OTL.Txt-Editor: Code:
OTL logfile created on: 03.04.2013 17:29:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Anja\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,04 Mb Total Physical Memory | 269,89 Mb Available Physical Memory | 26,61% Memory free
2,38 Gb Paging File | 1,48 Gb Available in Paging File | 62,07% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 50,00 Gb Total Space | 26,02 Gb Free Space | 52,04% Space Free | Partition Type: NTFS
Drive D: | 95,05 Gb Total Space | 77,60 Gb Free Space | 81,65% Space Free | Partition Type: NTFS
Computer Name: ANJANARVIK | User Name: Anja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.03 13:15:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Anja\Desktop\OTL.exe
PRC - [2013.03.11 14:24:25 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2013.02.08 13:25:48 | 002,563,968 | ---- | M] (Symantec Corporation) -- C:\Programme\Symantec\Norton Online Backup\NOBuClient.exe
PRC - [2013.02.08 13:21:32 | 003,235,200 | ---- | M] (Symantec Corporation) -- C:\Programme\Symantec\Norton Online Backup\NOBuAgent.exe
PRC - [2012.12.24 06:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton Identity Safe\Engine\2013.3.0.26\ccSvcHst.exe
PRC - [2012.12.23 21:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Programme\Norton AntiVirus\Engine\20.3.0.36\ccSvcHst.exe
PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.12.03 09:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2012.05.04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
PRC - [2012.04.27 16:50:00 | 000,603,536 | R--- | M] (WinZip Computing, S.L.) -- C:\Programme\WinZip\WZQKPICK32.EXE
PRC - [2012.01.17 11:07:54 | 000,252,296 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.08.05 12:29:56 | 000,057,056 | ---- | M] (Microsoft Corporation) -- C:\Programme\Zune\ZuneBusEnum.exe
PRC - [2010.03.25 02:32:30 | 002,499,584 | ---- | M] (Vodafone) -- C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
PRC - [2009.02.26 14:03:50 | 000,315,392 | -H-- | M] (DeviceVM) -- C:\SPLASH.SYS\config\DVMExportService.exe
PRC - [2009.02.04 13:47:06 | 000,724,992 | ---- | M] (BIT LEADER) -- C:\Programme\lg_swupdate\Gilautouc.exe
PRC - [2008.12.01 09:45:10 | 000,532,480 | ---- | M] (Vimicro) -- C:\Programme\USB Camera\VM331_STI.EXE
PRC - [2008.09.12 15:01:24 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.09.12 11:45:04 | 001,056,768 | ---- | M] (LG Electronics Inc.) -- C:\Programme\LG Software\IP Operator\IP Operator.exe
PRC - [2008.09.05 11:03:56 | 000,069,632 | ---- | M] (SRS Labs, Inc.) -- C:\Programme\SRS Labs\WOWHD and TSXT Driver\SRS_PostInstaller.exe
PRC - [2008.09.05 11:03:48 | 000,241,664 | ---- | M] (SRS Labs, Inc.) -- C:\Programme\SRS Labs\WOWHD and TSXT Driver\SRSTrayApp.exe
PRC - [2008.04.14 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.02.02 17:26:44 | 000,283,136 | ---- | M] (AVM Berlin) -- C:\Programme\avmwlanstick\FRITZWLANMini.exe
========== Modules (No Company Name) ==========
MOD - [2013.03.21 21:31:36 | 014,717,144 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013.03.11 14:24:25 | 003,069,848 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2013.02.17 12:35:16 | 001,552,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VMC.ConnectionServi#\16d96fa21c44ef1de674ebe65c3767d9\VMC.ConnectionServices.ni.dll
MOD - [2013.02.17 12:35:06 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VMC.BaseServices.Xm#\3ea28b6f94d401a40e7d6e9ece07aaf8\VMC.BaseServices.XmlSerializers.ni.dll
MOD - [2013.02.17 12:35:04 | 000,492,544 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VMC.BaseServices.Da#\dc89418887f3d953d0ee5c7214abbd4f\VMC.BaseServices.DataAccessor.ni.dll
MOD - [2013.02.17 12:35:01 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll
MOD - [2013.02.14 23:17:52 | 000,497,152 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VMC.ConnectionServi#\e0cfaf81333fa378654f35291ebd0ce7\VMC.ConnectionServicesInterface.ni.dll
MOD - [2013.02.14 23:17:49 | 000,946,688 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VMC.BaseServices.Pl#\41a68a507ac01b6a9841e0d747038070\VMC.BaseServices.Platform.ni.dll
MOD - [2013.02.14 23:17:45 | 000,357,888 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VMC.UI.CommonDialogs\7765a5d102483b64924d5a5b56b9c780\VMC.UI.CommonDialogs.ni.dll
MOD - [2013.02.14 23:17:37 | 004,333,056 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MobileConnect\9f463d42cb12831b01c0b262cb9e247a\MobileConnect.ni.exe
MOD - [2013.02.14 23:15:54 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll
MOD - [2013.01.17 21:15:34 | 000,248,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VMC.WindowsService.#\d079f604d92a6a7aa198d7fbe58b6878\VMC.WindowsService.Core.ni.dll
MOD - [2013.01.17 21:15:33 | 000,715,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VMC.WwanWrapper\06f5849355aba14ac71aa227acd6d3ae\VMC.WwanWrapper.ni.dll
MOD - [2013.01.17 21:15:31 | 000,329,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CancelAutoPlay\3a28a96c1128d8035ddacf9f5fda6f73\CancelAutoPlay.ni.dll
MOD - [2013.01.17 21:15:31 | 000,050,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VMC.ConnectionServi#\9d2b216400b7e2f8d532373991013d43\VMC.ConnectionServices.TrafficOptimiser.ni.dll
MOD - [2013.01.17 21:15:30 | 000,247,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VMC.CsUtil\5ad748bd831bfed896e21d17108b7dee\VMC.CsUtil.ni.dll
MOD - [2013.01.17 21:15:29 | 000,101,888 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.Shell32\98b17f15af5d386ce9a5ae6b702d0e25\Interop.Shell32.ni.dll
MOD - [2013.01.17 21:15:20 | 000,031,232 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VMC.BaseServices.Ou#\b52edd0c24bbee86f5b1615c7620f315\VMC.BaseServices.OutlookConnector.ni.dll
MOD - [2013.01.17 21:15:18 | 000,218,624 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.FNCClient11#\f8299d436022a352075afdc803d8973f\Interop.FNCClient11Lib.ni.dll
MOD - [2013.01.17 21:15:10 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\1a6f9e23985e3159e6dd9827fd81c2fd\System.Management.ni.dll
MOD - [2013.01.17 21:15:07 | 000,070,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\VMC.WindowsService.#\13e2845c0da0e2fc2fc77fb0521f0d7f\VMC.WindowsService.Messaging.ni.dll
MOD - [2013.01.17 21:14:30 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7a2248a76f0e94d56c92c5bf96f5175\System.Runtime.Remoting.ni.dll
MOD - [2013.01.17 21:14:19 | 000,684,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\203f25ba39b45027d2d0c8f849a471db\System.Security.ni.dll
MOD - [2013.01.17 21:14:11 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll
MOD - [2013.01.10 13:07:33 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
MOD - [2013.01.10 13:06:48 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
MOD - [2013.01.10 13:03:35 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013.01.10 13:02:46 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2012.05.30 17:51:08 | 000,699,280 | R--- | M] () -- C:\Programme\Norton Identity Safe\Engine\2013.3.0.26\wincfi39.dll
MOD - [2010.11.21 16:54:34 | 000,094,208 | ---- | M] () -- d:\Programme\FileZilla FTP Client\fzshellext.dll
MOD - [2009.05.13 11:32:00 | 000,943,104 | ---- | M] () -- C:\Programme\Ipswitch\WS_FTP 12\libeay32.dll
MOD - [2009.05.13 11:32:00 | 000,147,968 | ---- | M] () -- C:\Programme\Ipswitch\WS_FTP 12\ssleay32.dll
MOD - [2008.10.10 10:43:56 | 000,348,160 | ---- | M] () -- C:\WINDOWS\system32\bmpsap.dll
MOD - [2008.05.30 13:26:52 | 000,069,632 | R--- | M] () -- C:\Programme\Vodafone Music Manager\VFShell.dll
MOD - [2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2005.04.26 19:30:40 | 000,114,688 | ---- | M] () -- C:\Programme\lg_swupdate\DMBUSB.dll
MOD - [2005.03.04 16:53:00 | 000,045,056 | ---- | M] () -- C:\Programme\lg_swupdate\RecogVFD.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\DOKUME~1\ALLUSE~1\ANWEND~1\fo3to8.dat -- (winmgmt)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.03.22 08:18:51 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.11 14:24:25 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.02.08 13:21:32 | 003,235,200 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2012.12.24 06:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Norton Identity Safe\Engine\2013.3.0.26\ccSvcHst.exe -- (NCO)
SRV - [2012.12.23 21:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Programme\Norton AntiVirus\Engine\20.3.0.36\ccSvcHst.exe -- (NAV)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.04 19:29:46 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011.08.05 12:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011.08.05 12:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011.08.05 12:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2011.08.05 12:29:56 | 000,057,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Zune\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2010.03.25 02:32:16 | 000,009,216 | ---- | M] (Vodafone) [Auto | Stopped] -- C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2009.02.26 14:03:50 | 000,315,392 | -H-- | M] (DeviceVM) [Auto | Running] -- C:\SPLASH.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2008.09.12 15:01:28 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008.09.05 11:03:56 | 000,069,632 | ---- | M] (SRS Labs, Inc.) [Auto | Running] -- C:\Programme\SRS Labs\WOWHD and TSXT Driver\SRS_PostInstaller.exe -- (SRS_PostInstaller)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\lgodd_filter.sys -- (lgodd_filter)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013.04.03 00:08:38 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013.04.02 12:30:32 | 001,603,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.3.0.36\Definitions\VirusDefs\20130402.025\NAVEX15.SYS -- (NAVEX15)
DRV - [2013.04.02 12:30:32 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013.04.02 12:30:32 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013.04.02 12:30:32 | 000,093,296 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.3.0.36\Definitions\VirusDefs\20130402.025\NAVENG.SYS -- (NAVENG)
DRV - [2013.03.30 05:26:56 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.3.0.36\Definitions\IPSDefs\20130402.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2013.03.22 03:52:23 | 000,997,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.3.0.36\Definitions\BASHDefs\20130322.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013.01.30 21:18:18 | 000,394,656 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1403000.024\symtdi.sys -- (SYMTDI)
DRV - [2013.01.30 21:18:06 | 000,934,488 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1403000.024\SymEFA.sys -- (SymEFA)
DRV - [2013.01.28 19:45:18 | 000,602,712 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NAV\1403000.024\srtsp.sys -- (SRTSP)
DRV - [2013.01.28 19:45:18 | 000,032,344 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1403000.024\srtspx.sys -- (SRTSPX)
DRV - [2013.01.21 20:15:32 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NAV\1403000.024\SymDS.sys -- (SymDS)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.11.16 05:18:04 | 000,134,304 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NST\7DD03000.01A\ccSetx86.sys -- (ccSet_NST)
DRV - [2012.11.15 20:22:02 | 000,175,264 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1403000.024\Ironx86.sys -- (SymIRON)
DRV - [2012.11.15 20:18:04 | 000,134,304 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NAV\1403000.024\ccSetx86.sys -- (ccSet_NAV)
DRV - [2011.07.24 21:02:52 | 000,018,184 | ---- | M] (OTi.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Usbnic.sys -- (Usbnic)
DRV - [2010.03.11 09:36:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2010.03.11 09:36:24 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2010.03.01 18:35:22 | 000,080,000 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV - [2009.08.18 13:06:56 | 000,009,728 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2009.03.09 10:39:46 | 000,997,888 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vm331avs.sys -- (vm331avs)
DRV - [2009.02.03 10:22:00 | 005,030,912 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.10.30 14:14:20 | 000,117,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008.10.10 10:46:22 | 000,007,552 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgsnd_filter.sys -- (lgsnd_filter)
DRV - [2008.09.08 12:22:02 | 000,076,840 | R--- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emc2gps.sys -- (emc2gps)
DRV - [2008.09.05 15:39:04 | 000,404,864 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emc2mdm2.sys -- (emc2mdm2)
DRV - [2008.09.05 15:39:04 | 000,368,000 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emc2unic.sys -- (emc2unic)
DRV - [2008.09.05 15:39:04 | 000,360,192 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emc2mdm.sys -- (emc2mdm)
DRV - [2008.09.05 15:39:04 | 000,025,856 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emc2nd5.sys -- (emc2nd5)
DRV - [2008.09.05 15:39:04 | 000,014,976 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emc2mdfl2.sys -- (emc2mdfl2)
DRV - [2008.09.05 15:39:04 | 000,014,976 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emc2mdfl.sys -- (emc2mdfl)
DRV - [2008.09.05 15:39:02 | 000,351,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emc2card.sys -- (emc2card)
DRV - [2008.09.05 15:39:02 | 000,276,352 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emc2bus.sys -- (emc2bus)
DRV - [2008.09.05 11:08:14 | 000,022,528 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WOWFilter.sys -- (wowfilter)
DRV - [2008.08.22 11:25:14 | 000,308,608 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8187Se.sys -- (rtl8187Se)
DRV - [2008.08.07 16:23:22 | 000,024,104 | R--- | M] (Sony Ericsson) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emc2scard.sys -- (Sony_EricssonWWSC)
DRV - [2008.08.05 13:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.04.03 18:38:40 | 000,015,232 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Ndisipo.sys -- (Ndisipo)
DRV - [2007.01.26 01:00:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2007.01.26 01:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avmeject.sys -- (avmeject)
DRV - [2006.11.02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006.01.04 08:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LGEL
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2367859620-1397157102-713918328-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2367859620-1397157102-713918328-1005\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2367859620-1397157102-713918328-1005\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-2367859620-1397157102-713918328-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2367859620-1397157102-713918328-1005\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2367859620-1397157102-713918328-1005\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SUNC_deDE387
IE - HKU\S-1-5-21-2367859620-1397157102-713918328-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-2367859620-1397157102-713918328-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2367859620-1397157102-713918328-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;192.168.178.1
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.quadportal-brandenburg.de/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=133&systemid=102&apn_dtid=BND102&apn_ptnrs=AG7&apn_uid=1025687346264913&o=APN10646&q="
FF - prefs.js..network.proxy.no_proxies_on: "fritz.box,192.168.178.1"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: d:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Programme\Vodafone\Vodafone Mobile Connect\Optimization Client\addon\ [2010.09.07 08:41:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.3.0.36\IPSFFPlgn\ [2013.04.03 00:10:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.3.0.26\coFFPlgn\ [2013.04.03 17:24:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.03.11 14:24:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smstoolbar@vodafone.de: C:\Programme\Vodafone\Messenger PC\Plugins\Vodafone SMS Toolbar\Firefox [2009.03.20 13:05:38 | 000,000,000 | ---D | M]
[2013.04.03 16:51:13 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Anja\Anwendungsdaten\Mozilla\Extensions
[2013.04.03 16:56:52 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Anja\Anwendungsdaten\Mozilla\Firefox\Profiles\jj0p8jvu.default\extensions
[2013.03.22 10:56:12 | 000,549,639 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Anja\Anwendungsdaten\Mozilla\Firefox\Profiles\jj0p8jvu.default\extensions\toolbar@web.de.xpi
[2012.07.02 11:56:34 | 000,000,853 | ---- | M] () -- C:\Dokumente und Einstellungen\Anja\Anwendungsdaten\Mozilla\Firefox\Profiles\jj0p8jvu.default\searchplugins\11-suche.xml
[2012.07.02 11:56:35 | 000,002,209 | ---- | M] () -- C:\Dokumente und Einstellungen\Anja\Anwendungsdaten\Mozilla\Firefox\Profiles\jj0p8jvu.default\searchplugins\englische-ergebnisse.xml
[2012.07.02 11:56:34 | 000,010,506 | ---- | M] () -- C:\Dokumente und Einstellungen\Anja\Anwendungsdaten\Mozilla\Firefox\Profiles\jj0p8jvu.default\searchplugins\gmx-suche.xml
[2012.07.02 11:56:35 | 000,002,368 | ---- | M] () -- C:\Dokumente und Einstellungen\Anja\Anwendungsdaten\Mozilla\Firefox\Profiles\jj0p8jvu.default\searchplugins\lastminute.xml
[2012.07.02 11:56:34 | 000,005,489 | ---- | M] () -- C:\Dokumente und Einstellungen\Anja\Anwendungsdaten\Mozilla\Firefox\Profiles\jj0p8jvu.default\searchplugins\webde-suche.xml
[2013.04.03 16:51:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.03.11 14:24:25 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.06.28 14:33:40 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.14 11:34:51 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.28 14:33:40 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.28 14:33:40 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.28 14:33:40 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.28 14:33:40 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton AntiVirus\Engine\20.3.0.36\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Programme\Norton Identity Safe\Engine\2013.3.0.26\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Vodafone SMS Toolbar) - {27743AB1-8A7C-442A-8F10-AE39E2F26538} - C:\Programme\Vodafone\Messenger PC\Plugins\Vodafone SMS Toolbar\IE\SMSToolbar.dll (Vodafone)
O3 - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Programme\Norton Identity Safe\Engine\2013.3.0.26\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4 - HKLM..\Run: [331BigDog] C:\Programme\USB Camera\VM331_STI.EXE (Vimicro)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] ALCMTR.EXE File not found
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe (AVM Berlin)
O4 - HKLM..\Run: [batterymiser] C:\Program Files\LG Software\Battery Miser\batterymiser.exe (LG Electronics Inc.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent File not found
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE File not found
O4 - HKLM..\Run: [Ettin] C:\WINDOWS\system32\Ettin\EtEngineU.exe File not found
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IPO3] C:\Programme\LG Software\IP Operator\IP Operator.exe (LG Electronics Inc.)
O4 - HKLM..\Run: [KeybdUtility] C:\Programme\LG Software\On Screen Display\HotKey.exe (LG Electronics)
O4 - HKLM..\Run: [LG Intelligent Update] C:\Programme\lg_swupdate\autoupdate.exe (BIT LEADER)
O4 - HKLM..\Run: [LG Magnifier] C:\Programme\LG Software\LG Magnifier\MagnifyingGlass.exe (LG Electronics Inc.)
O4 - HKLM..\Run: [MobileConnect] C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [RTHDCPL] RTHDCPL.EXE File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [zOSD] C:\Programme\LG Software\On Screen Display\HotKey.exe (LG Electronics)
O4 - HKLM..\Run: [Zune Launcher] C:\Programme\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2367859620-1397157102-713918328-1005..\Run: [Emusatupow] "C:\Dokumente und Einstellungen\Anja\Anwendungsdaten\Ikus\iruf.exe" File not found
O4 - HKU\S-1-5-21-2367859620-1397157102-713918328-1005..\Run: [SRSTrayApp] C:\Programme\SRS Labs\WOWHD and TSXT Driver\SRSTrayApp.exe (SRS Labs, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)
O4 - Startup: C:\Dokumente und Einstellungen\Default User\Startmenü\Programme\Autostart\Vodafone Videothek.url ()
O4 - Startup: C:\Dokumente und Einstellungen\Gast\Startmenü\Programme\Autostart\Vodafone Videothek.url ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2367859620-1397157102-713918328-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Anja\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Send MMS - C:\Programme\Vodafone\Messenger PC\Plugins\Vodafone SMS Toolbar\IE\SMSToolbar.dll (Vodafone)
O8 - Extra context menu item: Send SMS - C:\Programme\Vodafone\Messenger PC\Plugins\Vodafone SMS Toolbar\IE\SMSToolbar.dll (Vodafone)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-2367859620-1397157102-713918328-1005\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-2367859620-1397157102-713918328-1005\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} hxxp://picasaweb.google.com/s/v/62.08/uploader2.cab (UploadListView Class)
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab (CeWe Color AG & Co. OHG Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://wettiner-ring.dyndns.org:82/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CDEAA99D-466A-4E7D-AA54-F4F6BF5D3451}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D49A5303-61C6-4225-BEF7-46CA84E0D2B5}: DhcpNameServer = 192.168.0.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D70F56C2-52B1-4320-BB59-7911D29BCBB3}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DF66E0D1-4805-4742-BE93-F22FBC27F43E}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O20 - AppInit_DLLs: (C:\DOKUME~1\ALLUSE~1\ANWEND~1\Wincert\WIN32C~1.DLL) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Wincert\win32cert.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll) - File not found
O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - File not found
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - File not found
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - File not found
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - File not found
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - File not found
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - File not found
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Anja\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Anja\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {26F5978F-6493-4ee3-B114-C0C3ACCF9D4D} - C:\WINDOWS\system32\bmpsap.dll ()
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (schannel.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.19 16:41:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.04.03 17:09:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2013.04.03 16:47:03 | 000,000,000 | ---D | C] -- C:\zoek
[2013.04.03 13:15:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Anja\Desktop\OTL.exe
[2013.04.03 10:29:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Wincert
[2013.04.03 10:29:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anja\Anwendungsdaten\jziptoolbargaw
[2013.04.03 10:29:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anja\Lokale Einstellungen\Anwendungsdaten\jZip
[2013.04.03 10:28:20 | 000,000,000 | ---D | C] -- C:\Programme\jZip
[2013.04.03 09:42:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anja\Anwendungsdaten\Malwarebytes
[2013.04.03 09:41:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013.04.03 09:41:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2013.04.03 09:41:40 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.04.03 09:41:39 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2013.04.03 00:26:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2013.04.03 00:26:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Norton Online Backup
[2013.04.03 00:26:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Symantec
[2013.04.03 00:09:17 | 000,134,304 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NST\7DD03000.01A\ccSetx86.sys
[2013.04.03 00:08:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NST
[2013.04.03 00:08:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NST\7DD03000.01A
[2013.04.03 00:08:52 | 000,000,000 | ---D | C] -- C:\Programme\Norton Identity Safe
[2013.04.03 00:08:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Norton Identity Safe
[2013.04.03 00:08:38 | 000,142,496 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013.04.03 00:08:38 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Symantec Shared
[2013.04.03 00:08:38 | 000,000,000 | ---D | C] -- C:\Programme\Symantec
[2013.04.03 00:08:15 | 000,934,488 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1403000.024\SymEFA.sys
[2013.04.03 00:08:15 | 000,394,656 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1403000.024\symtdi.sys
[2013.04.03 00:08:15 | 000,367,704 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1403000.024\SymDS.sys
[2013.04.03 00:08:15 | 000,350,368 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1403000.024\symtdiv.sys
[2013.04.03 00:08:15 | 000,338,592 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1403000.024\symnets.sys
[2013.04.03 00:08:15 | 000,032,344 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1403000.024\srtspx.sys
[2013.04.03 00:08:15 | 000,021,400 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1403000.024\SymELAM.sys
[2013.04.03 00:08:14 | 000,602,712 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1403000.024\srtsp.sys
[2013.04.03 00:08:14 | 000,175,264 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1403000.024\Ironx86.sys
[2013.04.03 00:08:14 | 000,134,304 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NAV\1403000.024\ccSetx86.sys
[2013.04.03 00:07:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV
[2013.04.03 00:07:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NAV\1403000.024
[2013.04.03 00:07:05 | 000,000,000 | ---D | C] -- C:\Programme\Norton AntiVirus
[2013.04.03 00:07:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Norton AntiVirus
[2013.04.03 00:07:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
[2013.04.03 00:05:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anja\Lokale Einstellungen\Anwendungsdaten\Avg2013
[2013.04.03 00:04:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.04.03 00:00:36 | 000,000,000 | ---D | C] -- C:\Programme\NortonInstaller
[2013.04.03 00:00:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
[2013.04.02 21:56:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anja\Anwendungsdaten\TuneUp Software
[2013.04.02 21:55:20 | 000,000,000 | -H-D | C] -- C:\$AVG
[2013.04.02 21:55:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2013
[2013.04.02 21:48:28 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2013.04.02 21:48:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anja\Lokale Einstellungen\Anwendungsdaten\MFAData
[2013.04.02 21:48:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2013.04.02 12:49:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Earth
[2013.03.21 21:31:37 | 000,693,976 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.03.21 21:09:16 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013.03.11 14:24:17 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.04.03 17:48:52 | 000,000,412 | ---- | M] () -- C:\Dokumente und Einstellungen\Anja\Eigene Dateien\spider.sav
[2013.04.03 17:41:13 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.03 17:34:33 | 000,000,406 | -H-- | M] () -- C:\dvmexp.idx
[2013.04.03 17:27:11 | 000,000,930 | ---- | M] () -- C:\WINDOWS\lgcenter.ini
[2013.04.03 17:24:17 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.03 17:23:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.04.03 17:23:46 | 1063,374,848 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.03 17:18:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.04.03 16:29:36 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe
[2013.04.03 16:29:20 | 001,266,704 | ---- | M] () -- C:\Dokumente und Einstellungen\Anja\Desktop\zoek.exe
[2013.04.03 13:15:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Anja\Desktop\OTL.exe
[2013.04.03 10:29:21 | 000,000,634 | ---- | M] () -- C:\Dokumente und Einstellungen\Anja\Desktop\jZip.lnk
[2013.04.03 09:41:50 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.03 09:22:49 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\8ot3of.pad
[2013.04.03 00:26:17 | 000,001,715 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton Online Backup.lnk
[2013.04.03 00:10:10 | 000,628,404 | ---- | M] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\Cat.DB
[2013.04.03 00:08:38 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013.04.03 00:08:38 | 000,007,446 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013.04.03 00:08:38 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013.04.03 00:08:24 | 000,001,849 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton AntiVirus.LNK
[2013.04.02 23:02:21 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6FF68B01-322F-4084-B9C7-864E5BF6CABB}.job
[2013.04.02 12:49:36 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2013.04.01 20:46:35 | 000,000,794 | ---- | M] () -- C:\Dokumente und Einstellungen\Anja\Startmenü\Programme\Autostart\msconfig.lnk
[2013.04.01 20:17:47 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.03.22 08:18:50 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.03.22 08:18:50 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.03.18 21:31:16 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2013.03.14 17:21:05 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.04.03 17:09:58 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2013.04.03 16:29:19 | 001,266,704 | ---- | C] () -- C:\Dokumente und Einstellungen\Anja\Desktop\zoek.exe
[2013.04.03 10:29:21 | 000,000,640 | ---- | C] () -- C:\Dokumente und Einstellungen\Anja\Startmenü\Programme\jZip.lnk
[2013.04.03 10:29:20 | 000,000,634 | ---- | C] () -- C:\Dokumente und Einstellungen\Anja\Desktop\jZip.lnk
[2013.04.03 09:41:50 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.03 00:26:17 | 000,001,715 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton Online Backup.lnk
[2013.04.03 00:19:37 | 000,014,818 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\VT20130115.021
[2013.04.03 00:09:25 | 000,628,404 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\Cat.DB
[2013.04.03 00:08:55 | 000,007,611 | R--- | C] () -- C:\WINDOWS\System32\drivers\NST\7DD03000.01A\ccsetx86.cat
[2013.04.03 00:08:55 | 000,000,827 | R--- | C] () -- C:\WINDOWS\System32\drivers\NST\7DD03000.01A\ccSetx86.inf
[2013.04.03 00:08:55 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NST\7DD03000.01A\isolate.ini
[2013.04.03 00:08:38 | 000,007,446 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2013.04.03 00:08:38 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2013.04.03 00:08:24 | 000,001,849 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton AntiVirus.LNK
[2013.04.03 00:07:44 | 000,003,434 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\SymEFA.inf
[2013.04.03 00:07:44 | 000,002,852 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\SymDS.inf
[2013.04.03 00:07:44 | 000,001,468 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\SymNetV.inf
[2013.04.03 00:07:44 | 000,001,440 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\SymNet.inf
[2013.04.03 00:07:44 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\srtspx.inf
[2013.04.03 00:07:44 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\srtsp.inf
[2013.04.03 00:07:44 | 000,000,996 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\symELAM.inf
[2013.04.03 00:07:44 | 000,000,827 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\ccSetx86.inf
[2013.04.03 00:07:44 | 000,000,737 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\Iron.inf
[2013.04.03 00:07:11 | 000,014,818 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\SymVTcer.dat
[2013.04.03 00:07:11 | 000,009,670 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\SymELAM.cat
[2013.04.03 00:07:11 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\symnetv.cat
[2013.04.03 00:07:11 | 000,007,611 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\ccsetx86.cat
[2013.04.03 00:07:11 | 000,007,601 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\SymNet.cat
[2013.04.03 00:07:11 | 000,007,593 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\iron.cat
[2013.04.03 00:07:11 | 000,007,583 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\SymEFA.cat
[2013.04.03 00:07:11 | 000,007,581 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\srtspx.cat
[2013.04.03 00:07:11 | 000,007,577 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\SymDS.cat
[2013.04.03 00:07:11 | 000,007,577 | R--- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\srtsp.cat
[2013.04.03 00:07:11 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NAV\1403000.024\isolate.ini
[2013.04.02 12:49:36 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2013.04.01 20:46:35 | 000,000,794 | ---- | C] () -- C:\Dokumente und Einstellungen\Anja\Startmenü\Programme\Autostart\msconfig.lnk
[2013.04.01 20:46:30 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\8ot3of.pad
[2013.03.21 21:31:38 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.03.18 21:31:16 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2013.01.31 14:45:13 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.02.15 00:23:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.07.24 21:02:51 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\Lan2108.dll
[2011.07.24 21:02:51 | 000,132,608 | ---- | C] () -- C:\WINDOWS\System32\Lan2208.dll
[2010.03.15 20:15:34 | 000,156,430 | R--- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DeviceManager.xml.rc4
[2009.11.03 16:29:15 | 000,025,600 | ---- | C] () -- C:\Dokumente und Einstellungen\Anja\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009.03.20 12:56:05 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009.09.25 07:35:26 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
Extras.Txt-Editor: Code:
OTL Extras logfile created on: 03.04.2013 17:29:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Anja\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1014,04 Mb Total Physical Memory | 269,89 Mb Available Physical Memory | 26,61% Memory free
2,38 Gb Paging File | 1,48 Gb Available in Paging File | 62,07% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 50,00 Gb Total Space | 26,02 Gb Free Space | 52,04% Space Free | Partition Type: NTFS
Drive D: | 95,05 Gb Total Space | 77,60 Gb Free Space | 81,65% Space Free | Partition Type: NTFS
Computer Name: ANJANARVIK | User Name: Anja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_USERS\S-1-5-21-2367859620-1397157102-713918328-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\ICQ7.5\ICQ.exe" = C:\Programme\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Messenger\msmsgs.exe" = C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\WINDOWS\system32\Ettin\ETEngineU.exe" = C:\WINDOWS\system32\Ettin\ETEngineU.exe:*:Enabled:Smart Link Application
"C:\Programme\ICQ7.5\ICQ.exe" = C:\Programme\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Disabled:Windows Explorer -- (Microsoft Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{17B2670B-DB33-4F5E-9273-0E5CDF39DA5F}" = Windows Phone Intro Video (DEU)
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2614583C-9235-49AE-BDFD-24E642FB63C0}" = Ericsson F3507g Wireless Module
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{28F39401-7ED4-43D7-AE2D-DBA4368BE3A8}" = WOW HD and TSXT Filter Driver
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2B3ADDDE-6841-4D5B-A655-CFB6C832430B}" = IP Operator
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{537575D6-3B96-474C-BD8F-DFF667363DBD}" = Naviextras Toolbox Prerequesities
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{7EC19307-7C22-47A8-922B-3FA965291260}" = OpenOffice.org 3.0
"{7F7AE0A7-D2DF-44A0-BD20-33C53710FBAF}" = LG Magnifier
"{81717D01-32F6-449C-85E1-41AFD678E545}" = LG Intelligent Update
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91252C0A-59F9-42F9-9181-B9CC74F592C0}" = Vodafone Mobile Connect
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{953DC150-779B-4185-9018-C98A7C511999}" = Vodafone Music Manager
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC73C2D7-D10C-40F5-AD67-3E957EE9B6BC}" = On Screen Display
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.3 - Deutsch
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP 12
"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}" = FS13FF-183
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{C9A87D86-FDFD-418B-BF96-EF09320973B3}" = PC Inspector smart recovery
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CC4FA43B-BE54-48AF-8B62-D0C00E2D1D15}" = LG Smart Recovery
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D2}" = WinZip 16.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4EEC21C-04F0-4CF4-8078-82C11E38EF11}" = REALTEK RTL8187SE Wireless LAN Driver
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{E55C8F84-160B-41FA-9D41-6210801C0C24}" = Battery Miser
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{FCF7655B-62C3-4C16-A12D-CC84B33493FB}" = LG Smart On
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"BVSSOLDE_is1" = BVS Solitaire Sammlung version 6.2.1
"Elf_1.13 Toolbar" = Elf 1.13 Toolbar
"FileZilla Client" = FileZilla Client 3.3.5.1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.815
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ICQToolbar" = ICQ Toolbar
"ie8" = Windows Internet Explorer 8
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"IrfanView" = IrfanView (remove only)
"jziptoolbargaw" = Search-Results Toolbar
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NAV" = Norton AntiVirus
"Naviextras Toolbox" = Naviextras Toolbox
"NST" = Norton Identity Safe
"Picasa 3" = Picasa 3
"POIbase_is1" = POIbase 1.020
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Vodafone Messenger PC" = Vodafone Messenger PC
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"Xilisoft MOV Converter" = Xilisoft MOV Converter
"Zune" = Zune
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2367859620-1397157102-713918328-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"jZip" = jZip
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.04.2013 18:09:32 | Computer Name = ANJANARVIK | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 03.04.2013 03:30:10 | Computer Name = ANJANARVIK | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung magnifyingglass.exe, Version 1.40.0.0, fehlgeschlagenes
Modul magnifyingglass.exe, Version 1.40.0.0, Fehleradresse 0x00005372.
Error - 03.04.2013 04:22:31 | Computer Name = ANJANARVIK | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung magnifyingglass.exe, Version 1.40.0.0, fehlgeschlagenes
Modul magnifyingglass.exe, Version 1.40.0.0, Fehleradresse 0x00005372.
Error - 03.04.2013 04:23:19 | Computer Name = ANJANARVIK | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich 962362509.
Error - 03.04.2013 06:14:56 | Computer Name = ANJANARVIK | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung magnifyingglass.exe, Version 1.40.0.0, fehlgeschlagenes
Modul magnifyingglass.exe, Version 1.40.0.0, Fehleradresse 0x00005372.
Error - 03.04.2013 06:15:01 | Computer Name = ANJANARVIK | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich 962362509.
Error - 03.04.2013 07:22:09 | Computer Name = ANJANARVIK | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung magnifyingglass.exe, Version 1.40.0.0, fehlgeschlagenes
Modul magnifyingglass.exe, Version 1.40.0.0, Fehleradresse 0x00005372.
Error - 03.04.2013 08:25:49 | Computer Name = ANJANARVIK | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung magnifyingglass.exe, Version 1.40.0.0, fehlgeschlagenes
Modul magnifyingglass.exe, Version 1.40.0.0, Fehleradresse 0x00005372.
Error - 03.04.2013 10:20:27 | Computer Name = ANJANARVIK | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung magnifyingglass.exe, Version 1.40.0.0, fehlgeschlagenes
Modul magnifyingglass.exe, Version 1.40.0.0, Fehleradresse 0x00005372.
Error - 03.04.2013 11:27:57 | Computer Name = ANJANARVIK | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung magnifyingglass.exe, Version 1.40.0.0, fehlgeschlagenes
Modul magnifyingglass.exe, Version 1.40.0.0, Fehleradresse 0x00005372.
[ System Events ]
Error - 03.04.2013 12:04:54 | Computer Name = ANJANARVIK | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 03.04.2013 12:05:24 | Computer Name = ANJANARVIK | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 03.04.2013 12:06:36 | Computer Name = ANJANARVIK | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 03.04.2013 12:07:06 | Computer Name = ANJANARVIK | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 03.04.2013 12:07:36 | Computer Name = ANJANARVIK | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 03.04.2013 12:08:06 | Computer Name = ANJANARVIK | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 03.04.2013 12:08:36 | Computer Name = ANJANARVIK | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 03.04.2013 12:09:06 | Computer Name = ANJANARVIK | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 03.04.2013 12:09:36 | Computer Name = ANJANARVIK | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 03.04.2013 12:10:06 | Computer Name = ANJANARVIK | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
< End of report >
Soo, beide Schritte erledigt :killpc: Zitat:
Zitat von smeenk
(Beitrag 1039793)
Du bist ganz große Klasse! :taenzer:
| Neee, du!!! :applaus:
Schritt 2 aucvh erledigt. Mein Netbook ist nur extrem langsam (oder ich zu ungeduldig) |
