Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
System Care Antivirus - OTL log beigefügt

System Care Antivirus - OTL log beigefügt


Log-Analyse und Auswertung: System Care Antivirus - OTL log beigefügt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 30.05.2013, 19:14   #31
Arbeitswütig
 
System Care Antivirus - OTL log beigefügt - Standard

System Care Antivirus - OTL log beigefügt


neues OTL-log:
Code:
ATTFilter
OTL logfile created on: 30.05.2013 19:43:41 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1023,48 Mb Total Physical Memory | 396,88 Mb Available Physical Memory | 38,78% Memory free
1,65 Gb Paging File | 1,02 Gb Available in Paging File | 61,42% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 208,45 Gb Total Space | 88,62 Gb Free Space | 42,51% Space Free | Partition Type: NTFS
Drive D: | 24,42 Gb Total Space | 24,33 Gb Free Space | 99,61% Space Free | Partition Type: NTFS
Drive M: | 2737,39 Gb Total Space | 2373,54 Gb Free Space | 86,71% Space Free | Partition Type: NTFS
 
Computer Name: COMPUTER2 | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Programme\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Programme\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
PRC - C:\Programme\FileHippo.com\UpdateChecker.exe (FileHippo.com)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\UltraVNC\winvnc.exe (UltraVNC)
PRC - C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Desktop Messenger\8876480\Program\backWeb-8876480.exe ()
PRC - C:\Programme\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
PRC - C:\Programme\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
PRC - C:\Programme\Calling-Us\bin\callrun.exe (media21.de)
PRC - C:\Programme\Calling-Us\bin\callice.exe (media21.de)
PRC - C:\Programme\Calling-Us\bin\callclient.exe (media21.de)
PRC - C:\WINDOWS\system32\nisvcloc.exe (National Instruments Corp.)
PRC - C:\Programme\National Instruments\Shared\Security\nidmsrv.exe (National Instruments, Inc.)
PRC - C:\WINDOWS\system32\lktsrv.exe (National Instruments, Inc.)
PRC - C:\WINDOWS\system32\lkads.exe (National Instruments, Inc.)
PRC - C:\WINDOWS\system32\lkcitdl.exe (National Instruments, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
PRC - C:\Programme\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc.                    )
PRC - C:\Programme\Logitech\iTouch\iTouch.exe (Logitech Inc.                    )
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\81b85db6e9fe04e4d1c9547b993acfce\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\17440cd05eee7f87026b3c17119eed58\System.Configuration.ni.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\024c898ad1ccfde466d033c0a08d0564\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7a2248a76f0e94d56c92c5bf96f5175\System.Runtime.Remoting.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll ()
MOD - C:\Programme\Minilyrics\MiniLyrics.dll ()
MOD - C:\Programme\Minilyrics\WmpLyrics.dll ()
MOD - C:\WINDOWS\system32\KSXPPI32.dll ()
MOD - C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
MOD - C:\WINDOWS\system32\vpnapi.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\Desktop Messenger\8876480\6.1.0.155-8876480L\Program\bwfiles.dll ()
MOD - C:\Programme\Desktop Messenger\8876480\6.1.0.155-8876480L\Program\clntutil.dll ()
MOD - C:\Programme\Desktop Messenger\8876480\Program\BWfiles-8876480.dll ()
MOD - C:\Programme\Desktop Messenger\8876480\Program\backWeb-8876480.exe ()
MOD - C:\Programme\Desktop Messenger\8876480\Program\SyncExt.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\AC3Filter\ac3filter.ax ()
MOD - C:\Programme\WS_FTP Pro\nsftpch.dll ()
MOD - C:\Programme\WS_FTP Pro\wsftplib.dll ()
MOD - C:\Programme\WS_FTP Pro\wshosts.dll ()
MOD - C:\Programme\WS_FTP Pro\libeay32.dll ()
MOD - C:\Programme\WS_FTP Pro\ssleay32.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Secunia PSI Agent) -- C:\Programme\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Programme\Secunia\PSI\sua.exe (Secunia)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Creative Media Toolbox 6 Licensing Service) -- C:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\MT6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Programme\Gemeinsame Dateien\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (CTAudSvcService) -- C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (AAV UpdateService) -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (CVPND) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (rpcapd) -- C:\Programme\WinPcap\rpcapd.exe (CACE Technologies)
SRV - (m21callrunsrv) -- C:\Programme\Calling-Us\bin\callice.exe (media21.de)
SRV - (niSvcLoc) -- C:\WINDOWS\system32\nisvcloc.exe (National Instruments Corp.)
SRV - (NIDomainService) -- C:\Programme\National Instruments\Shared\Security\nidmsrv.exe (National Instruments, Inc.)
SRV - (lkTimeSync) -- C:\WINDOWS\system32\lktsrv.exe (National Instruments, Inc.)
SRV - (lkClassAds) -- C:\WINDOWS\system32\lkads.exe (National Instruments, Inc.)
SRV - (NILM License Manager) -- C:\Programme\National Instruments\Shared\License Manager\Bin\lmgrd.exe (Macrovision Corporation)
SRV - (LkCitadelServer) -- C:\WINDOWS\system32\lkcitdl.exe (National Instruments, Inc.)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (Changer) --  File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (PSI) -- C:\WINDOWS\system32\drivers\psi_mf_x86.sys (Secunia)
DRV - (sscdmdm) -- C:\WINDOWS\system32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdbus) -- C:\WINDOWS\system32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (flashusb) -- C:\WINDOWS\system32\drivers\flashusb.sys (Danish Wireless Design A/S)
DRV - (ssadmdm) -- C:\WINDOWS\system32\drivers\ssadmdm.sys (MCCI Corporation)
DRV - (ssadbus) -- C:\WINDOWS\system32\drivers\ssadbus.sys (MCCI Corporation)
DRV - (ssadmdfl) -- C:\WINDOWS\system32\drivers\ssadmdfl.sys (MCCI Corporation)
DRV - (ksaud) -- C:\WINDOWS\system32\drivers\ksaud.sys (Creative Technology Ltd.)
DRV - (ksaudfl) -- C:\WINDOWS\system32\drivers\ksaudfl.sys (Creative)
DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs, LLC)
DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies)
DRV - (cvintdrv) -- C:\WINDOWS\System32\drivers\cvintdrv.sys ()
DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (nvnforce) -- C:\WINDOWS\system32\drivers\nvapu.sys (NVIDIA Corporation)
DRV - (nvax) -- C:\WINDOWS\system32\drivers\nvax.sys (NVIDIA Corporation)
DRV - (PhTVTune) -- C:\WINDOWS\system32\drivers\PhTVTune.sys (Philips Semiconductors)
DRV - (Cap7134) -- C:\WINDOWS\system32\drivers\Cap7134.sys (Philips Semiconductors)
DRV - (vobiw) -- C:\WINDOWS\System32\drivers\vobIW.sys (VOB Computersysteme GmbH)
DRV - (NVENET) -- C:\WINDOWS\system32\drivers\NVENET.sys (NVIDIA Corporation)
DRV - (cdrdrv) -- C:\WINDOWS\System32\drivers\Cdrdrv.sys (VOB Computersysteme GmbH)
DRV - (ElgTaDrv) -- C:\WINDOWS\system32\drivers\ElgTaDrv.sys (elmeg Kommunikationstechnik)
DRV - (StreamDispatcher) -- C:\WINDOWS\system32\drivers\strmdisp.sys (Conexant Systems)
DRV - (HSFHWBS2) -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys (Conexant Systems)
DRV - (HSF_DP) -- C:\WINDOWS\system32\drivers\HSF_DP.sys (Conexant Systems)
DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems)
DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.sys (Logitech)
DRV - (l8042pr2) -- C:\WINDOWS\system32\drivers\L8042Pr2.sys (Logitech)
DRV - (LHidFlt2) -- C:\WINDOWS\system32\drivers\LHIDFLT2.SYS (Logitech)
DRV - (LKbdFlt2) -- C:\WINDOWS\system32\drivers\LKbdFlt2.sys (Logitech)
DRV - (itchfltr) -- C:\WINDOWS\system32\drivers\itchfltr.sys (Logitech Inc.                    )
DRV - (vobcom) -- C:\WINDOWS\System32\drivers\vobcom.sys (VOB Computersysteme GmbH)
DRV - (fpcibase) -- C:\WINDOWS\system32\drivers\fpcibase.sys (AVM GmbH)
DRV - (AVMWAN) -- C:\WINDOWS\system32\drivers\avmwan.sys (AVM GmbH)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-606747145-583907252-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://192.168.0.1/
IE - HKU\S-1-5-21-606747145-583907252-682003330-1005\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-606747145-583907252-682003330-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-606747145-583907252-682003330-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "google.de"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.05.24 17:44:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.05.27 22:23:30 | 000,000,000 | ---D | M]
 
[2008.08.27 19:34:55 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2010.12.10 10:43:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\2usf7nlo.default\extensions
[2013.03.01 21:43:25 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\5kqlidvz.default\extensions
[2011.11.24 23:44:12 | 000,000,000 | ---D | M] (Old Location Bar) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\5kqlidvz.default\extensions\{3205B348-523A-4fac-9BC4-9939CBF583B0}
[2008.08.27 22:00:29 | 000,000,000 | ---D | M] (Classic Compact) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\5kqlidvz.default\extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E}
[2008.12.08 16:31:03 | 000,000,000 | ---D | M] (Firefox 2, the theme, reloaded) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\5kqlidvz.default\extensions\{fd2f951f-77ea-4938-9493-0c892c027a13}
[2009.10.27 23:34:40 | 000,000,000 | ---D | M] (Mouse Gestures Redox) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\5kqlidvz.default\extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}
[2011.11.24 23:44:11 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\5kqlidvz.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2011.11.24 23:45:55 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\5kqlidvz.default\extensions\foxyproxy@eric.h.jung
[2009.05.14 16:07:33 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\5kqlidvz.default\extensions\moveplayer@movenetworks.com
[2013.03.01 21:43:24 | 000,185,839 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\5kqlidvz.default\extensions\stealthyextension@gmail.com.xpi
[2011.11.24 23:44:11 | 000,020,591 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\5kqlidvz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2011.11.24 23:44:31 | 000,627,675 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\5kqlidvz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2008.08.27 22:00:29 | 000,672,102 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\5kqlidvz.default\extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E}\chrome\tmp-2.xpi
[2013.05.27 22:26:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.05.24 17:56:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.24 17:56:52 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2006.01.23 10:32:04 | 000,020,992 | ---- | M] (National Instruments) -- C:\Programme\mozilla firefox\plugins\NPLV80Win32.dll
[2007.02.08 10:48:16 | 000,028,448 | ---- | M] (National Instruments) -- C:\Programme\mozilla firefox\plugins\NPLV82Win32.dll
 
O1 HOSTS File: ([2013.05.24 20:19:02 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Creative KSRun Persistence Module] C:\WINDOWS\System32\KSRun.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [EM_EXEC] C:\Programme\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc.                    )
O4 - HKLM..\Run: [Module Loader] C:\Programme\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PrnStatusMX] C:\Programme\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [zBrowser Launcher] C:\Programme\Logitech\iTouch\iTouch.exe (Logitech Inc.                    )
O4 - HKU\S-1-5-21-606747145-583907252-682003330-1005..\Run: [FileHippo.com] C:\Programme\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-606747145-583907252-682003330-1005..\Run: [LDM] C:\Programme\Desktop Messenger\8876480\Program\backWeb-8876480.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk = C:\Programme\Secunia\PSI\psi_tray.exe (Secunia)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\UltraVNC Server.lnk = C:\Programme\UltraVNC\winvnc.exe (UltraVNC)
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Calling-Us Client.lnk = C:\Programme\Calling-Us\bin\callclient.exe (media21.de)
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Kassel.LNK = C:\Programme\Cisco Systems\VPN Client\ipsecdialer.exe (Cisco Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-606747145-583907252-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1369405616843 (MUWebControl Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB7BC0B5-F68A-42D0-9A2F-71AAEC405E93}: NameServer = 192.168.0.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.03.05 18:41:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{85bbc178-c322-11e0-87ed-00e018c0dee3}\Shell - "" = AutoRun
O33 - MountPoints2\{85bbc178-c322-11e0-87ed-00e018c0dee3}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{85bbc178-c322-11e0-87ed-00e018c0dee3}\Shell\AutoRun\command - "" = I:\DTVP_Launcher.exe
O33 - MountPoints2\{8e4fd8c5-cb63-11dd-80e0-00e018c0dee3}\Shell\AutoRun\command - "" = I:\Menu.exe
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.30 18:29:23 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2013.05.30 17:52:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HitmanPro
[2013.05.30 17:29:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Sun
[2013.05.30 11:22:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\WinZip Courier
[2013.05.29 09:25:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZipEC
[2013.05.29 09:25:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\assembly
[2013.05.29 09:24:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\WinZip
[2013.05.28 20:33:59 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2013.05.28 20:33:45 | 000,144,896 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.05.28 20:33:44 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.05.28 20:33:37 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.05.28 20:33:37 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.05.28 20:33:37 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.05.27 22:56:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2013.05.27 22:14:32 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.05.27 22:14:32 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.05.26 14:47:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Avira
[2013.05.26 14:06:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes
[2013.05.26 14:04:13 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2013.05.26 14:03:51 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2013.05.26 14:03:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.05.26 14:01:36 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2013.05.26 13:59:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Apple Computer
[2013.05.25 18:41:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2013.05.25 18:40:53 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2013.05.25 18:40:47 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.05.25 18:40:47 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.05.25 18:40:47 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2013.05.25 18:40:26 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2013.05.25 18:40:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2013.05.24 20:27:52 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.05.24 20:02:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.05.24 20:02:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.05.24 20:02:02 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.05.24 20:02:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.05.24 20:01:50 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.05.24 20:01:46 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Videos
[2013.05.24 20:01:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.05.24 18:00:04 | 000,866,720 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll
[2013.05.24 17:43:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\QuickTime
[2013.05.24 17:41:40 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2013.05.24 17:30:01 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2013.05.24 17:02:20 | 000,000,000 | ---D | C] -- C:\Programme\Wireshark
[2013.05.24 16:49:15 | 000,000,000 | ---D | C] -- C:\Programme\FileHippo.com
[2013.05.24 16:48:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Secunia PSI
[2013.05.24 16:48:14 | 000,000,000 | ---D | C] -- C:\Programme\Secunia
[2013.05.24 16:44:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage
[2013.05.23 22:35:55 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013.05.20 22:48:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes
[2013.05.20 22:47:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013.05.20 22:47:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2013.05.20 22:47:03 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.05.20 22:47:02 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2013.05.20 19:41:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2013.05.20 18:25:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.05.01 03:59:12 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2013.05.01 03:59:12 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.30 19:34:36 | 000,000,037 | ---- | M] () -- C:\WINDOWS\iTouch.ini
[2013.05.30 19:32:17 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.30 18:35:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.30 18:29:23 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\System32\bootdelete.exe
[2013.05.30 12:47:22 | 000,022,526 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\fehler.JPG
[2013.05.30 11:25:41 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.30 11:20:41 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Office Outlook 2003.lnk
[2013.05.29 09:34:18 | 000,001,558 | ---- | M] () -- C:\WINDOWS\XI420Ke.INI
[2013.05.28 20:32:53 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.05.28 20:32:42 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll
[2013.05.28 20:32:42 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.05.28 20:32:42 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.05.28 20:32:42 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.05.28 20:32:42 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.05.28 20:32:42 | 000,144,896 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.05.27 22:41:23 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2013.05.27 22:38:49 | 000,196,648 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.05.27 22:14:32 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.05.27 22:14:32 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.05.25 17:49:44 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.05.25 17:49:44 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.05.25 17:49:44 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2013.05.25 17:49:44 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2013.05.24 20:19:02 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.05.24 17:30:06 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.05.24 16:48:20 | 000,000,725 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk
[2013.05.21 21:43:08 | 000,002,409 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\VPN Client.lnk
[2013.05.17 21:49:16 | 000,463,954 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.05.17 21:49:16 | 000,445,396 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.05.17 21:49:16 | 000,072,984 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.05.17 21:49:15 | 000,086,674 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.05.17 21:46:15 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.05.11 13:26:40 | 000,002,537 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Office Excel 2003.lnk
[2013.05.11 13:25:26 | 000,001,820 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Default.rdp
[2013.05.07 06:27:17 | 006,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013.05.04 13:18:59 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Office Word 2003.lnk
[2013.05.01 03:59:12 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTimeVR.qtx
[2013.05.01 03:59:12 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\QuickTime.qts
 
========== Files Created - No Company Name ==========
 
[2013.05.30 12:47:21 | 000,022,526 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\fehler.JPG
[2013.05.27 22:23:30 | 000,002,299 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk
[2013.05.27 22:14:34 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.24 20:02:02 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.05.24 20:02:02 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.05.24 20:02:02 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.05.24 20:02:02 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.05.24 20:02:02 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.05.24 17:30:05 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.05.24 17:03:24 | 000,001,471 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Wireshark.lnk
[2013.05.24 16:49:28 | 000,001,602 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Update Checker.lnk
[2013.05.24 16:48:20 | 000,000,725 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk
[2013.05.24 16:48:20 | 000,000,688 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Secunia PSI.lnk
[2013.05.20 20:29:50 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\UltraVNC Server.lnk
[2012.02.06 00:11:54 | 000,029,518 | R--- | C] () -- C:\WINDOWS\System32\ksaud.ini
[2012.02.06 00:11:35 | 000,190,976 | R--- | C] () -- C:\WINDOWS\System32\KSXPPI32.dll
[2012.02.06 00:11:35 | 000,033,120 | R--- | C] () -- C:\WINDOWS\System32\kschimp.ini
[2012.02.06 00:11:35 | 000,000,029 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2012.01.09 21:01:20 | 000,010,599 | ---- | C] () -- C:\Dokumente und Einstellungen\***\solar_elster_2048.pfx
[2011.12.23 11:30:56 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.10.31 12:22:40 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011.10.31 12:22:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011.10.31 12:22:40 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011.10.31 12:22:38 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011.10.10 21:30:51 | 000,000,001 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.SIG_PINSTATUS_VOREINSTELLUNG
[2011.10.10 21:30:51 | 000,000,001 | ---- | C] () -- C:\Dokumente und Einstellungen\***\.SIG_DIALOG_VOREINSTELLUNG
[2011.03.26 14:21:30 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\winscp.rnd
[2010.12.05 17:51:32 | 000,000,640 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene DateienCH 37_12_5_16_51.PLT
[2010.12.05 17:51:27 | 002,181,120 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene DateienCH 37_12_5_16_51.0000.mpg
[2009.12.20 01:26:32 | 524,681,216 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene DateienCH 37_12_19_23_27.0003.mpg
[2009.12.20 01:07:00 | 629,297,152 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene DateienCH 37_12_19_23_27.0002.mpg
[2009.12.20 00:47:27 | 629,475,328 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene DateienCH 37_12_19_23_27.0001.mpg
[2009.12.20 00:27:55 | 629,454,848 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene DateienCH 37_12_19_23_27.0000.mpg
[2008.10.22 09:11:17 | 000,010,231 | ---- | C] () -- C:\Dokumente und Einstellungen\***\******_***m_elster_2048.pfx
[2008.05.07 23:52:09 | 000,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008.03.11 22:37:23 | 000,000,000 | ---- | C] () -- C:\Programme\error.dat
[2008.03.06 00:59:11 | 000,092,160 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2008.04.11 16:00:20 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.05.26 14:06:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2009.05.13 10:24:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AAV
[2011.04.29 20:54:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[2011.05.08 14:21:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2008.06.16 23:44:07 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2013.05.30 18:29:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HitmanPro
[2010.02.04 20:32:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MSScanAppDataDir
[2008.08.01 11:17:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\National Instruments
[2012.02.05 15:49:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Native Instruments
[2011.12.04 12:37:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2008.03.30 18:00:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2009.03.30 00:51:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\STAMPIT
[2013.05.27 22:57:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2013.05.29 09:25:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZipEC
[2012.10.19 18:34:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\Calling-Us
[2008.12.30 15:37:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Calling-Us
[2013.03.09 14:54:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\BOM
[2010.01.18 22:04:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\CadSoft
[2009.01.14 14:05:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Calling-Us
[2009.06.24 21:57:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ComCenter
[2009.01.21 21:43:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\DeepBurner
[2012.02.08 19:28:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\e-academy Inc
[2011.12.05 19:07:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\FileZilla
[2008.07.02 09:01:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ
[2008.09.27 12:31:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQLite
[2011.12.01 12:59:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\LEGO Company
[2011.04.26 19:37:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mabii
[2009.01.23 18:15:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mathsoft
[2008.07.31 11:11:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\National Instruments
[2011.04.27 09:49:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Poqaja
[2009.08.28 11:05:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\PV Design Tool
[2011.07.30 15:37:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\R-TT
[2008.08.12 20:30:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Radmin
[2011.12.03 23:31:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Samsung
[2009.06.01 14:12:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ScanSoft
[2009.01.11 22:38:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Teledat
[2008.06.05 15:12:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\uTorrent
[2008.12.04 19:10:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Wireshark
[2008.12.25 19:06:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Calling-Us
 
========== Purity Check ==========
 
 

< End of report >
Code:
ATTFilter
OTL Extras logfile created on: 30.05.2013 19:43:41 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1023,48 Mb Total Physical Memory | 396,88 Mb Available Physical Memory | 38,78% Memory free
1,65 Gb Paging File | 1,02 Gb Available in Paging File | 61,42% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 208,45 Gb Total Space | 88,62 Gb Free Space | 42,51% Space Free | Partition Type: NTFS
Drive D: | 24,42 Gb Total Space | 24,33 Gb Free Space | 99,61% Space Free | Partition Type: NTFS
Drive M: | 2737,39 Gb Total Space | 2373,54 Gb Free Space | 86,71% Space Free | Partition Type: NTFS
 
Computer Name: COMPUTER2 | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-606747145-583907252-682003330-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"5900:TCP" = 5900:TCP:*:Enabled:vnc5900
"5800:TCP" = 5800:TCP:*:Enabled:vnc5800
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Desktop Messenger\8876480\Program\backWeb-8876480.exe" = C:\Programme\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:backWeb-8876480 -- ()
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Programme\uTorrent\uTorrent.exe" = C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- ()
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE" = C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE:*:Enabled:Microsoft Office Word -- (Microsoft Corporation)
"C:\Programme\WS_FTP Pro\wsftppro.exe" = C:\Programme\WS_FTP Pro\wsftppro.exe:*:Enabled:WS_FTP Pro Application -- (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421)
"C:\Programme\Calling-Us\bin\callclient.exe" = C:\Programme\Calling-Us\bin\callclient.exe:*:Enabled:callclient -- (media21.de)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft  Fax Console -- (Microsoft Corporation)
"C:\Programme\Windows Media Player\wmplayer.exe" = C:\Programme\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player -- (Microsoft Corporation)
"C:\Programme\Synology\Assistant\DSAssistant.exe" = C:\Programme\Synology\Assistant\DSAssistant.exe:*:Enabled:DSAssistant -- ()
"C:\Programme\Cisco Systems\VPN Client\vpngui.exe" = C:\Programme\Cisco Systems\VPN Client\vpngui.exe:*:Enabled:vpngui.exe -- (Cisco Systems, Inc.)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programme\UltraVNC\winvnc.exe" = C:\Programme\UltraVNC\winvnc.exe:*:Enabled:VNC server for Win32 -- (UltraVNC)
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour" -- (Apple Inc.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\ICQM\icq.exe" = C:\Dokumente und Einstellungen\Admin\Anwendungsdaten\ICQM\icq.exe:*:Enabled:ICQ
"C:\Programme\UltraVNC\vncviewer.exe" = C:\Programme\UltraVNC\vncviewer.exe:*:Enabled:vncviewer.exe -- (UltraVNC)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0087583F-1ED8-4A92-88A4-D49DCD56FC6B}" = NI Circuit Design Suite 10 Core
"{036AA4D4-6D32-11D4-9875-00105ACE7734}" = Logitech iTouch Software
"{047DB692-BBD4-4768-91CC-ABD418B494B8}" = NI USI 1.4.1
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series" = Canon iP4500 series
"{12BEF00E-ECFF-4820-BEDF-CCB9CC06A955}" = Sound Blaster X-Fi Surround 5.1
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}" = Mathcad 14 Help
"{25F138F7-89D9-4836-A9F5-642DEA06564C}" = NI LabWindows/CVI 8.1 Run-Time Engine
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{32E00E5E-22B1-4D5A-9DC2-CD75E087A5E6}" = Steuer-Spar-Erklärung 2009
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{414C1019-21ED-479A-A2F0-1F2383674BD1}" = Brother DCP-7025
"{45FA54F6-8574-49D2-9E2D-0BDDE6237822}" = NI LabVIEW Run-Time Engine 8.2.1
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}" = Cisco Systems VPN Client 5.0.04.0300
"{5535426F-E814-4B34-9B36-726E9DBEB7A7}" = NI Logos 4.7
"{57700DD3-0C10-4CE6-95BA-630284EE2CB1}" = NI License Manager
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.42 .1
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63CFD835-FF50-4F8B-91CD-5662A8C640F8}" = Photo Transport
"{63E921D9-799A-44F9-A742-DE3DC968AFEF}" = Microsoft .NET Framework SDK (German) 1.1
"{682ABE6A-2CCE-4C6C-AA82-0FE5AB8033F3}" = Sunny Design
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D2737AE-8898-4BE1-AE46-555B7DB540A8}" = NI MDF Support
"{6F7D11DC-DE87-45C8-A37E-A35B724FC771}" = NI Help Assistant
"{6FADAF5C-C9AC-49E5-8B14-7021F91EF0B5}" = NI LabVIEW Run-Time Engine 8.0.1
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{78231F18-FD98-4B03-A932-DE9329594D08}" = NI TDMS
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7998C54B-5D31-48A6-93D1-72C73FFFC043}" = NI Circuit Design Suite Support and Upgrade Utility
"{7A2FD295-38D2-4AAF-BF41-2C95EBB96126}" = Moorhuhn Kart 2 XXL
"{7E3668CB-1228-416E-B721-C2FA3247B985}" = NI LabVIEW Real-Time FIFO for Runtime
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = pdf24
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8c166c68-277c-41dd-890e-317b12fff7cf}.sdb" = Calling-Us Compatibility System
"{8EAC192B-1E5B-4276-A2D8-59A303ECD2DE}" = Visual J# .NET Redistributable 1.1- German Language Pack
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90170407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{903B0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003
"{90510407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{927AE974-7B5B-463B-A672-D3B048664D6B}" = T-Concept XI420
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{946BA398-5A53-454E-8D39-1C02959C1727}" = AAVUpdateManager
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{B15B400A-19ED-4CC7-B3E4-9295D8470CBE}" = Secure Download Manager
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BFAA820A-C7D8-42AE-A3BA-CE118F3F0802}" = NI Service Locator
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBE0FCA1-4E95-11D4-9875-00105ACE7734}" = Logitech-Handbuch
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}" = WinZip 17.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D6FAEBB1-90E0-4CF8-9A41-9087E6789D11}" = NI EULA Depot
"{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite
"{DB2C5648-700D-4AEF-83E1-70C72F0C34FA}" = NI Math Kernel Libraries
"{DD541310-3901-404D-8ADF-E15A92AF5DA5}" = NI Circuit Design Suite 10 Pro
"{E666A69B-A76D-43D5-AF28-4B2150A6EDE2}" = Mathcad 14
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E8991297-B702-44AA-ABAA-02C12045D8E9}" = NI Uninstaller
"{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}" = Mathcad 14 Resource Center
"{F0BA5720-E189-11D4-9EA1-0050BAE317E1}" = PowerVCR II
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F1A14CB2-A048-45A6-AFDA-3571296E1D76}" = Creative Media Toolbox 6
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"AC3Filter" = AC3Filter (remove only)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira Free Antivirus
"BAHN384r3a_is1" = BAHN 3.84r3a
"Biet-O-Matic v2.12.7" = Biet-O-Matic v2.12.7
"Bridge Builder" = Bridge Builder
"Bridge Construction Set Demo" = Bridge Construction Set Demo
"Calling-Us" = Calling-Us MAX 2007 (Rev. 2)
"CCleaner" = CCleaner (remove only)
"Cool Edit 2000" = Cool Edit 2000
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Electronics_Workbench_V5" = Electronics Workbench V5.12
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FileHippo.com" = FileHippo.com Update Checker
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube Download_is1" = Free YouTube Download version 2.10.28
"GPL Ghostscript 8.63" = GPL Ghostscript 8.63
"HC51 9.60PL0" = HI-TECH C51-lite V9.60PL0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Indeo® software" = Indeo® software
"InstantCD/DVD" = InstantCD/DVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MiniLyrics" = Minilyrics(remove only)
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"New LEGO Digital Designer" = LEGO Digital Designer
"NI Uninstaller" = National Instruments-Software
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Phoner_is1" = Phoner 2.26
"PICC 9.60PL0" = HI-TECH PICC lite V9.60PL0
"PV Design Tool 1.0.3.9" = PV Design Tool 1.0.3.9 1.0.3.9 
"RealPlayer 6.0" = RealPlayer
"Recuva" = Recuva
"R-Studio 5.4NSIS" = R-Studio 5.4
"Schnaeppchen-Tool.de" = Schnaeppchen-Tool.de
"Secunia PSI" = Secunia PSI (3.0.0.7009)
"Sunny Design DE" = Sunny Design DE
"Sunny Design Update 1.48.0" = Sunny Design Update 1.48.0
"Sunny Design Update 1.49.0" = Sunny Design Update 1.49.0
"Synology Assistant" = Synology Assistant (remove only)
"SysInfo" = Creative Systeminformationen
"Train Simulator 1.0" = Microsoft Train Simulator
"Tunatic" = Tunatic
"Ultravnc2_is1" = UltraVNC 1.0.9.1
"Uninstall_is1" = Uninstall 1.0.0.1
"Uninstaller_B4736000_Creative Media Toolbox 6" = Creative Media Toolbox 6 (Shared Components)
"UnrealTournament" = Unreal Tournament
"VLC media player" = VLC media player 2.0.6
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 4.0.2
"WinRAR archiver" = WinRAR
"Wireshark" = Wireshark 1.6.15 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"WS_FTP Pro" = Ipswitch WS_FTP Pro
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Zusi - Der Zugsimulator DEMO_is1" = Zusi 2.3 DEMO
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-606747145-583907252-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dr. DivX 2.0 OSS" = Dr. DivX 2.0 OSS
"e0c143f1d5b5e1b8" = RapidShare Manager
"uTorrent" = µTorrent
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 20.05.2013 12:31:56 | Computer Name = COMPUTER2 | Source = Avira AntiVir | ID = 4122
Description = 
 
Error - 24.05.2013 15:06:41 | Computer Name = COMPUTER2 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung psi.exe, Version 3.0.0.7009, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 25.05.2013 06:19:19 | Computer Name = COMPUTER2 | Source = COM+ | ID = 135763
Description = Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich
 sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie 
sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d01
 
Error - 25.05.2013 10:40:37 | Computer Name = COMPUTER2 | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 21.0.0.4879, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 26.05.2013 07:58:17 | Computer Name = COMPUTER2 | Source = MsiInstaller | ID = 10005
Description = Produkt: Apple Application Support -- Es ist bereits eine neuere Version
 von  auf diesem Computer installiert.
 
Error - 27.05.2013 16:33:14 | Computer Name = COMPUTER2 | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 msi1e5.tmp, P2 1.0.0.0, P3 513eda28, P4 mscorlib,
 P5 2.0.0.0, P6 5040540e, P7 3451, P8 119, P9 system.io.directorynotfound, P10 NIL.
 
Error - 27.05.2013 16:33:56 | Computer Name = COMPUTER2 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung qtraxinstaller.exe, Version 0.0.0.0, fehlgeschlagenes
 Modul kernel32.dll, Version 5.1.2600.6293, Fehleradresse 0x00012fd3.
 
Error - 29.05.2013 03:25:10 | Computer Name = COMPUTER2 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung smapp.exe, Version 2.2.0.24, fehlgeschlagenes
 Modul smanager.dll, Version 2.2.0.24, Fehleradresse 0x0000239e.
 
Error - 29.05.2013 03:27:03 | Computer Name = COMPUTER2 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung smapp.exe, Version 2.2.0.24, fehlgeschlagenes
 Modul smanager.dll, Version 2.2.0.24, Fehleradresse 0x0000239e.
 
Error - 29.05.2013 03:29:42 | Computer Name = COMPUTER2 | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung smapp.exe, Version 2.2.0.24, fehlgeschlagenes
 Modul smanager.dll, Version 2.2.0.24, Fehleradresse 0x0000239e.
 
[ System Events ]
Error - 30.05.2013 12:01:49 | Computer Name = COMPUTER2 | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 30.05.2013 12:06:41 | Computer Name = COMPUTER2 | Source = atapi | ID = 262153
Description = Das Gerät \Device\Ide\IdePort0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
Error - 30.05.2013 12:06:41 | Computer Name = COMPUTER2 | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
 
Error - 30.05.2013 12:38:50 | Computer Name = COMPUTER2 | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst IMAPI-CD-Brenn-COM-Dienste.
 
Error - 30.05.2013 12:38:50 | Computer Name = COMPUTER2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IMAPI-CD-Brenn-COM-Dienste" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 30.05.2013 12:39:19 | Computer Name = COMPUTER2 | Source = Srv | ID = 2000
Description = Der Aufruf eines Systemdienstes durch den Serverdienst ist unerwartet
 fehlgeschlagen.
 
Error - 30.05.2013 12:39:19 | Computer Name = COMPUTER2 | Source = Srv | ID = 2000
Description = Der Aufruf eines Systemdienstes durch den Serverdienst ist unerwartet
 fehlgeschlagen.
 
Error - 30.05.2013 12:39:25 | Computer Name = COMPUTER2 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1053" aufgetreten, als der Dienst "iPod 
Service" mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:
{063D34A4-BF84-4B8D-B699-E8CA06504DDE}
 
Error - 30.05.2013 12:39:25 | Computer Name = COMPUTER2 | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst iPod-Dienst.
 
Error - 30.05.2013 12:39:25 | Computer Name = COMPUTER2 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "iPod-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
 
< End of report >

 

Themen zu System Care Antivirus - OTL log beigefügt
ad-aware, antivir, antivirus, avira, bho, browser, canon, desktop, error, firefox, flash player, format, ftp, google, hijack, hijackthis, home, logfile, mozilla, national, object, plug-in, recuva, registry, rundll, scan, security, software, synology, system, system care, windows internet


« System Care Antivirus noch auf dem PC | Brief von Telekom »


Ähnliche Themen: System Care Antivirus - OTL log beigefügt


  1. System Care Antivirus
    Plagegeister aller Art und deren Bekämpfung - 16.12.2013 (22)
  2. System Care Antivirus
    Log-Analyse und Auswertung - 04.09.2013 (5)
  3. Windows 7: System Care Antivirus
    Log-Analyse und Auswertung - 28.08.2013 (15)
  4. System Care Antivirus
    Plagegeister aller Art und deren Bekämpfung - 25.08.2013 (4)
  5. System Care Antivirus was tun?
    Plagegeister aller Art und deren Bekämpfung - 09.08.2013 (3)
  6. System Care Antivirus
    Plagegeister aller Art und deren Bekämpfung - 06.08.2013 (25)
  7. System Care Antivirus auf PC
    Plagegeister aller Art und deren Bekämpfung - 20.07.2013 (10)
  8. System Care Antivirus
    Plagegeister aller Art und deren Bekämpfung - 05.07.2013 (15)
  9. System Care Antivirus
    Log-Analyse und Auswertung - 25.06.2013 (33)
  10. System Care Antivirus
    Log-Analyse und Auswertung - 23.06.2013 (9)
  11. System Care Antivirus
    Plagegeister aller Art und deren Bekämpfung - 23.06.2013 (21)
  12. System Care Antivirus
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (70)
  13. System Care Antivirus-OTL Log
    Log-Analyse und Auswertung - 31.05.2013 (15)
  14. System Care Antivirus Win XP
    Plagegeister aller Art und deren Bekämpfung - 03.05.2013 (11)
  15. System Care Antivirus Win XP
    Mülltonne - 01.05.2013 (1)
  16. System Care Antivirus
    Plagegeister aller Art und deren Bekämpfung - 19.04.2013 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema System Care Antivirus - OTL log beigefügt - neues OTL-log: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 30.05.2013 19:43:41 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads Windows XP - System Care Antivirus - OTL log beigefügt...
Archiv
Du betrachtest: System Care Antivirus - OTL log beigefügt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131