Ukash Luxemb. Polizei Trojaner , Isass.exe, ctfmon.lon, TR/Drop.Injector.fydy Trojan

All processes killed
========== OTL ==========
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\avaj.pad moved successfully.
File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\avaj.pad not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File  not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{078947e0-d9bf-11dd-8753-001185855ef9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{078947e0-d9bf-11dd-8753-001185855ef9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{078947e0-d9bf-11dd-8753-001185855ef9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{078947e0-d9bf-11dd-8753-001185855ef9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{078947e0-d9bf-11dd-8753-001185855ef9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{078947e0-d9bf-11dd-8753-001185855ef9}\ not found.
File E:\pushinst.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ddb4e0b0-d0d1-11dd-ba90-001185855ef9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ddb4e0b0-d0d1-11dd-ba90-001185855ef9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ddb4e0b0-d0d1-11dd-ba90-001185855ef9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ddb4e0b0-d0d1-11dd-ba90-001185855ef9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ddb4e0b0-d0d1-11dd-ba90-001185855ef9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ddb4e0b0-d0d1-11dd-ba90-001185855ef9}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com k:\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ddb4e0b0-d0d1-11dd-ba90-001185855ef9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ddb4e0b0-d0d1-11dd-ba90-001185855ef9}\ not found.
File E:\resycled\boot.com k:\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\User\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\User\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->FireFox cache emptied: 4045109 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes
 
User: Gast
->Temp folder emptied: 1653197 bytes
->Temporary Internet Files folder emptied: 279693 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 7572248 bytes
->Flash cache emptied: 456 bytes
 
User: LocalService
->Temp folder emptied: 2198808 bytes
->Temporary Internet Files folder emptied: 69783 bytes
->FireFox cache emptied: 6800068 bytes
 
User: NetworkService
->Temp folder emptied: 3197384 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: User
->Temp folder emptied: 52305407 bytes
->Temporary Internet Files folder emptied: 221637877 bytes
->Java cache emptied: 16678390 bytes
->FireFox cache emptied: 67476021 bytes
->Flash cache emptied: 523 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2134333 bytes
%systemroot%\System32 .tmp files removed: 20594567 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1763599 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 390,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 11052012_204059

Files\Folders moved on Reboot...
C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temp\~DF4E2C.tmp moved successfully.
File\Folder C:\WINDOWS\temp\ZLT02260.TMP not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         

7-Zip 9.20		14.9.2011		
Acronis*True*Image*Home	Acronis	23.12.2008	123,00MB	12.0.9608
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	3.11.2012		11.4.402.287
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	3.11.2012		11.4.402.287
Adobe Reader XI - Deutsch	Adobe Systems Incorporated	31.10.2012	128,00MB	11.0.00
Agere Systems AC'97 Modem				
Apple Application Support	Apple Inc.	20.8.2010	44,51MB	1.3.1
Apple Mobile Device Support	Apple Inc.	27.6.2010	19,92MB	3.1.0.62
Apple Software Update	Apple Inc.	23.12.2008	2,16MB	2.1.1.116
ATI - Dienstprogramm zur Deinstallation der Software		23.12.2008		6.14.10.1005
ATI Control Panel		15.8.2009		6.14.10.5072
ATI Display Driver		23.12.2008		7.962-031202m1-012957C
Audacity 1.3.12 (Unicode)	Audacity Team	27.5.2010		
Avira Free Antivirus	Avira	5.11.2012		13.0.0.2735
Bluetooth by hp	WIDCOMM, Inc.	23.12.2008	17,63MB	3.0.1.905
Bonjour	Apple Inc.	27.6.2010	0,76MB	2.0.2.0
Broadcom 802.11 Wireless LAN Adapter	Broadcom Corporation	2.1.2009		4.100.15.5
Broadcom Gigabit Integrated Controller	Broadcom	23.12.2008		3.62
Broadcom Wireless Utility	Broadcom Corporation	2.1.2009		4.100.15.5
Canon Camera Access Library		24.6.2009		8.3.0.1
Canon Camera Support Core Library		24.6.2009		7.3.1.6
Canon Camera Window DC_DV 5 for ZoomBrowser EX		24.6.2009		5.4.5.17
Canon Camera Window DC_DV 6 for ZoomBrowser EX		24.6.2009		6.4.0.9
Canon Camera Window MC 6 for ZoomBrowser EX		24.6.2009		6.3.0.8
Canon G.726 WMP-Decoder		24.6.2009		1.1.0.4
CANON iMAGE GATEWAY Task for ZoomBrowser EX		4.3.2012		1.3.1.5
Canon Internet Library for ZoomBrowser EX		4.3.2012		1.5.1.4
Canon MovieEdit Task for ZoomBrowser EX		4.3.2012		2.4.0.14
Canon RAW Image Task for ZoomBrowser EX		24.6.2009		2.6.0.13
Canon RemoteCapture Task for ZoomBrowser EX		24.6.2009		1.7.0.8
Canon Utilities EOS Utility		24.6.2009		1.1.0.8
Canon Utilities PhotoStitch		24.6.2009		3.1.19.43
Canon Utilities ZoomBrowser EX		4.3.2012		5.8.0.74
CCleaner	Piriform	24.10.2012		3.24
Citrix Presentation Server Client	Citrix Systems, Inc.	13.2.2009	19,88MB	10.100.55836
Classic Client 5.1.5a	Gemalto	9.8.2009	20,39MB	5.15.000.003
Compatibility Pack for the 2007 Office system	Microsoft Corporation	15.10.2012	323,00MB	12.0.6612.1000
Diagnostics für Windows		15.8.2009		
Easy CD & DVD Creator 6	Roxio Inc.,	23.12.2008	331,00MB	6.1.1.42
GIMP 2.6.4		8.2.2009		
Google Earth	Google	19.11.2011	92,77MB	6.1.0.5001
Google SketchUp 8	Google, Inc.	9.4.2012	77,53MB	3.0.11762
Google Updater	Google Inc.	3.10.2011		2.4.2432.1652
HP Integrated Wireless LAN W400-W500 Driver		2.1.2009		
HP Mobile Printing	Hewlett-Packard	23.12.2008		2.1.0.7
Insight Management Agent		23.12.2008		
InterVideo WinDVD	InterVideo Inc.	23.12.2008		
iTunes	Apple Inc.	20.8.2010	161,00MB	9.2.1.5
Java 7 Update 9	Oracle	31.10.2012	128,00MB	7.0.90
K-Lite Codec Pack 4.4.2 (Full)		23.12.2008		4.4.2
Logitech Vid	Logitech Inc.	1.2.2012	45,64MB	1.70.1044
Logitech Webcam Software	Logitech Inc.	1.2.2012		2.0
Malwarebytes Anti-Malware Version 1.65.1.1000	Malwarebytes Corporation	31.10.2012		1.65.1.1000
Microsoft Compression Client Pack 1.0 for Windows XP	Microsoft Corporation	23.6.2009		1
Microsoft Office File Validation Add-In	Microsoft Corporation	19.9.2011	11,21MB	14.0.5130.5003
Microsoft Office Live Add-in 1.5	Microsoft Corporation	18.4.2012	0,49MB	2.0.4024.1
Microsoft Office Professional Edition 2003	Microsoft Corporation	15.10.2012	1.215,00MB	11.0.8173.0
Microsoft User-Mode Driver Framework Feature Pack 1.9	Microsoft Corporation	12.2.2011		
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148	Microsoft Corporation	7.12.2009	0,15MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	21.5.2011	10,20MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	6.12.2009	16,25MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	5.7.2011	10,20MB	9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	28.1.2012	14,97MB	10.0.40219
MobileMe Control Panel	Apple Inc.	20.8.2010	10,05MB	3.1.1.0
Mozilla Firefox 16.0.2 (x86 de)	Mozilla	30.10.2012		16.0.2
Mozilla Maintenance Service	Mozilla	31.10.2012		16.0.2
Nokia Connectivity Cable Driver	Nokia	12.2.2011	3,27MB	7.1.36.0
Nokia PC Suite	Nokia	12.2.2011		7.1.60.0
O2Micro MemoryCardBus Windows Driver	O2Micro Electronics, Inc.	23.12.2008		1.30.0000
PC Connectivity Solution	Nokia	12.2.2011	12,87MB	10.50.2.0
PC Inspector File Recovery		26.5.2009		4.0
PowerPDF Professional	Visage Software	15.8.2009	9,35MB	2.0
Quick Launch Buttons 5.00 C2		23.12.2008		5.00 C2
Remote Diagnostics Enabling Agent		15.8.2009		
Remote Services Driver		21.11.2011		
ScanWizard 5		21.12.2010		
Skype™ 5.10	Skype Technologies S.A.	29.7.2012	19,54MB	5.10.116
SoundMAX	Analog Devices	23.12.2008		5.12.01.3641
Spybot - Search & Destroy	Safer Networking Limited	2.11.2012		1.6.2
Synaptics Pointing Device Driver		23.12.2008		7.5.18.1
Texas Instruments PCIxx20 drivers.	Texas Instruments Inc.	23.12.2008		1.00.0000
Windows Internet Explorer 8	Microsoft Corporation	8.8.2009		20090308.140743
Windows Media Format 11 runtime		23.6.2009		
Windows Media Player 11		23.6.2009		
Windows XP Service Pack 3	Microsoft Corporation	23.12.2008		20080414.031514
Windows-Treiberpaket - Nokia Modem  (06/09/2010 7.01.0.8)	Nokia	12.2.2011		06/09/2010 7.01.0.8
Windows-Treiberpaket - Nokia Modem  (10/07/2010 4.6)	Nokia	12.2.2011		10/07/2010 4.6
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)	Nokia	12.2.2011		08/22/2008 7.0.0.0
Yahoo! BrowserPlus 2.9.2	Yahoo! Inc.			
ZoneAlarm Free Firewall	Check Point	19.7.2012		10.2.068.000
ZoneAlarm Security Toolbar	Check Point Software Technologies LTD	19.7.2012		
ZoneAlarm Spy Blocker	ZoneAlarm	23.12.2008
         

OTL logfile created on: 5.11.2012 20:58:55 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: d.M.yyyy
 
1,50 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 63,40% Memory free
3,35 Gb Paging File | 2,76 Gb Available in Paging File | 82,44% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 111,78 Gb Total Space | 43,89 Gb Free Space | 39,27% Space Free | Partition Type: NTFS
 
Computer Name: USER-FC7836A373 | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.01 22:25:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\OTL, Stand 01.11.2012.exe
PRC - [2012.10.31 23:22:26 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2012.10.31 20:38:07 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.10.31 20:37:43 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.10.31 20:37:43 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.09.19 18:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.07.09 12:44:46 | 000,497,320 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2012.07.03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.08.19 10:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Programme\Gemeinsame Dateien\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2010.06.10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.05.11 16:43:48 | 006,061,400 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\Vid\Vid.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.10.03 23:58:58 | 000,962,480 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2008.10.03 23:55:12 | 004,378,000 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2008.10.03 22:40:00 | 000,165,144 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
PRC - [2008.10.03 22:39:54 | 000,554,264 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
PRC - [2008.06.05 13:26:14 | 000,188,416 | ---- | M] () -- C:\Programme\Gemalto\Classic Client\BIN\RegTool.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.10.19 15:09:52 | 000,057,344 | ---- | M] (Gemalto) -- C:\Programme\Gemalto\Classic Client\BIN\GslShmSrvc.exe
PRC - [2007.02.02 17:26:44 | 000,283,136 | ---- | M] (AVM Berlin) -- C:\Programme\avmwlanstick\FRITZWLANMini.exe
PRC - [2006.03.30 08:15:44 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Programme\Canon\CAL\CALMAIN.exe
PRC - [2004.09.17 16:19:42 | 000,290,816 | ---- | M] (Hewlett-Packard ) -- C:\Programme\HPQ\Quick Launch Buttons\eabservr.exe
PRC - [2004.06.02 17:48:22 | 000,565,309 | ---- | M] (WIDCOMM, Inc.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2004.01.09 16:01:56 | 000,868,352 | ---- | M] (Roxio) -- C:\Programme\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
PRC - [2003.07.15 20:09:18 | 000,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPLpr.exe
PRC - [2003.06.30 08:30:28 | 000,315,392 | ---- | M] () -- C:\Programme\ScanWizard 5\ScannerFinder.exe
PRC - [2003.05.23 13:12:00 | 000,630,784 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Hewlett-Packard\HP Mobile Printing\HPBMOBIL.EXE
PRC - [2003.05.12 17:38:42 | 000,024,576 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Compaq\Compaq Management Agents\cpqWebDmi\Webdmi.exe
PRC - [2003.05.12 17:33:26 | 000,020,480 | ---- | M] (Compaq Computer Corporation) -- C:\Programme\Compaq\Compaq Management Agents\Cpqdmi.exe
PRC - [2003.05.12 17:33:10 | 000,081,920 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Compaq\Compaq Management Agents\Chkadmin.exe
PRC - [2003.05.12 17:29:42 | 000,512,000 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Compaq\Compaq Management Agents\Cpqalert.exe
PRC - [2003.03.13 16:14:02 | 000,212,992 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\cpqdiag\CPQDFWAG.EXE
PRC - [2003.02.07 07:22:54 | 004,219,904 | ---- | M] (Visage Software) -- C:\Programme\PowerPDF Professional\pwrpdfsrv.exe
PRC - [2002.09.20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
PRC - [2001.04.11 10:33:46 | 000,215,552 | ---- | M] (Intel) -- C:\Programme\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.09.19 18:17:40 | 000,397,088 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010.05.11 16:45:18 | 000,138,072 | ---- | M] () -- C:\Programme\Logitech\Vid\plugins\imageformats\qjpeg4.dll
MOD - [2010.05.11 16:44:48 | 000,035,160 | ---- | M] () -- C:\Programme\Logitech\Vid\plugins\imageformats\qico4.dll
MOD - [2010.05.11 16:44:22 | 000,029,016 | ---- | M] () -- C:\Programme\Logitech\Vid\plugins\imageformats\qgif4.dll
MOD - [2010.05.11 16:42:22 | 000,027,480 | ---- | M] () -- C:\Programme\Logitech\Vid\SDL.dll
MOD - [2010.05.11 16:42:10 | 000,363,864 | ---- | M] () -- C:\Programme\Logitech\Vid\qtxml4.dll
MOD - [2010.05.11 16:42:00 | 011,311,960 | ---- | M] () -- C:\Programme\Logitech\Vid\QtWebKit4.dll
MOD - [2010.05.11 16:41:48 | 000,200,024 | ---- | M] () -- C:\Programme\Logitech\Vid\qtsql4.dll
MOD - [2010.05.11 16:41:36 | 000,475,480 | ---- | M] () -- C:\Programme\Logitech\Vid\QtOpenGL4.dll
MOD - [2010.05.11 16:41:24 | 000,969,048 | ---- | M] () -- C:\Programme\Logitech\Vid\QtNetwork4.dll
MOD - [2010.05.11 16:41:14 | 007,704,408 | ---- | M] () -- C:\Programme\Logitech\Vid\QtGui4.dll
MOD - [2010.05.11 16:41:02 | 002,141,016 | ---- | M] () -- C:\Programme\Logitech\Vid\QtCore4.dll
MOD - [2010.05.11 16:40:50 | 000,291,672 | ---- | M] () -- C:\Programme\Logitech\Vid\phonon4.dll
MOD - [2008.06.05 13:26:14 | 000,188,416 | ---- | M] () -- C:\Programme\Gemalto\Classic Client\BIN\RegTool.exe
MOD - [2008.04.14 03:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006.11.01 08:57:22 | 000,757,760 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2004.07.26 10:03:50 | 000,249,856 | ---- | M] () -- C:\Programme\ScanWizard 5\SFRes.dll
MOD - [2004.06.02 17:49:38 | 000,053,248 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2003.06.30 08:30:28 | 000,315,392 | ---- | M] () -- C:\Programme\ScanWizard 5\ScannerFinder.exe
MOD - [2003.05.12 17:35:04 | 000,143,360 | ---- | M] () -- C:\Programme\Compaq\Compaq Management Agents\CpqAoLan.dll
MOD - [2002.12.20 05:32:54 | 000,040,960 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Roxio Shared\DLLShared\apm.dll
MOD - [2002.05.11 07:29:28 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\vsmon1.dll
MOD - [2001.04.11 10:33:44 | 000,018,944 | ---- | M] () -- C:\Programme\Compaq\Compaq Management Agents\Dmi\Win32\bin\Dmiapi32.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.10.31 23:51:47 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.31 23:22:26 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.10.31 20:38:07 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.10.31 20:37:43 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.10.30 20:14:16 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.11 13:32:24 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012.07.09 12:44:46 | 000,497,320 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2012.06.07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.08.19 10:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010.12.08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.06.10 20:03:08 | 000,144,176 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008.10.03 22:39:54 | 000,554,264 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007.10.19 15:09:52 | 000,057,344 | ---- | M] (Gemalto) [Auto | Running] -- C:\Programme\Gemalto\Classic Client\BIN\GslShmSrvc.exe -- (GslShmSrvc )
SRV - [2006.03.30 08:15:44 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Programme\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.05.12 17:38:42 | 000,024,576 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Compaq\Compaq Management Agents\cpqWebDmi\Webdmi.exe -- (cpqWebDmi)
SRV - [2003.05.12 17:33:26 | 000,020,480 | ---- | M] (Compaq Computer Corporation) [Auto | Running] -- C:\Programme\Compaq\Compaq Management Agents\Cpqdmi.exe -- (cpqdmi)
SRV - [2003.05.12 17:29:42 | 000,512,000 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Compaq\Compaq Management Agents\Cpqalert.exe -- (CPQALERT)
SRV - [2003.03.13 16:14:02 | 000,212,992 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\WINDOWS\cpqdiag\CPQDFWAG.EXE -- (DfwWebAgent)
SRV - [2002.09.20 16:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)
SRV - [2001.04.11 10:33:46 | 000,215,552 | ---- | M] (Intel) [Auto | Running] -- C:\Programme\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe -- (WIN32SL)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\User\LOKALE~1\Temp\000E07E2\tswnt.sys -- (tswNT)
DRV - File not found [Kernel | Boot | Stopped] -- system32\ZoneLabs\srescan.sys -- (srescan)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.10.31 20:38:10 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.09.24 08:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.09.13 09:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.07.11 13:00:46 | 000,526,640 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (Vsdatant)
DRV - [2012.07.09 12:45:00 | 000,027,056 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2011.08.19 10:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2011.08.19 10:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2010.07.30 14:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.07.30 14:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.07.30 14:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.07.30 14:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.12.23 17:01:15 | 000,971,168 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpm140.sys -- (tdrpman140)
DRV - [2008.12.23 17:01:07 | 000,540,000 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2008.12.23 17:01:07 | 000,044,704 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008.12.23 17:00:53 | 000,134,272 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snman380.sys -- (snapman380)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.04 10:02:10 | 000,087,424 | ---- | M] (Gemalto) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GemCCID.sys -- (GemCCID)
DRV - [2007.01.26 01:00:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2007.01.26 01:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avmeject.sys -- (avmeject)
DRV - [2004.06.02 17:07:28 | 001,240,938 | ---- | M] (WIDCOMM, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2004.04.14 08:36:50 | 000,007,432 | ---- | M] (Hewlett-Packard Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2004.01.09 16:01:58 | 000,066,992 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2004.01.09 16:01:56 | 000,259,200 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp)
DRV - [2004.01.09 16:01:56 | 000,213,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\UdfReadr_xp.sys -- (UdfReadr_xp)
DRV - [2004.01.09 16:01:56 | 000,118,409 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2004.01.09 16:01:56 | 000,024,698 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2004.01.09 16:01:56 | 000,022,745 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2004.01.09 16:01:56 | 000,021,993 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2003.12.02 23:57:02 | 000,641,536 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003.07.29 01:49:00 | 000,182,101 | R--- | M] (O2 Micro ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\o2mmb.sys -- (CONAN)
DRV - [2003.07.24 15:50:00 | 000,005,689 | R--- | M] (O2 Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MbxStby.sys -- (MbxStby)
DRV - [2003.06.06 12:46:16 | 000,005,220 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2003.05.30 17:01:26 | 001,170,464 | R--- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2003.03.06 09:50:16 | 000,055,336 | ---- | M] (Hewlett-Packard) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Clntmgmt.sys -- (ClntMgmt)
DRV - [2003.02.17 13:22:24 | 000,170,880 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2002.08.19 14:35:44 | 000,019,845 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Cpqdfw.sys -- (cpqdfw)
DRV - [2001.08.18 04:35:52 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\prxtbZon2.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {9E478B10-4649-422C-A9A0-D8857C582FE6}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
IE - HKCU\..\SearchScopes\{9E478B10-4649-422C-A9A0-D8857C582FE6}: "URL" = hxxp://search.zonealarm.com/search?Source=Browser&oemCode=ZLN09992818349506-1025&toolbarId=base&affiliateId=1025&Lan=de&utid=70203272000000000000001f3f011011&q={searchTerms}&r=193
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;192.168.178.1;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Search By ZoneAlarm"
FF - prefs.js..browser.startup.homepage: "hxxp://www.spiegel.de/"
FF - prefs.js..extensions.enabledAddons: ffxtlbr@zonealarm.com:1.6.0
FF - prefs.js..extensions.enabledAddons: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:3.15.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.227.0
FF - prefs.js..keyword.URL: "hxxp://search.zonealarm.com/search?Source=Browser&oemCode=ZLN09992818349506-1025&toolbarId=base&affiliateId=1025&Lan=de&utid=70203272000000000000001f3f011011&q={searchTerms}"
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.2: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Yahoo!\BrowserPlus\2.9.2\Plugins\npybrowserplus_2.9.2.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Programme\Nokia\Nokia PC Suite 7\bkmrksync\ [2011.02.12 20:03:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Programme\CheckPoint\ZAForceField\TrustChecker [2012.07.19 21:27:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.10.30 20:14:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.10.31 23:37:34 | 000,000,000 | ---D | M]
 
[2008.12.23 16:18:28 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Extensions
[2012.10.27 15:05:51 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\ja1l9g7j.default\extensions
[2012.08.23 14:48:47 | 000,000,000 | ---D | M] (ZoneAlarm-Sicherheit Community Toolbar) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\ja1l9g7j.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}
[2012.08.06 20:49:23 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\ja1l9g7j.default\extensions\ffxtlbr@zonealarm.com
[2012.07.19 21:25:41 | 000,001,551 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Mozilla\Firefox\Profiles\ja1l9g7j.default\searchplugins\zonealarm.xml
[2012.10.30 20:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.10.30 20:14:18 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2007.06.21 18:38:54 | 000,079,432 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\CgpCore.dll
[2007.06.21 18:38:56 | 000,071,240 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\confmgr.dll
[2007.06.21 18:39:18 | 000,034,376 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\logging.dll
[2007.06.21 18:39:34 | 000,325,200 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\npicaN.dll
[2007.06.21 18:40:02 | 000,030,280 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\TcpPServ.dll
[2012.04.01 17:57:14 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.07 17:14:17 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.04.01 17:57:13 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.01 17:57:13 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.01 17:57:13 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.01 17:57:13 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Programme\Check Point Software Technologies LTD\zonealarm\1.5.24.4\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\prxtbZon2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Programme\Check Point Software Technologies LTD\zonealarm\1.5.24.4\zonealarmTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\prxtbZon2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Programme\ZoneAlarm-Sicherheit\prxtbZon2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe (AVM Berlin)
O4 - HKLM..\Run: [ChkAdmin] C:\Programme\Compaq\Compaq Management Agents\Chkadmin.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Cpqset] C:\Programme\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [eabconfg.cpl] C:\Programme\HPQ\Quick Launch Buttons\EabServr.exe (Hewlett-Packard )
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [ISW]  File not found
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [pwrpdfprsrv.exe] C:\Programme\PowerPDF Professional\pwrpdfsrv.exe (Visage Software)
O4 - HKLM..\Run: [RegTool] C:\Programme\Gemalto\Classic Client\BIN\RegTool.exe ()
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Programme\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [RoxioEngineUtility] C:\Programme\Gemeinsame Dateien\Roxio Shared\System\EngUtil.exe (Roxio)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [ZoneAlarm] C:\Programme\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKLM..\Run: [ZoneAlarm Installer] "C:\DOKUME~1\User\LOKALE~1\Temp\{907A1104-E812-4b5c-959B-E4DAB37A96AB}\Launcher.exe" "C:\DOKUME~1\User\LOKALE~1\Temp\{907A1104-E812-4b5c-959B-E4DAB37A96AB}\Install.exe" /r download /c "de\Install.xml" /w File not found
O4 - HKCU..\Run: [HP Mobile Printing] C:\Programme\Hewlett-Packard\HP Mobile Printing\HPBMOBIL.EXE (Hewlett-Packard Company)
O4 - HKCU..\Run: [Logitech Vid] C:\Programme\Logitech\Vid\Vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [Logitech Vid HD] C:\Programme\Logitech\Vid\vid.exe (Logitech Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunServices: [CPQDFWAG] C:\WINDOWS\cpqdiag\CPQDFWAG.EXE (Hewlett-Packard)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (WIDCOMM, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Scanner Finder.lnk = C:\Programme\ScanWizard 5\ScannerFinder.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1230031488307 (MUWebControl Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {813A45F9-744F-435F-A815-19E2DF35A9D8} hxxp://www.mediapromote.de/download/o2cplayerAC/o2cplayerac.cab (O2C-Player - area constructor view (ELECO Software GmbH))
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\BTXPPanel.dll (WIDCOMM, Inc.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.12.23 09:47:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.05 20:52:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner
[2012.11.05 20:52:18 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2012.11.05 20:40:59 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.11.05 20:20:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Desktop\126500-ukash-luxemb-polizei-trojaner-isass-exe-ctfmon-lon-tr-drop-injector-fydy-trojan-Dateien
[2012.11.04 16:19:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Identities
[2012.11.02 20:29:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Spybot - Search & Destroy
[2012.11.02 20:29:05 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy
[2012.11.01 22:27:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\OTL, Stand 01.11.2012.exe
[2012.11.01 19:50:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\SightSpeed Recordings
[2012.11.01 19:49:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\PowerPDF Files
[2012.11.01 17:34:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Digicam
[2012.11.01 17:21:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Bildung
[2012.11.01 17:19:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Gesundheit
[2012.11.01 17:11:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Desktop\für ***
[2012.11.01 14:19:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\Help
[2012.11.01 14:19:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Help
[2012.11.01 13:59:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Leben
[2012.11.01 13:52:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\InterVideo
[2012.11.01 08:56:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\PC Sicherheit
[2012.10.31 23:31:25 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.10.31 23:27:39 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Adobe
[2012.10.31 23:27:02 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.10.31 23:23:12 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.10.31 23:23:05 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.10.31 23:23:04 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.10.31 23:22:54 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.10.31 23:22:54 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.10.31 23:22:54 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.10.31 21:35:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Malwarebytes
[2012.10.31 21:35:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.10.31 21:35:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.10.31 21:35:07 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.10.31 21:35:07 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.10.30 20:13:37 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2012.10.27 15:53:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Avira
[2012.10.27 15:47:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2012.10.27 15:47:24 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2012.10.27 15:47:20 | 000,133,824 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.10.27 15:47:20 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012.10.27 15:47:19 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012.10.27 15:47:09 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2012.10.27 15:47:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2012.10.27 15:46:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2012.10.27 15:46:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Mozilla
[2012.10.27 13:53:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Eigene Dateien\Eigene Bilder, *** SD Karte
[2012.10.17 12:13:28 | 000,000,000 | ---D | C] -- C:\metatrai
[2012.10.17 12:13:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Landkreis
[2012.10.07 14:44:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Media Player Classic
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.05 21:03:02 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.05 20:52:19 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2012.11.05 20:51:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.11.05 20:44:56 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.11.05 20:44:33 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.05 20:44:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.11.05 20:44:06 | 1610,010,624 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.05 20:20:13 | 000,072,913 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\126500-ukash-luxemb-polizei-trojaner-isass-exe-ctfmon-lon-tr-drop-injector-fydy-trojan.html
[2012.11.04 13:36:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012.11.03 21:35:18 | 000,302,592 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\mlsfs9k7, gmer.exe
[2012.11.03 21:03:07 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\User\defogger_reenable
[2012.11.02 20:29:11 | 000,000,905 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\Spybot - Search & Destroy.lnk
[2012.11.02 18:48:43 | 000,064,512 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.01 22:25:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\User\Desktop\OTL, Stand 01.11.2012.exe
[2012.11.01 22:24:58 | 000,050,477 | ---- | M] () -- C:\Dokumente und Einstellungen\User\Desktop\Defogger, Stand 01.11.2012.exe
[2012.10.31 23:51:45 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.10.31 23:51:45 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.10.31 23:22:29 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.10.31 23:22:21 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012.10.31 23:22:21 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012.10.31 23:22:21 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.10.31 23:22:21 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.10.31 23:22:21 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.10.31 23:22:21 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.10.31 23:17:27 | 000,320,072 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.10.31 23:17:27 | 000,314,842 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.10.31 23:17:27 | 000,049,396 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.10.31 23:17:27 | 000,041,170 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.10.31 21:35:11 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.31 20:38:10 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.10.27 10:53:53 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.10.17 12:17:32 | 000,001,024 | ---- | M] () -- C:\WINDOWS\cbt_meta.ini
[2012.10.17 12:04:11 | 000,002,090 | ---- | M] () -- C:\Dokumente und Einstellungen\User\.recently-used.xbel
[2012.10.15 16:57:14 | 000,000,035 | ---- | M] () -- C:\WINDOWS\Ulead32.INI
[2012.10.15 13:58:36 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
 
========== Files Created - No Company Name ==========
 
[2012.11.05 20:52:19 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2012.11.05 20:20:06 | 000,072,913 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\126500-ukash-luxemb-polizei-trojaner-isass-exe-ctfmon-lon-tr-drop-injector-fydy-trojan.html
[2012.11.03 21:35:40 | 000,302,592 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\mlsfs9k7, gmer.exe
[2012.11.03 21:03:07 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\User\defogger_reenable
[2012.11.02 20:29:11 | 000,000,905 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\Spybot - Search & Destroy.lnk
[2012.11.01 22:27:31 | 000,050,477 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Desktop\Defogger, Stand 01.11.2012.exe
[2012.10.31 23:31:27 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.10.31 23:28:03 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk
[2012.10.31 21:35:11 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.17 12:13:25 | 000,001,024 | ---- | C] () -- C:\WINDOWS\cbt_meta.ini
[2012.10.17 12:04:11 | 000,002,090 | ---- | C] () -- C:\Dokumente und Einstellungen\User\.recently-used.xbel
[2012.02.18 14:37:21 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.08.19 10:26:20 | 010,898,456 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2011.08.19 10:26:20 | 000,336,408 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2011.08.19 10:26:20 | 000,104,472 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2011.07.26 07:48:54 | 000,028,418 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2011.06.26 19:37:26 | 000,064,512 | ---- | C] () -- C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.25 11:59:52 | 000,005,483 | ---- | C] () -- C:\Dokumente und Einstellungen\User\control000.png
[2010.12.25 11:59:45 | 000,002,274 | ---- | C] () -- C:\Dokumente und Einstellungen\User\edit000.png
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 03:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2008.12.23 17:10:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2011.11.21 22:00:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CheckPoint
[2011.02.12 20:01:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2008.12.23 15:43:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MailFrontier
[2011.02.12 20:06:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2012.11.01 14:05:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2009.03.22 18:20:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010.04.10 13:42:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.10.10 10:35:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.04.13 15:46:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2008.12.23 17:20:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Acronis
[2011.07.31 00:37:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Audacity
[2012.07.29 14:50:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Check Point Software Technologies LTD
[2012.07.19 21:30:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\CheckPoint
[2012.07.18 11:32:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\gtk-2.0
[2009.02.13 18:46:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\ICAClient
[2012.11.01 13:52:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\InterVideo
[2011.02.12 20:17:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Nokia
[2012.08.16 18:51:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\Oracle
[2011.02.12 21:17:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\User\Anwendungsdaten\PC Suite
 
========== Purity Check ==========
 
 

< End of report >
         

OTL Extras logfile created on: 5.11.2012 20:58:55 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\User\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: d.M.yyyy
 
1,50 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 63,40% Memory free
3,35 Gb Paging File | 2,76 Gb Available in Paging File | 82,44% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 111,78 Gb Total Space | 43,89 Gb Free Space | 39,27% Space Free | Partition Type: NTFS
 
Computer Name: USER-FC7836A373 | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- 
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programme\Logitech\Vid\Vid.exe" = C:\Programme\Logitech\Vid\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0DE4DE52-DB27-4D0F-93B6-E3C9E4698A10}" = PowerPDF Professional
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1881AE03-2BD4-11D4-86BF-00508B10AA88}" = Diagnostics für Windows
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2E865E71-9A04-48F5-8ED7-0D33B3E6B424}" = ZoneAlarm Firewall
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37C8899D-FD70-481F-94AA-1F1B08765E22}" = Acronis*True*Image*Home
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{46DDF76F-ACD4-42BC-B48F-B89C4EE2E1A9}" = Easy CD & DVD Creator 6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BF18ED6-C888-4BCF-A4AF-AC7A16305BC1}" = Classic Client 5.1.5a
"{4CBD31CE-51DF-43C4-B3EC-7CCBAB0CD083}" = O2Micro MemoryCardBus Windows Driver
"{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5C3DA2A1-03B2-44BD-B5AA-A44BD6E0C0C1}" = HP Integrated Wireless LAN W400-W500 Driver
"{5E2ABE05-B7AD-4D77-8A19-BDA0E4302190}" = Google SketchUp 8
"{606BC780-101C-41DB-808D-4539BFA0774A}" = MobileMe Control Panel
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{71A470E1-27E7-424E-803A-F9C0D41968D3}" = Remote Diagnostics Enabling Agent
"{7DE0DEC1-FCAD-4464-84C6-6A237D8AF549}" = ZoneAlarm Security
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90535871-81B9-4D99-8A13-A7EE97F2D7FE}" = Bluetooth by hp
"{91E30409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{B08D262E-D902-11D5-9C28-0080C85A0C2D}" = ScanWizard 5
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B668CB7B-A9DF-43B6-8876-A373A8E1D438}" = HP Mobile Printing
"{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"{CEB326EC-8F40-47B2-BA22-BB092565D66F}" = Quick Launch Buttons 5.00 C2
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{E89956F9-5B89-470E-818D-BD46102D0A01}" = Citrix Presentation Server Client
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F16F258A-6300-4A1C-BC49-7929EFF455E2}" = TIPCIxx20
"{F2545484-7B1C-484A-89B8-B0F8B38BC67F}" = O2Micro SmartCardBus Reader Windows Driver Installer
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Windows-Treiberpaket - Nokia Modem  (10/07/2010 4.6)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems AC'97 Modem
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"ATI Display Driver" = ATI Display Driver
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"Broadcom 802.11 Application" = Broadcom Wireless Utility
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CAL" = Canon Camera Access Library
"CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CCleaner" = CCleaner
"CSCLIB" = Canon Camera Support Core Library
"E5372C32E8562C76C24DBA6525002B1031495F34" = Windows-Treiberpaket - Nokia Modem  (06/09/2010 7.01.0.8)
"EOS Utility" = Canon Utilities EOS Utility
"Google Updater" = Google Updater
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{4CBD31CE-51DF-43C4-B3EC-7CCBAB0CD083}" = O2Micro MemoryCardBus Windows Driver
"InstallShield_{BE6890C7-31EF-478C-812E-1E2899ABFCA9}" = Broadcom Gigabit Integrated Controller
"InstallShield_{F16F258A-6300-4A1C-BC49-7929EFF455E2}" = Texas Instruments PCIxx20 drivers.
"IntMgmt" = Insight Management Agent
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.4.2 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"PhotoStitch" = Canon Utilities PhotoStitch
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.4
"WinNT Remote Services Deinstall Key" = Remote Services Driver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
"ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar 
"ZoneAlarmSB Uninstall" = ZoneAlarm Spy Blocker
"ZoneAlarm-Sicherheit Toolbar" = ZoneAlarm-Sicherheit Toolbar
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.2
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 4.11.2012 14:26:05 | Computer Name = USER-FC7836A373 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3385
 
Error - 4.11.2012 14:26:09 | Computer Name = USER-FC7836A373 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 4.11.2012 14:26:09 | Computer Name = USER-FC7836A373 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7090
 
Error - 4.11.2012 14:26:09 | Computer Name = USER-FC7836A373 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7090
 
Error - 4.11.2012 14:26:10 | Computer Name = USER-FC7836A373 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 4.11.2012 14:26:10 | Computer Name = USER-FC7836A373 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8112
 
Error - 4.11.2012 14:26:10 | Computer Name = USER-FC7836A373 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8112
 
Error - 4.11.2012 14:41:17 | Computer Name = USER-FC7836A373 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 4.11.2012 14:41:17 | Computer Name = USER-FC7836A373 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 914835
 
Error - 4.11.2012 14:41:17 | Computer Name = USER-FC7836A373 | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 914835
 
[ System Events ]
Error - 5.11.2012 15:41:04 | Computer Name = USER-FC7836A373 | Source = Service Control Manager | ID = 7034
Description = Dienst "Insight Local Alerter" wurde unerwartet beendet. Dies ist 
bereits 1 Mal passiert.
 
Error - 5.11.2012 15:41:05 | Computer Name = USER-FC7836A373 | Source = Service Control Manager | ID = 7034
Description = Dienst "Insight Web Agent" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 5.11.2012 15:41:05 | Computer Name = USER-FC7836A373 | Source = Service Control Manager | ID = 7034
Description = Dienst "Remote Diagnostics Enabling Agent" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 5.11.2012 15:41:06 | Computer Name = USER-FC7836A373 | Source = Service Control Manager | ID = 7034
Description = Dienst "GSL Share Memory" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 5.11.2012 15:41:06 | Computer Name = USER-FC7836A373 | Source = Service Control Manager | ID = 7034
Description = Dienst "SoundMAX Agent Service" wurde unerwartet beendet. Dies ist
 bereits 1 Mal passiert.
 
Error - 5.11.2012 15:41:06 | Computer Name = USER-FC7836A373 | Source = Service Control Manager | ID = 7034
Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 5.11.2012 15:41:06 | Computer Name = USER-FC7836A373 | Source = Service Control Manager | ID = 7034
Description = Dienst "WIN32SL" wurde unerwartet beendet. Dies ist bereits 1 Mal 
passiert.
 
Error - 5.11.2012 15:41:06 | Computer Name = USER-FC7836A373 | Source = Service Control Manager | ID = 7034
Description = Dienst "Canon Camera Access Library 8" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 5.11.2012 15:41:06 | Computer Name = USER-FC7836A373 | Source = Service Control Manager | ID = 7034
Description = Dienst "cpqdmi" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
Error - 5.11.2012 15:41:06 | Computer Name = USER-FC7836A373 | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 
Mal passiert.
 
 
< End of report >