nt.sys -- (iAimFP2)
DRV - [2004.08.04 06:29:36 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\i81xnt5.sys -- (i81x)
DRV - [2003.05.16 19:05:10 | 000,206,464 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2003.05.16 19:05:10 | 000,143,834 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2003.05.16 19:05:10 | 000,030,630 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2003.05.16 19:05:10 | 000,025,898 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2002.12.17 12:32:58 | 000,061,424 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2002.12.17 12:32:46 | 000,023,436 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2002.12.17 12:27:32 | 000,241,152 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp)
DRV - [2002.11.01 02:00:00 | 000,861,104 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\fdslbase.sys -- (FDSLBASE)
DRV - [2002.11.01 02:00:00 | 000,051,072 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avmcowan.sys -- (AVMCOWAN)
DRV - [2002.11.01 02:00:00 | 000,039,936 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avmdsloe.sys -- (AVMDSLPPPOE)
DRV - [2002.11.01 02:00:00 | 000,038,896 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avmndsl.sys -- (AVMNDSL)
DRV - [2002.10.10 04:18:58 | 000,009,868 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\NMSCFG.SYS -- (NMSCFG)
DRV - [2002.07.19 10:22:08 | 000,017,153 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)
DRV - [2002.02.13 11:18:24 | 000,288,256 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Netfwdsl.sys -- (NETFWDSL)
DRV - [2002.02.13 11:18:24 | 000,027,648 | ---- | M] (AVM Berlin) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\Aadev.sys -- (aadev)
DRV - [2002.01.11 08:19:04 | 000,259,072 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\NETFRITZ.SYS -- (NETFRITZ)
DRV - [2001.10.23 00:00:00 | 000,059,520 | ---- | M] (AVM Berlin) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\avmport.sys -- (AVMPORT)
DRV - [2001.08.17 12:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\EL90XBC5.SYS -- (EL90XBC)
DRV - [2001.02.12 19:02:26 | 000,047,616 | ---- | M] (T-Online International AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\TDSLAdap.sys -- (TDSLAdapter)
DRV - [2001.02.12 19:02:26 | 000,006,688 | ---- | M] (T-Online International AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\TDSLProt.sys -- (TDSLProtocol)
DRV - [2000.07.24 00:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\BRPAR.SYS -- (BrPar)
DRV - [2000.06.07 00:01:00 | 000,016,032 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ScFBPNT3.sys -- (ScFBPNT3)
DRV - [1998.09.11 10:04:04 | 000,001,888 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\papycpu.sys -- (papycpu)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell Official Site - The Power To Do More | Dell
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = Dell Official Site - The Power To Do More | Dell
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dell Official Site - The Power To Do More | Dell
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell Official Site - The Power To Do More | Dell
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = Dell Official Site - The Power To Do More | Dell
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Dell Official Site - The Power To Do More | Dell
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Dell Official Site - The Power To Do More | Dell
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.kieler-zeitung.de/http [Binary data over 200 bytes]
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Jülich - Lokales - News - Aachener Zeitung - AZ-Web.de
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..\URLSearchHook: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Programme\WiseConvert\prxtbWise.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..\SearchScopes,DefaultScope = {305FB842-573A-40BE-A785-86994641D743}
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..\SearchScopes\{305FB842-573A-40BE-A785-86994641D743}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=1I7GGIE_en
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..\SearchScopes\{7ACA2CA8-B608-492C-AF56-AE9376D77FE5}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = hxxp://int.search-results.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=360&chn=retail&geo=DE&ver=5
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716
IE - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=827316"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.brammen.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}:6.0.32
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.2.0.10687
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:10.1.0.68 - 2
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=827316&p="
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2012.02.10 16:15:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_13_2 [2012.11.09 14:49:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.09.19 13:49:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.09.19 13:49:27 | 000,000,000 | ---D | M]
[2010.01.16 18:26:42 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2012.10.29 13:58:36 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\9qegj88n.default\extensions
[2011.03.11 10:14:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\9qegj88n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.10.29 13:58:36 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.11.03 12:47:03 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.04.20 15:15:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.12.01 18:35:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.27 18:17:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.24 13:51:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.23 12:14:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012.04.28 11:47:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
[2012.02.10 16:15:11 | 000,000,000 | ---D | M] (Symantec Intrusion Prevention) -- C:\DOKUMENTE UND EINSTELLUNGEN\ALL USERS\ANWENDUNGSDATEN\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPLGN
[2012.04.28 11:47:09 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012.09.19 13:49:18 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.19 13:49:18 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.19 13:49:18 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.19 13:49:18 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.19 13:49:18 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2002.08.29 05:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (TwonkyMediaContextMenuHandler) - {D6E0063B-7B09-45C9-A51D-1FB51840EBE0} - C:\Programme\PacketVideo\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll (PacketVideo)
O2 - BHO: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Programme\WiseConvert\prxtbWise.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (WiseConvert Toolbar) - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Programme\WiseConvert\prxtbWise.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar mit Pop-Up-Blocker) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\5.2.2.3\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..\Toolbar\WebBrowser: (WiseConvert Toolbar) - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - C:\Programme\WiseConvert\prxtbWise.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..\Toolbar\WebBrowser: (Yahoo! Toolbar mit Pop-Up-Blocker) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdaptecDirectCD] C:\Programme\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe (Roxio)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BoD easyPrint Printing Device] C:\Programme\BoD easyPrint\BoDeasyPrint_Monitor.exe (Books on Demand)
O4 - HKLM..\Run: [DVDSentry] C:\WINDOWS\SYSTEM32\DSentry.exe (Dell - Advanced Desktop Engineering)
O4 - HKLM..\Run: [LWS] C:\Dokumente und Einstellungen\***\Eigene Dateien\PC-Technik u.a\Webcam\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OmniPage] C:\Programme\Caere\OmniPagePro90\OPware32.exe (Caere Corporation)
O4 - HKLM..\Run: [SearchSettings] C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [USBestCR] C:\Programme\USIM Editor\iconcs859406.exe ()
O4 - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008..\Run: [PCSpeedUp] C:\Programme\PC Beschleunigen\PCSpeedUp.lnk ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\TwonkyMedia Tray Control.lnk = C:\Programme\TwonkyMedia\twonkymediaserverconfig.exe (PacketVideo)
O4 - Startup: C:\Dokumente und Einstellungen\Default User\Startmenü\Programme\Autostart\DSL-Manager.lnk = C:\Programme\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\ctfmon.lnk = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lsass.exe (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\setup_9.0.0.722_21.10.2012_06-07.lnk = File not found
O4 - Startup: C:\Dokumente und Einstellungen\_pixelx_backup_\Startmenü\Programme\Autostart\DSL-Manager.lnk = C:\Programme\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Playlist - C:\Programme\PacketVideo\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll (PacketVideo)
O8 - Extra context menu item: TwonkyBeam to - C:\Programme\PacketVideo\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll (PacketVideo)
O9 - Extra Button: TwonkyBeam for Internet Explorer - {339E0A0F-ACAE-408f-AAD7-4E9158FFDE7C} - C:\Programme\PacketVideo\TwonkyBeam\Internet Explorer\TwonkyIEPlugin.dll (PacketVideo)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..Trusted Domains: ([]msn in My Computer)
O15 - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..Trusted Domains: callmobile.de ([www] https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-1452484265-1373536545-3520806659-1008\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} hxxp://www.lidl-fotos.de/ips-opdata/layout/lidl02/objects/canvasx.cab (CanvasX Class)
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} hxxp://www.lidl-fotos.de/ips-opdata/layout/lidl02/objects/jordan.cab (JordanUploader Class)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://www1.uploadserver.info/premium/uploader/ImageUploader4.cab (Reg Error: Key error.)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} hxxp://cm4all02.kundenserver.de/app/static/activex/msxml4.cab (XML DOM Document 4.0)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.4.1/jinstall-1_4_1_03-windows-i586.cab (Java Plug-in 1.4.1_03)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7D596DF-09C0-4C86-ADD7-144A11E5B4D5}: NameServer = 192.168.120.252,192.168.120.253
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6F939C4-5024-4F6C-8CC3-8E4018CF8A22}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6CEF393-8F4A-4C5A-A473-028402250A85}: NameServer = 192.168.122.252,192.168.122.253
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{93f96c1a-5a36-11e1-a6f0-0007e97c3643}\Shell - "" = AutoRun
O33 - MountPoints2\{93f96c1a-5a36-11e1-a6f0-0007e97c3643}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{93f96c1a-5a36-11e1-a6f0-0007e97c3643}\Shell\AutoRun\command - "" = F:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 60 Days ==========
[2012.10.30 09:44:31 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.10.30 09:44:31 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.10.21 11:12:02 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\7037082.sys
[2012.10.21 11:12:02 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\70370821.sys
[2012.10.21 11:12:02 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\70370822.sys
[2012.10.20 10:05:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Search Settings
[2012.10.20 10:04:46 | 000,000,000 | ---D | C] -- C:\Programme\Application Updater
[2012.10.20 10:04:45 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Spigot
[2012.10.20 10:04:45 | 000,000,000 | ---D | C] -- C:\Programme\pdfforge Toolbar
[2012.10.20 10:03:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.10.18 13:05:17 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lsass.exe
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 60 Days ==========
[2012.11.09 15:28:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.11.09 14:55:05 | 000,001,170 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2012.11.09 14:48:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012.11.09 10:20:17 | 000,000,440 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{9AFFC444-DFEF-4350-839F-B831D8D0A8E0}.job
[2012.10.30 10:06:12 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012.10.30 09:44:32 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.10.30 09:44:31 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.10.29 11:03:02 | 000,506,294 | ---- | M] () -- C:\WINDOWS\System32\PERFH007.DAT
[2012.10.29 11:03:02 | 000,484,604 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2012.10.29 11:03:02 | 000,096,266 | ---- | M] () -- C:\WINDOWS\System32\PERFC007.DAT
[2012.10.29 11:03:02 | 000,080,618 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2012.10.21 11:13:59 | 000,003,119 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\setup_9.0.0.722_21.10.2012_06-07.lnk
[2012.10.20 12:06:25 | 000,001,928 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2012.10.20 12:06:24 | 000,001,857 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Avira DE-Cleaner.lnk
[2012.10.20 10:04:16 | 083,023,306 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\erolpxei.pad
[2012.10.18 15:37:31 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012.10.18 13:31:52 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.10.18 13:07:15 | 000,001,125 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\ctfmon.lnk
[2012.10.18 13:05:17 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lsass.exe
[2012.10.15 17:57:28 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2012.10.11 18:53:18 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.10.30 09:45:04 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.10.23 16:39:13 | 000,462,696 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2012.10.21 11:13:59 | 000,003,119 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\setup_9.0.0.722_21.10.2012_06-07.lnk
[2012.10.20 12:06:24 | 000,001,928 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2012.10.20 12:06:22 | 000,001,857 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Avira DE-Cleaner.lnk
[2012.10.18 15:37:31 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012.10.18 13:31:52 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.10.18 13:07:12 | 000,001,125 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\ctfmon.lnk
[2012.10.18 13:05:24 | 083,023,306 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\erolpxei.pad
[2012.09.25 14:58:20 | 003,006,976 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\EPortoInstaller2003_v2.3.msi
[2012.07.17 15:15:46 | 001,456,640 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\Falk Navi-Manager classic.msi
[2012.03.28 13:03:59 | 000,296,966 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.02.15 08:50:43 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.11.25 16:24:42 | 000,000,265 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft.SqlServer.Compact.351.32.bc
[2011.08.12 12:20:14 | 000,015,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2011.06.16 06:02:07 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011.06.16 05:56:57 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011.03.31 15:44:15 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011.03.04 02:26:22 | 010,920,984 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2011.03.04 02:26:22 | 000,104,472 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2011.03.04 02:26:16 | 000,336,408 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2011.03.04 02:14:50 | 000,028,418 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010.12.29 17:05:22 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\$_hpcst$.hpc
[2010.12.07 17:43:17 | 000,000,011 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.tv5
[2010.06.26 15:30:41 | 001,456,640 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\Falk Navi-Manager.msi
[2010.06.26 15:26:48 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\$_hpcst$.hpc
[2009.04.17 15:48:36 | 000,010,599 | ---- | C] () -- C:\Dokumente und Einstellungen\***\WolfgangBrammen_Brammen_elster_2048.pfx
[2008.09.08 18:22:34 | 000,186,265 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\mdbu.bin
[2005.11.23 14:16:23 | 000,000,149 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2004.11.07 13:13:18 | 000,000,789 | ---- | C] () -- C:\Dokumente und Einstellungen\***\jap.conf
[2004.11.07 12:44:54 | 000,004,136 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.plugin141_03.trace
[2004.08.28 10:58:46 | 000,044,544 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003.05.30 15:42:29 | 000,015,428 | ---- | C] () -- C:\Dokumente und Einstellungen\***\RefEdit.exd
========== ZeroAccess Check ==========
[2005.11.23 14:15:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008.04.14 03:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Files - Unicode (All) ==========
[2009.05.23 11:30:33 | 000,000,000 | --SD | M](C:\WINDOWS\System32\??????????????????????????????) -- C:\WINDOWS\System32\�����������������������������
[2009.05.23 11:30:33 | 000,000,000 | --SD | C](C:\WINDOWS\System32\??????????????????????????????) -- C:\WINDOWS\System32\�����������������������������
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 09.11.2012 15:43:33 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\***\Eigene Dateien\PC-Technik u.a\Viren, Trojaner usw\Trojaner-Board
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1023,00 Mb Total Physical Memory | 415,51 Mb Available Physical Memory | 40,62% Memory free
1,65 Gb Paging File | 0,89 Gb Available in Paging File | 53,57% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 55,84 Gb Total Space | 3,54 Gb Free Space | 6,35% Space Free | Partition Type: NTFS
Computer Name: ARBEITSZIMMER | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"E:\fsetup.exe" = E:\fsetup.exe:*:Enabled:AVM FSetup Application
"C:\Programme\TwonkyMedia\bgtrans.exe" = C:\Programme\TwonkyMedia\bgtrans.exe:*:Enabled:${BGTRANS_NAME} -- ()
"C:\Programme\TwonkyMedia\TwonkyMediaServer.exe" = C:\Programme\TwonkyMedia\TwonkyMediaServer.exe:*:Enabled:TwonkyMediaServer -- ()
"C:\Programme\TwonkyMedia\twonkymediaserverwatchdog.exe" = C:\Programme\TwonkyMedia\twonkymediaserverwatchdog.exe:*:Enabled:TwonkyMedia -- (PacketVideo)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01A4AEDE-F219-49A2-B855-16A016EAF9A4}" = Intel(R) PROSet II
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{11F1920A-56A2-4642-B6E0-3B31A12C9288}" = Dell Solution Center
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{151C555A-A9E7-4A2E-B6D7-165D04A3C956}" = Dell Picture Studio - Dell Image Expert
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{169917C4-4A77-45F4-B20E-860703FD5E6F}" = pdfforge Toolbar v6.5
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1C27C64B-D5CF-4881-A310-0BD2A0D21927}" = ElsterFormular 2005/2006
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{26A87AFB-B337-42C2-BEDF-D4A51F1A5F10}" = Falk Navi-Manager
"{3222B0CE-59C5-4CA0-B545-2B88F200756B}" = Falk Navi-Manager
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A9135AC-592E-4767-B029-ADCAC182CCFA}" = Falk Navi-Manager classic
"{609F7AC8-C510-11D4-A788-009027ABA5D0}" = Easy CD Creator 5 Basic
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{77077FFF-8831-470F-9627-E86F06A50CCD}" = Avery Wizard 3.1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{894A83F3-19C8-491D-807D-50784DC4EB9F}" = Deutsche Post E-Porto
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90260407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components
"{90300407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{90A455A7-0FC8-4508-B7FA-8F135B8F041A}" = DSL-Manager
"{90D55A3F-1D99-4C94-A77E-46DC14F0BF08}" = Help and Support Customization
"{91490409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Primary Interop Assemblies
"{91CA0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{98DF85D9-96C0-4F57-A92E-C3539477EF5E}" = DVDSentry
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{AAA30010-8E01-11D8-BBDA-0002B308455F}" = BoD easyPrint DE
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B480BD2A-F1BA-4FE6-8C8E-34C6111B72C9}" = ElsterFormular 2007/2008
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7C7C686-8479-4173-9570-F4B350D91B37}" = Motorola Mobile Drivers Installation 4.9.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CBBCBE04-EA5E-4201-A924-E7ED3E8686AE}" = ElsterFormular 2006/2007
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{D9DC70B6-BE13-41DD-9053-9E617E72D085}" = MOTOROLA MEDIA LINK
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FEA017A3-E8DC-4208-9FA9-76EA95DAE1D7}" = Falk Navi-Manager classic
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"ArcSoft PhotoStudio 2000" = ArcSoft PhotoStudio 2000
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"AVM ISDN CAPI Port" = AVM ISDN CAPI Port
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"Brother HL-1430" = Brother HL-1430
"CanoCraft CS-P 3.8" = Canon CanoCraft CS-P 3.8
"Canon ScanGear Toolbox CS" = Canon ScanGear Toolbox CS 2.2
"Card Reader Driver and USIM Editor Program_is1" = USIM Editor 1.0.25.70
"CCleaner" = CCleaner
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"FRITZ! 2.0" = AVM FRITZ!
"FRITZ!DSL" = AVM FRITZ!DSL
"Google Updater" = Google Updater
"Grand Prix Legends" = Grand Prix Legends
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{EB7A2041-6A16-4BAC-8079-43B985673C2C}" = Avery Zweckform Assistent 3.1
"IrfanView" = IrfanView (remove only)
"JAP" = JAP
"Java Web Start" = Java Web Start
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Press Interactive Training" = Microsoft Interaktives Training
"MotoHelper" = MotoHelper 2.0.44 Driver 4.9.0
"Mozilla Firefox (3.6.18)" = Mozilla Firefox (3.6.18)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"N360" = Norton 360
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"NVIDIA Display Driver" = NVIDIA Display Driver
"OmniPagePro9.0DeinstKey" = OmniPage Pro 9.0
"POIbase_is1" = POIbase 1.002
"PPTView97" = Microsoft PowerPoint Viewer 97
"PROSet" = Intel(R) PRO Ethernet Adapter and Software
"T-Online Copas" = T-Online Copas
"T-Online Fotoservice" = T-Online Fotoservice
"TwonkyBeam for Internet Explorer" = TwonkyBeam for Internet Explorer
"TwonkyMediaTwonkyMedia" = TwonkyMedia
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WiseConvert Toolbar" = WiseConvert Toolbar
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Yahoo! Companion" = Yahoo! Toolbar mit Pop-Up-Blocker
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.05.2012 04:16:59 | Computer Name = ARBEITSZIMMER | Source = MsiInstaller | ID = 10005
Description = Produkt: Deutsche Post E-Porto -- Auf Ihrem Computer befindet sich
bereits eine Installation des E-Porto Add-Ins. Bitte deinstallieren Sie diese Version
bevor Sie das Setup erneut ausführen. Sie finden das Deutsche Post E-Porto Add-In
unter der Systemsteuerung und dort unter der Funktion "Programme deinstallieren".
Error - 22.05.2012 06:52:15 | Computer Name = ARBEITSZIMMER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 8.0.6001.18702, fehlgeschlagenes
Modul ldrtbwise.dll, Version 1.0.5.0, Fehleradresse 0x0003e980.
[ System Events ]
Error - 06.11.2012 07:16:00 | Computer Name = ARBEITSZIMMER | Source = PSched | ID = 14103
Description = QoS [Adapter {FF683974-EA71-4D68-B628-AA9288036815}]: Die Abfrage des
Netzwerkkartentreibers nach OID_GEN_LINK_SPEED ist fehlgeschlagen.
Error - 06.11.2012 10:25:04 | Computer Name = ARBEITSZIMMER | Source = PSched | ID = 14103
Description = QoS [Adapter {FF683974-EA71-4D68-B628-AA9288036815}]: Die Abfrage des
Netzwerkkartentreibers nach OID_GEN_LINK_SPEED ist fehlgeschlagen.
Error - 07.11.2012 06:32:32 | Computer Name = ARBEITSZIMMER | Source = PSched | ID = 14103
Description = QoS [Adapter {FF683974-EA71-4D68-B628-AA9288036815}]: Die Abfrage des
Netzwerkkartentreibers nach OID_GEN_LINK_SPEED ist fehlgeschlagen.
Error - 07.11.2012 10:04:07 | Computer Name = ARBEITSZIMMER | Source = PSched | ID = 14103
Description = QoS [Adapter {FF683974-EA71-4D68-B628-AA9288036815}]: Die Abfrage des
Netzwerkkartentreibers nach OID_GEN_LINK_SPEED ist fehlgeschlagen.
Error - 07.11.2012 10:07:15 | Computer Name = ARBEITSZIMMER | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst N360.
Error - 07.11.2012 10:07:45 | Computer Name = ARBEITSZIMMER | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst NVSvc.
Error - 08.11.2012 08:02:04 | Computer Name = ARBEITSZIMMER | Source = PSched | ID = 14103
Description = QoS [Adapter {FF683974-EA71-4D68-B628-AA9288036815}]: Die Abfrage des
Netzwerkkartentreibers nach OID_GEN_LINK_SPEED ist fehlgeschlagen.
Error - 09.11.2012 05:09:45 | Computer Name = ARBEITSZIMMER | Source = PSched | ID = 14103
Description = QoS [Adapter {FF683974-EA71-4D68-B628-AA9288036815}]: Die Abfrage des
Netzwerkkartentreibers nach OID_GEN_LINK_SPEED ist fehlgeschlagen.
Error - 09.11.2012 09:49:10 | Computer Name = ARBEITSZIMMER | Source = PSched | ID = 14103
Description = QoS [Adapter {FF683974-EA71-4D68-B628-AA9288036815}]: Die Abfrage des
Netzwerkkartentreibers nach OID_GEN_LINK_SPEED ist fehlgeschlagen.
Error - 09.11.2012 09:52:45 | Computer Name = ARBEITSZIMMER | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst N360.
< End of report >
--- --- ---
Ich bin mir nicht sicher, ob ich das alles korrekt
umgesetzt habe. Nicht immer war mir klar, was
mit den Anweisungen bzw. Hinweisen gemeint war.
Results of screen317's Security Check version 0.99.54
Windows XP Service Pack 3 x86
Internet Explorer 8 ``````````````Antivirus/Firewall Check:``````````````
Norton 360 `````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java Web Start
Java(TM) 6 Update 32 Java version out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Adobe Reader X (10.1.4)
Mozilla Firefox (3.6.18) Firefox out of Date! ````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe `````````````````System Health check`````````````````
Total Fragmentation on Drive C:: ````````````````````End of Log``````````````````````
Beim Neustart erfolgt weiterhin beim Hochfahren
von WinXP die Fehlermeldung:
C:\DOKUME~1\WOLFGA~1\LOKALE~1\Temp\jexplore.dll
Das angegebene Modul wurde nicht gefunden.
Der Rechner arbeitet davon ubeeinflußt normal, Internet-
zugang und alles andere funktionieren einwandfrei. |
