| hbergmann | 22.03.2012 17:00 |
Hallo Kira,
vielen Dank für deine Zeit und dein Know-How. Ich freue mich auf die Zusammenarbeit. Zu 1.) Fixen mit OTL -> Hier das Log Code:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SkypePM deleted successfully.
C:\Users\hedu\AppData\Local\Skype\SkypePM.exe moved successfully.
========== FILES ==========
File\Folder C:\Users\hedu\AppData\Local\Skype\SkypePM.exe not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\hedu\Desktop\cmd.bat deleted successfully.
C:\Users\hedu\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: hedu
->Temp folder emptied: 559157585 bytes
->Temporary Internet Files folder emptied: 241974998 bytes
->Java cache emptied: 1351588 bytes
->FireFox cache emptied: 59787996 bytes
->Apple Safari cache emptied: 2091008 bytes
->Flash cache emptied: 3145968 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 66171868 bytes
RecycleBin emptied: 194160694 bytes
Total Files Cleaned = 1.076,00 mb
OTL by OldTimer - Version 3.2.39.1 log created on 03222012_163321
Files\Folders moved on Reboot...
File\Folder C:\Users\hedu\AppData\Local\Temp\2011-10-14-1193234699_04-RG.PDF not found!
File move failed. C:\Windows\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
File\Folder C:\Windows\temp\nsd_tmp_300.tmp not found!
Registry entries deleted on Reboot...
zu 2.) Liste aller installierten Programme mit CCleaner erstellt: Code:
7-Zip 9.20 20.06.2011
@BIOS GIGABYTE 20.06.2011 2.11
Acrobat.com Adobe Systems Incorporated 21.06.2011 1.2.443
Adobe AIR Adobe Systems Incorporated 06.09.2011 2.7.1.19610
Adobe Creative Suite 4 Design Standard Adobe Systems Incorporated 21.06.2011 4.398MB 4.0
Adobe Flash Player 10 ActiveX Adobe Systems, Inc. 21.06.2011 1,96MB 10.0.2.54
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 21.02.2012 6,00MB 11.1.102.62
Adobe Media Player Adobe Systems Incorporated 21.06.2011 1.1
Adobe Reader X (10.1.2) - Deutsch Adobe Systems Incorporated 18.01.2012 120,8MB 10.1.2
Apple Application Support Apple Inc. 18.03.2012 61,0MB 2.1.7
Apple Mobile Device Support Apple Inc. 18.03.2012 24,4MB 5.1.1.4
Apple Software Update Apple Inc. 31.12.2011 2,38MB 2.1.3.127
AudibleManager Audible, Inc. 18.03.2012 1999067760.48.56.22678898
AutoGreen B10.1021.1 GIGABYTE 20.06.2011 4,77MB 1.00.0000
Avira AntiVir Personal - Free Antivirus Avira GmbH 13.02.2012 74,3MB 10.2.0.707
Bonjour Apple Inc. 31.12.2011 1,02MB 3.0.0.10
CCleaner Piriform 20.03.2012 3.16
CDBurnerXP CDBurnerXP 21.02.2012 17,9MB 4.4.0.2905
DES 2.0 Gigabyte 20.06.2011 1.00.0000
DivX Codec DivX, Inc. 26.06.2011 6.6.1
Easy Tune 6 B11.0323.1 GIGABYTE 20.06.2011 33,0MB 1.00.0000
EPSON TWAIN 5 SEIKO EPSON Corp. 21.06.2011 5.71.0000
Etron USB3.0 Host Controller Etron Technology 20.06.2011 5,19MB 0.98
Evernote v. 4.5 Evernote Corp. 19.01.2012 149,7MB 4.5.0.5229
EXPERTool 7.18 Gainward Co., Ltd 20.06.2011 11,2MB
FileZilla Client 3.5.0 22.06.2011 3.5.0
Fragen-Lern-CD 4.1 Wendel-Verlag GmbH 10.07.2011 4.1.0
Free Download Manager 3.0 FreeDownloadManager.ORG 21.06.2011
Free FLV Converter V 7.3.0 Koyote Soft 24.01.2012 16,1MB 7.3.0.0
Free YouTube to MP3 Converter version 3.10.6.727 DVDVideoSoft Limited. 07.08.2011 44,9MB
HP LaserJet Professional CM1410 Series Hewlett-Packard 04.01.2012
HP LJ CM1410 MFP Series HP Scan Hewlett-Packard Co. 04.01.2012 12,5MB 1.0.302.0
HP Update Hewlett-Packard 04.01.2012 2,97MB 5.002.006.003
HPLaserJetHelp_LearnCenter Hewlett-Packard 04.01.2012 11,5MB 1.03.0000
I.R.I.S. OCR HP 04.01.2012 69,0MB 12.3.4.0
iCloud Apple Inc. 18.03.2012 24,3MB 1.1.0.40
Intel(R) Control Center Intel Corporation 21.06.2011 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 21.06.2011 7.0.0.1118
iTunes Apple Inc. 18.03.2012 157,4MB 10.6.0.40
Java(TM) 6 Update 29 Oracle 27.07.2011 94,9MB 6.0.290
LinuxLive USB Creator Thibaut Lauziere 28.02.2012 2.8
Logitech Webcam Software Logitech Inc. 25.08.2011 43,9MB 12.10.1113
Lotus Notes 8.5.3 de IBM 29.02.2012 600MB 8.53.11283
Malwarebytes Anti-Malware Version 1.60.1.1000 Malwarebytes Corporation 20.03.2012 17,3MB 1.60.1.1000
Marketsplash Shortcuts Hewlett-Packard 04.01.2012 0,29MB 1.0.0.9
McAfee Security Scan Plus McAfee, Inc. 30.01.2012 8,30MB 2.0.181.2
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 22.06.2011 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 22.06.2011 2,94MB 4.0.30319
Microsoft IntelliPoint 8.1 Microsoft 24.06.2011 8.15.406.0
Microsoft Office File Validation Add-In Microsoft Corporation 14.09.2011 7,95MB 14.0.5130.5003
Microsoft Office Home and Student 2007 Microsoft Corporation 21.06.2011 12.0.6425.1000
Microsoft Silverlight Microsoft Corporation 15.02.2012 80,4MB 4.1.10111.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 24.01.2012 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 22.06.2011 0,29MB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 20.06.2011 0,58MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 22.06.2011 0,59MB 9.0.30729.6161
Mozilla Firefox 10.0.2 (x86 de) Mozilla 18.02.2012 35,5MB 10.0.2
Mozilla Thunderbird 10.0.2 (x86 de) Mozilla 18.02.2012 38,7MB 10.0.2
NVIDIA 3D Vision Treiber 267.60 NVIDIA Corporation 20.06.2011 267.60
NVIDIA Grafiktreiber 267.60 NVIDIA Corporation 20.06.2011 267.60
NVIDIA HD-Audiotreiber 1.2.22.1 NVIDIA Corporation 20.06.2011 1.2.22.1
NVIDIA PhysX-Systemsoftware 9.10.0514 NVIDIA Corporation 20.06.2011 9.10.0514
ON_OFF Charge B11.0110.1 GIGABYTE 20.06.2011 1.00.0001
QuickTime Apple Inc. 18.03.2012 73,3MB 7.71.80.42
Realtek Ethernet Controller Driver Realtek 20.06.2011 7.38.113.2011
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 20.06.2011 6.0.1.6307
Safari Apple Inc. 18.03.2012 104,3MB 5.34.54.16
Skype™ 5.5 Skype Technologies S.A. 18.11.2011 17,1MB 5.5.124
Smart 6 B10.1221.1 GIGABYTE 20.06.2011 1.00.0000
SopCast 3.4.0 www.sopcast.com 15.10.2011 3.4.0
Spyware Terminator 2012 Crawler.com 20.03.2012 18,9MB 3.0.0.61
TeraCopy 2.27 Code Sector 18.03.2012 5,49MB
TVCenter PCTV Systems 26.06.2011 160,5MB 6.3.0.584
UltraEdit IDM Computer Solutions, Inc. 08.01.2012 48,3MB 17.30.1014
Untis 2011 Gruber & Petters 21.08.2011
VLC media player 1.1.10 VideoLAN 20.06.2011 1.1.10
Zu 3. erneuter Scan mit OTL:
OTL.Txt
OTL Logfile: Code:
OTL logfile created on: 22.03.2012 16:41:08 - Run 2
OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\hedu\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,49 Gb Total Physical Memory | 2,11 Gb Available Physical Memory | 60,54% Memory free
6,98 Gb Paging File | 5,50 Gb Available in Paging File | 78,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 205,08 Gb Total Space | 152,89 Gb Free Space | 74,55% Space Free | Partition Type: NTFS
Drive D: | 507,81 Gb Total Space | 499,30 Gb Free Space | 98,32% Space Free | Partition Type: NTFS
Drive E: | 684,27 Gb Total Space | 595,67 Gb Free Space | 87,05% Space Free | Partition Type: NTFS
Drive F: | 40,09 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: PC2011 | User Name: hedu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.03.21 17:22:59 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\hedu\Desktop\OTL.exe
PRC - [2012.03.01 00:09:32 | 011,296,768 | ---- | M] (IBM) -- C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.symphony.brand.win32_3.0.0.20110822-1305\program\soffice.bin
PRC - [2012.02.23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012.02.20 06:47:06 | 000,482,992 | ---- | M] (Crawler.com) -- C:\Programme\Spyware Terminator\st_rsser.exe
PRC - [2012.02.20 06:47:00 | 003,669,680 | ---- | M] (Crawler.com) -- C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.09.16 08:31:34 | 000,189,832 | ---- | M] (IBM Corp) -- C:\Programme\IBM\Lotus\Notes\SUService.exe
PRC - [2011.09.16 08:29:18 | 000,071,048 | ---- | M] (IBM Corp) -- C:\Programme\IBM\Lotus\Notes\ntmulti.exe
PRC - [2011.09.16 08:28:42 | 000,062,856 | ---- | M] (IBM Corp) -- C:\Programme\IBM\Lotus\Notes\nslsvice.exe
PRC - [2011.09.16 08:28:26 | 004,453,768 | ---- | M] (IBM) -- C:\Programme\IBM\Lotus\Notes\nsd.exe
PRC - [2011.08.08 18:28:02 | 000,977,408 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Programme\Evernote\Evernote\EvernoteClipper.exe
PRC - [2011.06.29 14:34:11 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.04.21 06:53:10 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.21 06:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.04.13 14:02:34 | 001,808,784 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe
PRC - [2011.04.13 14:02:34 | 000,412,560 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\dpupdchk.exe
PRC - [2011.03.11 16:26:02 | 002,265,416 | ---- | M] (Gainward Co.) -- C:\Programme\EXPERTool\TBPANEL.exe
PRC - [2011.03.08 12:18:04 | 000,804,968 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.03.08 12:05:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.10.25 14:53:46 | 000,145,920 | ---- | M] (HP) -- C:\Programme\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2010.10.25 14:40:08 | 000,058,936 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\HP\ToolboxFX\bin\HPTLBXFX.exe
PRC - [2010.08.24 13:35:02 | 002,459,192 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
PRC - [2010.08.12 13:38:58 | 001,841,504 | ---- | M] (Gigabyte Technology CO.) -- C:\Programme\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
PRC - [2010.04.28 22:28:18 | 003,727,411 | ---- | M] (FreeDownloadManager.ORG) -- C:\Programme\Free Download Manager\fdm.exe
PRC - [2010.04.22 14:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Programme\GIGABYTE\SMART6\timelock\AlarmClock.exe
PRC - [2010.01.22 14:27:22 | 000,746,768 | ---- | M] (PCTV Systems S.à r.l.) -- C:\Programme\Common Files\PCTV Systems\StreamingServer\StrmServer.exe
PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.10.14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Programme\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009.10.14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2009.10.13 15:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Programme\GIGABYTE\SMART6\timelock\TimeMgmtDaemon.exe
PRC - [2009.10.07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009.06.17 15:13:06 | 000,068,136 | ---- | M] () -- C:\Programme\GIGABYTE\EnergySaver2\des2svr.exe
PRC - [2009.02.26 14:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008.06.12 01:25:18 | 000,037,232 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
PRC - [2008.06.11 21:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
========== Modules (No Company Name) ==========
MOD - [2012.03.01 00:09:31 | 000,967,168 | ---- | M] () -- C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.symphony.brand.win32_3.0.0.20110822-1305\program\libxml2.dll
MOD - [2012.03.01 00:09:26 | 000,163,840 | ---- | M] () -- C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.symphony.basis.system.win32_3.0.0.20110822-1305\basis\program\libxslt.dll
MOD - [2012.03.01 00:09:19 | 000,139,264 | ---- | M] () -- C:\Programme\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.symphony.basis.base.win32_3.0.0.20110822-1305\basis\program\nsldap32v50.dll
MOD - [2012.02.16 03:30:45 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\cb5bd98ffa4c82327b0e4db02bb58d2d\System.Management.ni.dll
MOD - [2012.02.16 03:24:32 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\075d9c27aa02085fef8983b5f5f85834\System.ServiceProcess.ni.dll
MOD - [2012.02.16 03:24:27 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\42ae8760f0a74ab774e82a64368aa1f6\System.Web.ni.dll
MOD - [2012.02.16 03:24:24 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012.02.16 03:24:08 | 000,310,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\adb2fc93e7a4462eb399442c678be681\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2012.02.16 03:24:07 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6c51e152e7404188914c9fa4d8503ff9\System.Windows.Forms.ni.dll
MOD - [2012.02.16 03:24:02 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\45fedf46ca69b8437800ffed652fb2e4\System.Deployment.ni.dll
MOD - [2012.02.16 03:24:02 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ab87129c2b603f218e4aa5300c9b1bdd\System.Drawing.ni.dll
MOD - [2012.02.16 03:23:50 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\47b9e7f070271ff50f988f75ea68fa3e\WindowsBase.ni.dll
MOD - [2012.02.16 03:23:43 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012.02.16 03:23:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012.02.16 03:23:39 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.10.26 17:41:20 | 000,305,664 | ---- | M] () -- C:\Programme\TeraCopy\TeraCopyExt.dll
MOD - [2011.10.14 02:21:16 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.06.21 21:47:53 | 000,131,072 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\SHDocVw\1.1.0.0__1b4e890f49261012\SHDocVw.dll
MOD - [2011.06.21 21:47:53 | 000,009,728 | ---- | M] () -- C:\Windows\assembly\GAC_32\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
MOD - [2011.06.14 16:10:00 | 000,107,008 | ---- | M] () -- C:\Programme\IDM Computer Solutions\UltraEdit\ue32ctmn.dll
MOD - [2011.04.19 12:39:46 | 000,315,392 | ---- | M] () -- C:\Programme\Evernote\Evernote\libtidy.dll
MOD - [2011.04.19 12:39:44 | 000,433,664 | ---- | M] () -- C:\Programme\Evernote\Evernote\libxml2.dll
MOD - [2010.10.25 14:36:22 | 000,119,864 | ---- | M] () -- C:\Programme\HP\ToolboxFX\bin\NativeUtils.dll
MOD - [2010.03.05 04:56:02 | 001,720,320 | ---- | M] () -- C:\Programme\Free Download Manager\fdmbtsupp.dll
MOD - [2009.10.14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Programme\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009.10.14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2009.07.14 09:49:33 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Deployment.resources.dll
MOD - [2009.07.14 09:49:33 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
MOD - [2008.12.30 01:03:26 | 000,098,304 | ---- | M] () -- C:\Programme\Free Download Manager\iefdm2.dll
MOD - [2007.12.06 04:50:44 | 000,401,408 | ---- | M] () -- C:\Programme\Free Download Manager\FUM\fumcore.dll
MOD - [2007.01.31 09:56:56 | 000,032,768 | ---- | M] () -- C:\Programme\EXPERTool\TBPanelExt.dll
MOD - [1998.10.31 09:55:56 | 000,005,120 | ---- | M] () -- C:\Programme\EXPERTool\TBMANAGE.DLL
========== Win32 Services (SafeList) ==========
SRV - [2012.02.20 06:47:06 | 000,482,992 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Programme\Spyware Terminator\st_rsser.exe -- (ST2012_Svc)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.09.16 08:31:34 | 000,189,832 | ---- | M] (IBM Corp) [Auto | Running] -- C:\Programme\IBM\Lotus\Notes\SUService.exe -- (LNSUSvc)
SRV - [2011.09.16 08:29:18 | 000,071,048 | ---- | M] (IBM Corp) [Auto | Running] -- C:\Programme\IBM\Lotus\Notes\ntmulti.exe -- (Multi-user Cleanup Service)
SRV - [2011.09.16 08:28:42 | 000,062,856 | ---- | M] (IBM Corp) [Auto | Running] -- C:\Programme\IBM\Lotus\Notes\nslsvice.exe -- (Lotus Notes Single Logon)
SRV - [2011.09.16 08:28:26 | 004,453,768 | ---- | M] (IBM) [Auto | Running] -- C:\Programme\IBM\Lotus\Notes\nsd.exe -- (Lotus Notes Diagnostics)
SRV - [2011.06.29 14:34:11 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.22 20:20:07 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.08 12:05:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.11.20 13:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.10.25 14:53:46 | 000,145,920 | ---- | M] (HP) [Auto | Running] -- C:\Programme\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2010.04.06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.10.13 15:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Programme\GIGABYTE\SMART6\timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)
SRV - [2009.10.07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.17 15:13:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Programme\GIGABYTE\EnergySaver2\des2svr.exe -- (DES2 Service)
SRV - [2008.11.04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008.08.15 04:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - [2012.03.22 16:36:05 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.06.29 14:34:12 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.29 14:34:12 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.06.21 21:50:28 | 000,024,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GVTDrv.sys -- (GVTDrv)
DRV - [2011.06.21 11:24:06 | 000,032,768 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2011.04.12 12:01:38 | 000,045,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV - [2011.03.18 05:00:32 | 010,508,632 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.03.18 05:00:32 | 000,139,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2011.03.07 10:22:00 | 000,052,992 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV - [2011.03.07 10:22:00 | 000,033,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\EtronHub3.sys -- (EtronHub3)
DRV - [2011.01.10 17:16:16 | 000,018,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2010.12.07 08:30:39 | 000,021,528 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hppcfaxio.sys -- (HPFXFAX)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.10.03 05:09:14 | 000,020,504 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hppcbulkio.sys -- (HPFXBULKLEDM)
DRV - [2010.09.21 08:59:02 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI) Intel(R)
DRV - [2009.10.08 16:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.10.07 05:51:56 | 000,115,848 | ---- | M] (ABILIS Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AbilisBdaTuner.sys -- (AbilisT)
DRV - [2009.10.07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.10.05 15:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.08.24 08:14:30 | 000,044,544 | ---- | M] (AzureWave Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\azvusb.sys -- (azvusb)
DRV - [2008.02.29 09:13:48 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2007.10.12 01:00:44 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007.10.12 00:56:22 | 000,490,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2007.03.16 09:11:38 | 000,012,256 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TBPanel.sys -- (TBPanel)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2A E2 7F 35 DC AD CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Google "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.heise.de"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.10: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.19 22:13:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.03.19 22:13:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2011.06.21 22:22:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hedu\AppData\Roaming\mozilla\Extensions
[2011.06.21 22:22:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hedu\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.03.19 22:43:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hedu\AppData\Roaming\mozilla\Firefox\Profiles\40udxu6l.default\extensions
[2011.08.08 09:27:24 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\hedu\AppData\Roaming\mozilla\Firefox\Profiles\40udxu6l.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.01.19 22:59:55 | 000,002,126 | ---- | M] () -- C:\Users\hedu\AppData\Roaming\Mozilla\Firefox\Profiles\40udxu6l.default\searchplugins\google-.xml
[2012.01.09 07:47:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\HEDU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\40UDXU6L.DEFAULT\EXTENSIONS\{EF4E370E-D9F0-4E00-B93E-A4F274CFDD5A}.XPI
() (No name found) -- C:\USERS\HEDU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\40UDXU6L.DEFAULT\EXTENSIONS\ADD-TO-SEARCHBOX@MALTEKRAUS.DE.XPI
() (No name found) -- C:\USERS\HEDU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\40UDXU6L.DEFAULT\EXTENSIONS\FIREGESTURES@XULDEV.ORG.XPI
[2012.02.19 03:25:25 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.04 16:54:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.04 16:54:37 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.04 16:54:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.04 16:54:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.04 16:54:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.04 16:54:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll ()
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Programme\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HP LaserJet Professional CM1410 Series Fax] C:\Program Files\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SpywareTerminatorUpdater] C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKCU..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe (Gainward Co.)
O4 - HKCU..\Run: [MobileDocuments] C:\Programme\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [NotesSODCPreLoad] C:\Program Files\IBM\Lotus\Notes\framework\shared\eclipse\plugins\com.ibm.symphony.brand.win32_3.0.0.20110822-1305\program\preload.exe ()
O4 - HKCU..\Run: [StrmServer.exe] C:\Programme\Common Files\PCTV Systems\StreamingServer\StrmServer.exe (PCTV Systems S.à r.l.)
O4 - HKLM..\RunOnce: [RPMKickstart] C:\Programme\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.)
O4 - Startup: C:\Users\hedu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Programme\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Users\hedu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\hedu\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26EF8236-A467-4F60-8622-5CEAF41F4E74}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6BCBF602-0646-4FB5-B9E8-97F20F6CCD9C}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.03.22 16:33:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.03.22 00:01:12 | 000,000,000 | ---D | C] -- C:\Users\hedu\Desktop\69886-alle-hilfesuchenden-eroeffnung-themas-beachten-Dateien
[2012.03.22 00:00:14 | 000,607,260 | ---- | C] (Swearware) -- C:\Users\hedu\Desktop\dds.scr
[2012.03.21 23:59:55 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\hedu\Desktop\dds.com
[2012.03.21 22:53:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2012.03.21 22:53:43 | 000,000,000 | ---D | C] -- C:\Users\hedu\AppData\Roaming\Spyware Terminator
[2012.03.21 22:53:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2012.03.21 22:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2012.03.21 22:31:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.03.21 22:31:05 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.03.21 22:29:26 | 000,000,000 | ---D | C] -- C:\Users\hedu\Desktop\malware_logs
[2012.03.21 19:19:46 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Users\hedu\Desktop\OTL.exe
[2012.03.21 17:55:23 | 000,000,000 | ---D | C] -- C:\Users\hedu\AppData\Roaming\Malwarebytes
[2012.03.21 17:55:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.21 17:55:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.03.21 17:55:18 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.03.21 17:55:18 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.03.20 03:35:19 | 000,000,000 | ---D | C] -- C:\Users\hedu\AppData\Roaming\Avira
[2012.03.19 22:19:37 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2012.03.19 22:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.03.19 22:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.03.19 22:17:15 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.03.19 22:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012.03.19 22:12:58 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012.03.19 22:11:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.03.19 21:32:32 | 000,000,000 | ---D | C] -- C:\Users\hedu\AppData\Local\Audible
[2012.03.19 21:32:22 | 000,255,352 | ---- | C] (Audible, Inc.) -- C:\Windows\System32\awrdscdc.ax
[2012.03.19 21:32:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
[2012.03.19 21:32:20 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2012.03.19 21:32:10 | 000,000,000 | ---D | C] -- C:\Users\hedu\Documents\Audible
[2012.03.19 21:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\Audible
[2012.03.19 19:19:16 | 000,000,000 | ---D | C] -- C:\Users\hedu\AppData\Roaming\TeraCopy
[2012.03.19 19:18:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy
[2012.03.19 19:18:04 | 000,000,000 | ---D | C] -- C:\Program Files\TeraCopy
[2012.03.14 03:00:50 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.03.14 03:00:49 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.03.14 02:04:56 | 002,343,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.03.14 02:04:55 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.03.14 02:03:24 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012.03.14 02:03:24 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.03.14 02:03:24 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.03.14 02:03:24 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012.03.01 00:21:17 | 000,000,000 | ---D | C] -- C:\Users\hedu\My Documents
[2012.03.01 00:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lotus Anwendungen
[2012.03.01 00:06:23 | 000,000,000 | ---D | C] -- C:\Users\hedu\AppData\Local\Lotus
[2012.03.01 00:05:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Lotus
[2012.03.01 00:05:35 | 000,000,000 | ---D | C] -- C:\Program Files\IBM
[2012.02.29 00:41:01 | 000,000,000 | ---D | C] -- C:\Users\hedu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
[2012.02.29 00:41:00 | 000,000,000 | ---D | C] -- C:\Program Files\LinuxLive USB Creator
========== Files - Modified Within 30 Days ==========
[2012.03.22 16:39:59 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.03.22 16:39:59 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.03.22 16:39:59 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.03.22 16:39:59 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.03.22 16:36:14 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012.03.22 16:36:05 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Windows\gdrv.sys
[2012.03.22 16:35:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.22 16:35:32 | 2811,584,512 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.22 16:34:38 | 000,017,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.22 16:34:37 | 000,017,104 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.22 00:08:50 | 000,000,000 | ---- | M] () -- C:\Users\hedu\defogger_reenable
[2012.03.22 00:01:12 | 000,076,575 | ---- | M] () -- C:\Users\hedu\Desktop\69886-alle-hilfesuchenden-eroeffnung-themas-beachten.html
[2012.03.22 00:00:17 | 000,607,260 | ---- | M] (Swearware) -- C:\Users\hedu\Desktop\dds.scr
[2012.03.21 23:59:56 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\hedu\Desktop\dds.com
[2012.03.21 23:58:28 | 000,050,477 | ---- | M] () -- C:\Users\hedu\Desktop\Defogger.exe
[2012.03.21 22:53:43 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2012.03.21 22:31:05 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.03.21 17:55:19 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.21 17:35:55 | 000,089,088 | ---- | M] () -- C:\Users\hedu\Desktop\mbr.exe
[2012.03.21 17:22:59 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\hedu\Desktop\OTL.exe
[2012.03.19 22:19:42 | 000,002,479 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2012.03.19 22:18:11 | 000,002,134 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2012.03.19 22:17:39 | 000,001,760 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.03.19 22:13:04 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.03.19 22:08:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.03.19 21:32:26 | 000,001,918 | ---- | M] () -- C:\Users\hedu\Desktop\Audible Manager.lnk
[2012.03.19 21:32:22 | 000,255,352 | ---- | M] (Audible, Inc.) -- C:\Windows\System32\awrdscdc.ax
[2012.03.19 19:18:05 | 000,000,972 | ---- | M] () -- C:\Users\hedu\Desktop\TeraCopy.lnk
[2012.03.14 03:18:57 | 002,239,040 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.03.11 11:00:41 | 000,083,620 | ---- | M] () -- C:\Users\hedu\Desktop\leb-11.pdf
[2012.03.01 17:34:31 | 000,000,600 | ---- | M] () -- C:\Users\hedu\AppData\Local\PUTTY.RND
[2012.03.01 00:10:34 | 000,002,225 | ---- | M] () -- C:\Users\Public\Desktop\Lotus Symphony Presentations.lnk
[2012.03.01 00:10:34 | 000,002,223 | ---- | M] () -- C:\Users\Public\Desktop\Lotus Symphony Spreadsheets.lnk
[2012.03.01 00:10:34 | 000,002,218 | ---- | M] () -- C:\Users\Public\Desktop\Lotus Notes 8.5.lnk
[2012.03.01 00:10:34 | 000,002,217 | ---- | M] () -- C:\Users\Public\Desktop\Lotus Symphony Documents.lnk
[2012.03.01 00:05:07 | 000,063,741 | ---- | M] () -- C:\Users\hedu\install.xml
[2012.02.26 08:07:03 | 014,104,964 | ---- | M] () -- C:\Users\hedu\Desktop\Finns Taufeinladung Email.rar
[2012.02.22 06:51:48 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
========== Files Created - No Company Name ==========
[2012.03.22 00:08:50 | 000,000,000 | ---- | C] () -- C:\Users\hedu\defogger_reenable
[2012.03.22 00:01:11 | 000,076,575 | ---- | C] () -- C:\Users\hedu\Desktop\69886-alle-hilfesuchenden-eroeffnung-themas-beachten.html
[2012.03.21 23:58:27 | 000,050,477 | ---- | C] () -- C:\Users\hedu\Desktop\Defogger.exe
[2012.03.21 22:53:44 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2012.03.21 22:53:43 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
[2012.03.21 22:31:05 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.03.21 19:20:03 | 000,089,088 | ---- | C] () -- C:\Users\hedu\Desktop\mbr.exe
[2012.03.21 19:19:57 | 000,286,208 | ---- | C] () -- C:\Users\hedu\Desktop\gmer.exe
[2012.03.21 17:55:19 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.19 22:19:42 | 000,002,491 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2012.03.19 22:19:42 | 000,002,479 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2012.03.19 22:17:39 | 000,001,760 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.03.19 22:13:04 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012.03.19 22:08:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.03.19 21:32:26 | 000,001,918 | ---- | C] () -- C:\Users\hedu\Desktop\Audible Manager.lnk
[2012.03.19 19:18:05 | 000,000,972 | ---- | C] () -- C:\Users\hedu\Desktop\TeraCopy.lnk
[2012.03.11 11:00:41 | 000,083,620 | ---- | C] () -- C:\Users\hedu\Desktop\leb-11.pdf
[2012.03.01 00:10:34 | 000,002,225 | ---- | C] () -- C:\Users\Public\Desktop\Lotus Symphony Presentations.lnk
[2012.03.01 00:10:34 | 000,002,223 | ---- | C] () -- C:\Users\Public\Desktop\Lotus Symphony Spreadsheets.lnk
[2012.03.01 00:10:34 | 000,002,218 | ---- | C] () -- C:\Users\Public\Desktop\Lotus Notes 8.5.lnk
[2012.03.01 00:10:34 | 000,002,217 | ---- | C] () -- C:\Users\Public\Desktop\Lotus Symphony Documents.lnk
[2012.03.01 00:05:07 | 000,063,741 | ---- | C] () -- C:\Users\hedu\install.xml
[2012.02.26 08:07:02 | 014,104,964 | ---- | C] () -- C:\Users\hedu\Desktop\Finns Taufeinladung Email.rar
[2012.01.05 18:36:19 | 000,000,608 | -HS- | C] () -- C:\Windows\System32\winzvprt5.sys
[2012.01.05 18:36:19 | 000,000,230 | ---- | C] () -- C:\Windows\System32\hppfaxprinter5.ini
[2011.11.07 19:50:21 | 000,000,416 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.07.26 18:36:38 | 000,000,600 | ---- | C] () -- C:\Users\hedu\AppData\Local\PUTTY.RND
[2011.06.25 09:49:41 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.06.21 23:26:05 | 000,434,176 | ---- | C] () -- C:\Windows\System32\ZSHP1018.EXE
[2011.06.21 21:50:28 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys
[2011.06.21 21:46:04 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe
[2011.06.21 21:46:04 | 000,018,544 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys
[2011.06.21 21:45:56 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2011.06.21 21:44:45 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.21 21:42:53 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.03.18 05:00:32 | 000,007,764 | ---- | C] () -- C:\Windows\cadx2.ini
========== LOP Check ==========
[2011.08.12 09:27:32 | 000,000,000 | ---D | M] -- C:\Users\hedu\AppData\Roaming\Canneverbe Limited
[2011.07.11 19:25:41 | 000,000,000 | ---D | M] -- C:\Users\hedu\AppData\Roaming\de.3m5.wendel.flcd.FLCDB.4E7DF207D694E815646D9C9DD7DC91A41EB7FD23.1
[2011.08.08 09:27:27 | 000,000,000 | ---D | M] -- C:\Users\hedu\AppData\Roaming\DVDVideoSoft
[2011.08.08 09:27:24 | 000,000,000 | ---D | M] -- C:\Users\hedu\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.08.01 19:31:43 | 000,000,000 | ---D | M] -- C:\Users\hedu\AppData\Roaming\EPSON
[2012.03.11 15:31:48 | 000,000,000 | ---D | M] -- C:\Users\hedu\AppData\Roaming\FileZilla
[2012.03.22 16:42:15 | 000,000,000 | ---D | M] -- C:\Users\hedu\AppData\Roaming\Free Download Manager
[2012.01.31 20:33:11 | 000,000,000 | ---D | M] -- C:\Users\hedu\AppData\Roaming\FreeFLVConverter
[2011.08.22 15:32:37 | 000,000,000 | ---D | M] -- C:\Users\hedu\AppData\Roaming\gp-Untis
[2011.08.26 18:33:20 | 000,000,000 | ---D | M] -- C:\Users\hedu\AppData\Roaming\Leadertech
[2012.03.21 22:53:43 | 000,000,000 | ---D | M] -- C:\Users\hedu\AppData\Roaming\Spyware Terminator
[2012.03.19 19:20:44 | 000,000,000 | ---D | M] -- C:\Users\hedu\AppData\Roaming\TeraCopy
[2011.06.21 22:22:33 | 000,000,000 | ---D | M] -- C:\Users\hedu\AppData\Roaming\Thunderbird
[2011.12.15 03:19:39 | 000,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
--- --- --- Extra.Txt
OTL Logfile: Code:
OTL Extras logfile created on: 22.03.2012 16:41:08 - Run 2
OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\hedu\Desktop
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,49 Gb Total Physical Memory | 2,11 Gb Available Physical Memory | 60,54% Memory free
6,98 Gb Paging File | 5,50 Gb Available in Paging File | 78,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 205,08 Gb Total Space | 152,89 Gb Free Space | 74,55% Space Free | Partition Type: NTFS
Drive D: | 507,81 Gb Total Space | 499,30 Gb Free Space | 98,32% Space Free | Partition Type: NTFS
Drive E: | 684,27 Gb Total Space | 595,67 Gb Free Space | 87,05% Space Free | Partition Type: NTFS
Drive F: | 40,09 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: PC2011 | User Name: hedu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.ini [@ = UltraEdit.ini] -- C:\Program Files\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.)
.js [@ = UltraEdit.js] -- C:\Program Files\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.)
.txt [@ = UltraEdit.txt] -- C:\Program Files\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06F8CD93-C722-45E9-A9A4-F48F78E39E84}" = hppFaxUtilityCM1410
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0EF0EA0D-F945-4958-85CC-60FF1E86D216}" = HP LaserJet Professional CM1410 Series
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21749F4E-02A1-4828-9A1E-BBDF5929C5D0}" = HP LJ CM1410 MFP Series HP Scan
"{229D6185-BD7E-494B-A73B-C5215BE0690E}" = HPLJUT
"{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}" = EPSON TWAIN 5
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 29
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{303F7619-4E67-450F-985A-A2DF51B30AC8}" = Adobe Setup
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B10.1221.1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{4006E354-3D24-49BA-A36F-7EB75D50D575}" = hppLaserJetService
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0323.1
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}" = UltraEdit
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{675F86A8-E093-4002-87D5-915CC2C45571}" = DES 2.0
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7426D8C8-7323-4A3D-9F94-2465B95C26B5}" = TVCenter
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FAB3316-11F4-44F3-8483-7278717496EC}" = hppTLBXFXCM1410
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92F91A05-8241-4651-B9F4-9D04EE1F2634}" = hppSendFaxCM1410
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2F9B2C-1585-43AD-9EF9-48AAD60DFC04}" = Microsoft IntelliPoint 8.1
"{A08BAD08-9AA3-410F-98F3-C92C8EE37218}" = Safari
"{A0D888F5-B8E9-D6BC-6309-35671E22649F}" = Fragen-Lern-CD 4.1
"{A3A18593-62BE-4AE1-AF3F-E35179CF042E}" = hpzTLBXFX
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 267.60
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 267.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 267.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC7E2C06-D255-4300-AA12-33AB54D009AC}" = Adobe Creative Suite 4 Design Standard
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C9C16E4B-4FDD-4A31-8B8F-EC402082407A}" = HPLaserJetHelp_LearnCenter
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D1AB1809-3DAC-4B67-ABD1-5F9286AA6DE3}" = Lotus Notes 8.5.3 de
"{D85A16FA-3408-4EEF-973F-05C1D23901B9}" = hppCM1410LaserJetService
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.5
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}" = Marketsplash Shortcuts
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FFD7B2D9-AC9D-468C-83A2-21017A811623}" = hppFaxDrvCM1410
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_1e3ba55b33b1e8227645fb9c82acca3" = Adobe Creative Suite 4 Design Standard
"AudibleManager" = AudibleManager
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"de.3m5.wendel.flcd.FLCDB.4E7DF207D694E815646D9C9DD7DC91A41EB7FD23.1" = Fragen-Lern-CD 4.1
"FileZilla Client" = FileZilla Client 3.5.0
"Free Download Manager_is1" = Free Download Manager 3.0
"Free FLV Converter_is1" = Free FLV Converter V 7.3.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.6.727
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0323.1
"InstallShield_{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}" = UltraEdit
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"LinuxLive USB Creator" = LinuxLive USB Creator
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"Mozilla Thunderbird 10.0.2 (x86 de)" = Mozilla Thunderbird 10.0.2 (x86 de)
"MySSID_is1" = EXPERTool 7.18
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"SopCast" = SopCast 3.4.0
"TeraCopy_is1" = TeraCopy 2.27
"Untis 2011" = Untis 2011
"VLC media player" = VLC media player 1.1.10
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.03.2012 14:21:07 | Computer Name = PC2011 | Source = Software Protection Platform Service | ID = 12293
Description = Fehler beim Veröffentlichen des Schlüsselverwaltungsdienstes (Key
Management Service, KMS) in DNS in der ""-Domäne. Info: 0x80070057
Error - 21.03.2012 18:30:28 | Computer Name = PC2011 | Source = VSS | ID = 8194
Description =
Error - 21.03.2012 18:51:38 | Computer Name = PC2011 | Source = Lotus Notes Network Provider | ID = 2
Description = Notes Single Logon will not function properly: Service is not available
to accept credentials
Error - 21.03.2012 19:08:45 | Computer Name = PC2011 | Source = Software Protection Platform Service | ID = 12293
Description = Fehler beim Veröffentlichen des Schlüsselverwaltungsdienstes (Key
Management Service, KMS) in DNS in der ""-Domäne. Info: 0x80070057
Error - 21.03.2012 19:27:48 | Computer Name = PC2011 | Source = Lotus Notes Network Provider | ID = 2
Description = Notes Single Logon will not function properly: Service is not available
to accept credentials
Error - 22.03.2012 11:09:23 | Computer Name = PC2011 | Source = Lotus Notes Network Provider | ID = 2
Description = Notes Single Logon will not function properly: Service is not available
to accept credentials
Error - 22.03.2012 11:25:48 | Computer Name = PC2011 | Source = Lotus Notes Network Provider | ID = 2
Description = Notes Single Logon will not function properly: Service is not available
to accept credentials
Error - 22.03.2012 11:33:10 | Computer Name = PC2011 | Source = Software Protection Platform Service | ID = 12293
Description = Fehler beim Veröffentlichen des Schlüsselverwaltungsdienstes (Key
Management Service, KMS) in DNS in der ""-Domäne. Info: 0x80070057
Error - 22.03.2012 11:33:24 | Computer Name = PC2011 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: st_rsser.exe, Version: 3.0.0.36,
Zeitstempel: 0x4e7afd9c Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725,
Zeitstempel: 0x4ec49b60 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000303a2 ID des fehlerhaften
Prozesses: 0x778 Startzeit der fehlerhaften Anwendung: 0x01cd0840c4d66c1c Pfad der
fehlerhaften Anwendung: C:\Program Files\Spyware Terminator\st_rsser.exe Pfad des
fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 5c1edebf-7434-11e1-b47a-50e54938dbc1
Error - 22.03.2012 11:37:55 | Computer Name = PC2011 | Source = Software Protection Platform Service | ID = 12293
Description = Fehler beim Veröffentlichen des Schlüsselverwaltungsdienstes (Key
Management Service, KMS) in DNS in der ""-Domäne. Info: 0x80070057
[ System Events ]
Error - 15.12.2011 12:00:44 | Computer Name = PC2011 | Source = bowser | ID = 8003
Description =
Error - 05.02.2012 09:25:08 | Computer Name = PC2011 | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 28.02.2012 20:15:26 | Computer Name = PC2011 | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 28.02.2012 20:15:26 | Computer Name = PC2011 | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 28.02.2012 20:15:27 | Computer Name = PC2011 | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 29.02.2012 19:06:21 | Computer Name = PC2011 | Source = Service Control Manager | ID = 7030
Description = Der Dienst "Lotus Notes-Diagnose" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 29.02.2012 19:06:22 | Computer Name = PC2011 | Source = Service Control Manager | ID = 7030
Description = Der Dienst "Lotus Notes Smart Upgrade Service " ist als interaktiver
Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive
Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 29.02.2012 19:06:22 | Computer Name = PC2011 | Source = Service Control Manager | ID = 7030
Description = Der Dienst "Multi-user Cleanup Service" ist als interaktiver Dienst
gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste
nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 19.03.2012 17:15:32 | Computer Name = PC2011 | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 19.03.2012 22:24:47 | Computer Name = PC2011 | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?20.?03.?2012 um 03:22:07 unerwartet heruntergefahren.
< End of report >
--- --- ---
Alle Scans liefen problemlos und wurden im normalen Modus ausgeführt. Zum Posten der Logs gehe ich im abgesicherten Modus online - da geht es.
LG
hbergmann |
