Nochmal OTL ausgeführt und so siehts aus
OTL_text:
OTL Logfile: Code:
OTL logfile created on: 25.03.2012 18:24:07 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,49 Gb Total Physical Memory | 2,45 Gb Available Physical Memory | 70,35% Memory free
5,32 Gb Paging File | 4,31 Gb Available in Paging File | 81,02% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 40,00 Gb Total Space | 17,81 Gb Free Space | 44,53% Space Free | Partition Type: NTFS
Drive D: | 425,26 Gb Total Space | 294,34 Gb Free Space | 69,21% Space Free | Partition Type: NTFS
Drive E: | 988,00 Mb Total Space | 917,44 Mb Free Space | 92,86% Space Free | Partition Type: FAT
Computer Name: MC00019325 | User Name: Sravan Kumar Puppala | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Connected\AGENTSRV.EXE (Connected Corporation)
PRC - C:\Programme\Connected\CBSysTray.exe (Connected Corporation)
PRC - C:\Programme\ThinkPad\Utilities\DOZESVC.EXE (Lenovo.)
PRC - C:\Programme\ThinkPad\Utilities\PWMEWSVC.exe (Lenovo Group Limited)
PRC - C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe ()
PRC - C:\Programme\ThinkPad\Utilities\SCHTASK.EXE (Lenovo Group Limited)
PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated)
PRC - C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Lenovo )
PRC - C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo )
PRC - C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo )
PRC - C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo )
PRC - C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo )
PRC - C:\Programme\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited)
PRC - C:\Programme\Novell\ZENworks\bin\ZenworksWindowsService.exe (Novell, Inc.)
PRC - C:\Programme\Novell\ZENworks\bin\ZenUserDaemon.exe (Novell, Inc.)
PRC - C:\Programme\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\ZOOM\TpScrex.exe (Lenovo Group Limited)
PRC - C:\Programme\Mobile Broadband drivers\WMCore\WMCore.exe (Ericsson AB)
PRC - C:\Programme\Novell\ZENworks\bin\TSUsage32.exe (Novell, Inc.)
PRC - C:\Programme\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe (Intel Corporation)
PRC - C:\Programme\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited)
PRC - C:\Programme\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\Lenovo\HOTKEY\tpnumlkd.exe (Lenovo Group Limited)
PRC - C:\Programme\ThinkPad\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Programme\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
PRC - C:\Programme\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe (Microsoft Corporation)
PRC - C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)
PRC - C:\Programme\Lenovo\HOTKEY\tpnumlk.exe (Lenovo Group Limited)
PRC - C:\Programme\Novell\CASA\bin\micasad.exe (Novell, Inc)
PRC - C:\Programme\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
PRC - C:\Programme\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
PRC - C:\Programme\Symantec\Symantec Endpoint Protection\SmcGui.exe (Symantec Corporation)
PRC - C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited)
PRC - C:\Programme\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
PRC - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Programme\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
PRC - C:\WINDOWS\system32\CCM\CcmExec.exe (Microsoft Corporation)
PRC - C:\Programme\PatchLink\Update Agent\GravitixService.exe (Novell, Inc.)
PRC - C:\Programme\PatchLink\Update Agent\pddm.exe (Novell, Inc.)
PRC - C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)
PRC - C:\Programme\SAP\SapSetup\setup\Updater\NwSapAutoWorkstationUpdateService.exe (SAP AG)
PRC - C:\Programme\SAP\SapSetup\setup\Updater\NwSapSetupUserNotificationTool.exe (SAP AG)
PRC - C:\Notes\nslsvice.exe (IBM Corp)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Novell\ZENworks\NalAgent.exe (Novell, Inc)
PRC - C:\Programme\Novell\ZENworks\WM.EXE (Novell, Inc.)
PRC - C:\WINDOWS\system32\novell\xtagent.exe (Novell, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\Programme\Novell\ZENworks\WMRUNDLL.EXE (Novell, Inc.)
PRC - C:\Programme\Novell\ZENworks\NALNTSRV.EXE (Novell, Inc.)
PRC - C:\Programme\TechSmith\SnagIt 8\SnagIt32.exe (TechSmith Corporation)
PRC - C:\Programme\TechSmith\SnagIt 8\TscHelp.exe (TechSmith Corporation)
PRC - C:\Programme\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe (Novell, Inc.)
PRC - C:\Programme\UPHClean\uphclean.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\dpmw32.exe (Novell, Inc.)
PRC - C:\WINDOWS\system32\nwtray.exe (Novell, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\acc5ec6c04f1eff1029f88e339c98e47\System.Management.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d4a5aced0ec83076368bad3f7277da5f\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\1cb3849720ed4eb09c75725675a3ef31\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\facce4c3f0327583278401d360310a99\System.Runtime.Remoting.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\1af095ac130f585527b60abd230b4558\System.DirectoryServices.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\142e2b633a002e749dbd9d697dbf3f4f\System.Security.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\64bf8d2f963138ede81700b9fd525547\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\569ae3c239c7270b687996583ca97c28\UIAutomationProvider.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\9cf4a4fdd044bf3f033ae4fa26bdd796\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\891e536eaeebb1c3ea4a2b199f3b739b\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3877aa44425b257edad57137c5a2e21\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\0aacf518f032079557bc36a2eef2ccea\System.Data.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\c54577f8280781a7fdfab0768a5e57dc\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\448062bb843b945803db54b94a340c0c\PresentationFramework.Luna.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\666b3b77f2bdbd072b199abd2f15f5f1\PresentationFramework.Classic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\c29d0fd0724449a5e2e64f36c968f268\PresentationCore.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\5aa5f52223edf2f53fe90b153108d450\WindowsBase.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\12637de2619ee65d57c529f6c786dce1\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll ()
MOD - C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.swt.browser.dom.ie_6.1.2.200808010926\os\win32\x86\tlogpsdll.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\Novell.Casa.Client.Auth\1.7.0.0__ed0eb71059ea593b\Novell.Casa.Client.Auth.dll ()
MOD - C:\Programme\ThinkPad\Utilities\DE-DE\PWMUIAux.resources.dll ()
MOD - C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe ()
MOD - C:\Programme\ThinkPad\Utilities\GR\PWRMGRRO.DLL ()
MOD - C:\Programme\ThinkPad\Utilities\GR\PWRMGRRT.DLL ()
MOD - C:\Programme\Synaptics\SynTP\SynTPEnhPS.dll ()
MOD - C:\Programme\ThinkPad\ConnectUtilities\ACSonyEricssonHlpr.dll ()
MOD - C:\Programme\ThinkPad\ConnectUtilities\AcWrpc.dll ()
MOD - C:\Programme\Novell\ZENworks\bin\XmlSerializers\zmd.XmlSerializers.dll ()
MOD - C:\Programme\Novell\ZENworks\bin\XmlSerializers\Localizer.XmlSerializers.dll ()
MOD - C:\Programme\Novell\ZENworks\bin\sqlite3.dll ()
MOD - C:\Programme\Novell\ZENworks\lang\WinProxyUI_de.dll ()
MOD - C:\Programme\Novell\ZENworks\bin\XmlSerializers\InventoryManager.XmlSerializers.dll ()
MOD - C:\Programme\Novell\ZENworks\lang\InventoryManager_de.dll ()
MOD - C:\Programme\Novell\ZENworks\lang\StatusCollectionPoint_de.dll ()
MOD - C:\Programme\Novell\ZENworks\bin\XmlSerializers\AppModule.XmlSerializers.dll ()
MOD - C:\Programme\Novell\ZENworks\lang\AppModule_de.dll ()
MOD - C:\Programme\Novell\ZENworks\lang\ContentDistributionPoint_de.dll ()
MOD - C:\Programme\Novell\ZENworks\lang\AuthSatellite_de.dll ()
MOD - C:\Programme\Novell\ZENworks\lang\LoggerUI_de.dll ()
MOD - C:\Programme\Novell\ZENworks\lang\ZenNotifyIconPlugins_de.dll ()
MOD - C:\Programme\Novell\ZENworks\bin\XmlSerializers\QuickTaskManager.XmlSerializers.dll ()
MOD - C:\Programme\Novell\ZENworks\bin\XmlSerializers\ContentManager.XmlSerializers.dll ()
MOD - C:\Programme\Novell\ZENworks\lang\ContentManager_de.dll ()
MOD - C:\Programme\Novell\ZENworks\bin\XmlSerializers\AssignmentManager.XmlSerializers.dll ()
MOD - C:\Programme\Novell\ZENworks\lang\ZenNotifyIconModule_de.dll ()
MOD - C:\Programme\Novell\ZENworks\bin\XmlSerializers\RegistrationModule.XmlSerializers.dll ()
MOD - C:\Programme\Novell\ZENworks\lang\RegistrationModule_de.dll ()
MOD - C:\Programme\Novell\ZENworks\bin\XmlSerializers\Novell.Zenworks.Settings.XmlSerializers.dll ()
MOD - C:\Programme\Novell\ZENworks\lang\SettingsModule_de.dll ()
MOD - C:\Programme\Novell\ZENworks\lang\StatusSender_de.dll ()
MOD - C:\Programme\Novell\ZENworks\lang\ZMD_de.dll ()
MOD - C:\Programme\ThinkPad\ConnectUtilities\Res\GR\GUIHlprRes.dll ()
MOD - C:\Programme\ThinkPad\ConnectUtilities\Res\GR\IconRes.dll ()
MOD - C:\Programme\ThinkPad\ConnectUtilities\Res\GR\SvcHlprRes.dll ()
MOD - C:\WINDOWS\system32\btwicons.dll ()
MOD - C:\Programme\ThinkPad\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Programme\Mobile Broadband drivers\WMCore\MBMDebug.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU ()
MOD - C:\Programme\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\Programme\PatchLink\Update Agent\cryptocme2.dll ()
MOD - C:\WINDOWS\system32\nls\DEUTSCH\nwshlxnr.dll ()
MOD - C:\WINDOWS\system32\nwshlxnt.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Programme\Novell\ZENworks\nls\deutsch\NalUIRes.dll ()
MOD - C:\Programme\Novell\ZENworks\nls\deutsch\NalRes.dll ()
MOD - C:\Programme\Novell\ZENworks\nls\deutsch\NalAgentRes.dll ()
MOD - C:\WINDOWS\system32\novell\novdhcp.dll ()
MOD - C:\WINDOWS\system32\redmonnt.dll ()
MOD - C:\WINDOWS\system32\XMLPARSE.DLL ()
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (SMART Mirror Driver Monitor Service) -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\TANDBERG\See&Share\monitorservice.exe (SMART Technologies)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (DMService) -- C:\WINDOWS\DOWNLO~1\DMService.exe ()
SRV - (ZENPreAgent) -- C:\WINDOWS\novell\zenworks\bin\ZENPreAgent.exe ()
SRV - (AgentSrv) -- C:\Programme\Connected\AGENTSRV.EXE (Connected Corporation)
SRV - (DozeSvc) -- C:\Programme\ThinkPad\Utilities\DOZESVC.EXE (Lenovo.)
SRV - (PwmEWSvc) -- C:\Programme\ThinkPad\Utilities\PWMEWSVC.exe (Lenovo Group Limited)
SRV - (Power Manager DBC Service) -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe ()
SRV - (AcSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo )
SRV - (AcPrfMgrSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo )
SRV - (LENOVO.CAMMUTE) -- C:\Programme\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited)
SRV - (Novell ZENworks Agent Service) -- C:\Programme\Novell\ZENworks\bin\ZenworksWindowsService.exe (Novell, Inc.)
SRV - (WMCoreService) -- C:\Programme\Mobile Broadband drivers\WMCore\WMCore.exe (Ericsson AB)
SRV - (jhi_service) Intel(R) -- C:\Programme\Intel\Services\IPT\jhi_service.exe (Intel Corporation)
SRV - (UNS) Intel(R) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (S24EventMonitor) Intel(R) -- C:\Programme\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation)
SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) Intel(R) -- C:\Programme\Gemeinsame Dateien\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (btwdins) -- C:\Programme\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (TPHKLOAD) -- C:\Programme\Lenovo\HOTKEY\tphkload.exe (Lenovo Group Limited)
SRV - (TPHKSVC) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe (Lenovo Group Limited)
SRV - (uagqecsvc) -- C:\Programme\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe (Microsoft Corporation)
SRV - (Lenovo.micmute) -- C:\Programme\Lenovo\HOTKEY\micmute.exe (Lenovo Group Limited)
SRV - (Novell Identity Store) -- C:\Programme\Novell\CASA\bin\micasad.exe (Novell, Inc)
SRV - (Symantec AntiVirus) -- C:\Programme\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
SRV - (SmcService) -- C:\Programme\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
SRV - (SNAC) -- C:\Programme\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation)
SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)
SRV - (ccSetMgr) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (BrYNSvc) -- C:\Programme\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (CcmExec) -- C:\WINDOWS\system32\CCM\CcmExec.exe (Microsoft Corporation)
SRV - (smstsmgr) -- C:\WINDOWS\System32\CCM\TSManager.exe (Microsoft Corporation)
SRV - (PatchLink Update) -- C:\Programme\PatchLink\Update Agent\GravitixService.exe (Novell, Inc.)
SRV - (NWSAPAutoWorkstationUpdateSvc) -- C:\Programme\SAP\SapSetup\setup\Updater\NwSapAutoWorkstationUpdateService.exe (SAP AG)
SRV - (Lotus Notes Single Logon) -- C:\Notes\nslsvice.exe (IBM Corp)
SRV - (cusrvc) -- C:\WINDOWS\system32\cusrvc.exe (Novell, Inc.)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (ZFDWM) -- C:\Programme\Novell\ZENworks\WM.EXE (Novell, Inc.)
SRV - (XTAgent) -- C:\WINDOWS\system32\novell\xtagent.exe (Novell, Inc.)
SRV - (IviRegMgr) -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (NALNTSERVICE) -- C:\Programme\Novell\ZENworks\NALNTSRV.EXE (Novell, Inc.)
SRV - (Remote Management Agent) -- C:\Programme\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe (Novell, Inc.)
SRV - (UPHClean) -- C:\Programme\UPHClean\uphclean.exe (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (NAVEX15) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\VirusDefs\20120324.019\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\VirusDefs\20120324.019\NAVENG.SYS (Symantec Corporation)
DRV - (smrtdrv) -- C:\WINDOWS\system32\drivers\smrtdrv.sys (SMART Technologies Inc.)
DRV - (eeCtrl) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (WpsHelper) -- C:\WINDOWS\system32\drivers\wpshelper.sys (Symantec Corporation)
DRV - (TrojanKillerDriver) -- C:\WINDOWS\system32\drivers\gtkdrv.sys (Windows (R) Win 7 DDK provider)
DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (DozeHDD) -- C:\WINDOWS\system32\drivers\DOZEHDD.SYS (Lenovo.)
DRV - (TPPWRIF) -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS (Lenovo Group Limited)
DRV - (IBMTPCHK) -- C:\WINDOWS\system32\drivers\IBMBLDID.sys ()
DRV - (ANC) -- C:\WINDOWS\system32\drivers\ANC.sys (IBM Corp.)
DRV - (risdxc) -- C:\WINDOWS\system32\drivers\risdxc86.sys (REDC)
DRV - (WNTHW) -- C:\WINDOWS\system32\drivers\WNTHW.SYS ()
DRV - (Mbm4NUn) F5521gw Mobile Broadband Network Adapter (WDM) -- C:\WINDOWS\system32\drivers\Mbm4NUn.sys (MCCI Corporation)
DRV - (Mbm4mdm) -- C:\WINDOWS\system32\drivers\Mbm4mdm.sys (MCCI Corporation)
DRV - (Mbm4mgmt) Mobile Broadband Device Management Driver (WDM) -- C:\WINDOWS\system32\drivers\Mbm4mgmt.sys (MCCI Corporation)
DRV - (Mbm4NNd5) F5521gw Mobile Broadband Network Adapter (NDIS) -- C:\WINDOWS\system32\drivers\Mbm4NNd5.sys (MCCI Corporation)
DRV - (Mbm4bus) F5521gw Mobile Broadband Device (WDM) -- C:\WINDOWS\system32\drivers\Mbm4bus.sys (MCCI Corporation)
DRV - (Mbm4mdfl) -- C:\WINDOWS\system32\drivers\Mbm4mdfl.sys (MCCI Corporation)
DRV - (CnxtHdAudService) -- C:\WINDOWS\system32\drivers\CHDRT32.sys (Conexant Systems Inc.)
DRV - (Shockprf) -- C:\WINDOWS\system32\drivers\ApsX86.sys (Lenovo.)
DRV - (TPDIGIMN) -- C:\WINDOWS\system32\drivers\ApsHM86.sys (Lenovo.)
DRV - (TSMAPIP) -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS ()
DRV - (NETwNx32) ___ Intel(R) -- C:\WINDOWS\system32\drivers\NETwNx32.sys (Intel Corporation)
DRV - (e1cexpress) Intel(R) -- C:\WINDOWS\system32\drivers\e1c5132.sys (Intel Corporation)
DRV - (l36wgps) -- C:\WINDOWS\system32\drivers\l36wgps.sys (Ericsson AB)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (MEI) Intel(R) -- C:\WINDOWS\system32\drivers\HECI.sys (Intel Corporation)
DRV - (lenovo.smi) -- C:\WINDOWS\system32\drivers\smiif32.sys (Lenovo Group Limited)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (SysPlant) -- C:\WINDOWS\system32\drivers\SysPlant.sys (Symantec Corporation)
DRV - (WPS) -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys (Symantec Corporation)
DRV - (SRTSPL) -- C:\WINDOWS\system32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\WINDOWS\system32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\WINDOWS\system32\drivers\srtspx.sys (Symantec Corporation)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (Teefer2) -- C:\WINDOWS\system32\drivers\Teefer2.sys (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (COH_Mon) -- C:\WINDOWS\system32\drivers\COH_Mon.sys (Symantec Corporation)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (prepdrvr) -- C:\WINDOWS\system32\CCM\PrepDrv.sys (Microsoft Corporation)
DRV - (smihlp) SMI Helper Driver (smihlp) -- C:\Programme\ThinkVantage Fingerprint Software\smihlp.sys (UPEK Inc.)
DRV - (smsmdd) -- C:\WINDOWS\system32\drivers\smsmdm.sys (Microsoft Corporation)
DRV - (NetwareWorkstation) -- C:\WINDOWS\system32\NetWare\nwfs.sys (Novell, Inc.)
DRV - (SRVLOC) -- C:\WINDOWS\system32\NetWare\srvloc.sys (Novell, Inc.)
DRV - (NWSIPX32) -- C:\WINDOWS\system32\NetWare\nwsipx32.sys (Novell, Inc.)
DRV - (NWFILTER) -- C:\WINDOWS\system32\NetWare\nwfilter.sys (Novell, Inc.)
DRV - (RESMGR) -- C:\WINDOWS\system32\NetWare\resmgr.sys (Novell, Inc.)
DRV - (NWDNS) -- C:\WINDOWS\system32\NetWare\nwdns.sys (Novell, Inc.)
DRV - (Sony_EricssonWWSC) -- C:\WINDOWS\system32\drivers\lnvoscard.sys (Sony Ericsson)
DRV - (NWSLP) -- C:\WINDOWS\system32\NetWare\nwslp.sys (Novell, Inc.)
DRV - (NICM) -- C:\WINDOWS\system32\drivers\nicm.sys (Novell, Inc.)
DRV - (stmtpm) -- C:\WINDOWS\system32\drivers\stm_tpm.sys (STMicroelectronics, INC)
DRV - (BM) -- C:\WINDOWS\system32\drivers\vptunnel.sys (Novell, Inc.)
DRV - (NWDHCP) -- C:\WINDOWS\system32\NetWare\nwdhcp.sys (Novell, Inc.)
DRV - (NWHOST) -- C:\WINDOWS\system32\NetWare\nwhost.sys (Novell, Inc.)
DRV - (NWSNS) Novell Simple Naming Services (NWSNS) -- C:\WINDOWS\system32\NetWare\nwsns.sys (Novell, Inc.)
DRV - (BlankScr) -- C:\WINDOWS\System32\drivers\blankscr.sys (Novell Inc.)
DRV - (Darpan) -- C:\WINDOWS\system32\drivers\Darpan.sys (Novell, Inc.)
DRV - (NICICCS) -- C:\WINDOWS\System32\drivers\niciccs.sys ()
DRV - (NWSAP) -- C:\WINDOWS\system32\NetWare\nwsap.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.steria-mummert.de/intern/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.steria-mummert.de/intern/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm049YYde&ptnrS=XPxdm049YYde&si=49647&ptb=DDACAE69-42A6-4475-B7CB-5BC0B4AEAAB3&psa=&ind=2012022005&st=sb&n=77ed04f5&searchfor={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.steria-mummert.de/intern/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.steria-mummert.de/intern/
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{068A3FEB-E034-4CD7-834C-20E7AB1D0B46}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109867&babsrc=SP_ss&mntrId=a6ddc64300000000000060d819c0da1b
IE - HKCU\..\SearchScopes\{1003C13B-1BEF-4DB6-BEA1-DC5E2FD06A00}: "URL" = hxxp://www.google.de
IE - HKCU\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm049YYde&ptnrS=XPxdm049YYde&si=49647&ptb=DDACAE69-42A6-4475-B7CB-5BC0B4AEAAB3&psa=&ind=2012022005&st=sb&n=77ed04f5&searchfor={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = proxy.ad.econgas.com:8080
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = hxxp://wpad/wpad.dat
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\:
[2011.12.20 17:17:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\Mozilla\Extensions
[2012.02.29 22:15:21 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\Mozilla\Firefox\Profiles\wbkl6vga.default\extensions
[2012.03.24 20:07:11 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\Mozilla\Firefox\Profiles\wbkl6vga.default\extensions\64ffxtbr@TelevisionFanatic.com
[2012.02.05 13:46:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.02.05 13:46:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.02.19 16:43:25 | 000,002,310 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml
O1 HOSTS File: ([2008.04.14 19:30:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programme\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programme\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo )
O4 - HKLM..\Run: [ACWLIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo )
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Application Explorer] C:\Programme\Novell\ZENworks\naldesk.exe (Novell, Inc.)
O4 - HKLM..\Run: [BrStsMon00] C:\Programme\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ccApp] C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IMSS] C:\Programme\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [LenovoAutoScrollUtility] C:\Programme\Lenovo\VIRTSCRL\virtscrl.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [LPMailChecker] C:\Programme\ThinkVantage\PrdCtr\LPMLCHK.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [NDPS] C:\WINDOWS\system32\dpmw32.exe (Novell, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NWTRAY] C:\WINDOWS\System32\nwtray.exe (Novell, Inc.)
O4 - HKLM..\Run: [PDDM] C:\Programme\PatchLink\Update Agent\pddm.exe (Novell, Inc.)
O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SAP_WUS_UNT] C:\Programme\SAP\SAPsetup\setup\Updater\NwSapSetupUserNotificationTool.exe (SAP AG)
O4 - HKLM..\Run: [SMART Mirror Driver Monitor Service] C:\Dokumente und Einstellungen\Sravan Kumar Puppala [2012.03.25 17:48:58 | 000,000,000 | ---D | M]
O4 - HKLM..\Run: [TPFNF7] C:\Programme\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [ZCM Install Helper] D:\Temp\~ZCM\cleanup.exe File not found
O4 - HKLM..\Run: [ZENRC Tray Icon] C:\WINDOWS\system32\zentray.exe (Novell, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth.lnk = C:\Programme\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Connected TaskBar Icon.LNK = C:\Programme\Connected\CBSysTray.exe (Connected Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\SnagIt 8.lnk = C:\Programme\TechSmith\SnagIt 8\SnagIt32.exe (TechSmith Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: CompatibleRUPSecurity = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Persistence present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Home = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Fullscreen = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Tools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Print = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Edit = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Cut = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Copy = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Paste = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Encoding = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WarningMsgInBody =
O8 - Extra context menu item: &Search - hxxp://tbedits.televisionfanatic.com/one-toolbaredits/menusearch.jhtml?s=100000415&p=XPxdm049YYde&si=49647&a=DDACAE69-42A6-4475-B7CB-5BC0B4AEAAB3&n=2012022005 File not found
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Novell delivered applications - {C1994287-422F-47aa-8E5E-6323E210A125} - C:\Programme\Novell\ZENworks\AxNalServer.dll (Novell, Inc)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\ThinkPad\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\NetWare\nwws2nds.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\NetWare\nwws2sap.dll (Novell, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\system32\NetWare\nwws2slp.dll (Novell, Inc.)
O15 - HKCU\..Trusted Domains: hotmail.de ([]http in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: live.com ([login] https in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: srv7vie07 ([]http in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: steria.com ([chgpwd.hq] https in Vertrauenswürdige Sites)
O16 - DPF: {7114683A-020D-4D16-80FD-6ACE384B66DF} hxxp://vsrv1gasx01:9080/gasx/activex/FPSPR70.ocx (FarPoint Spread 7.0 (OLEDB))
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} https://external.econgas.com/InternalSite/WhlCompMgr.cab (Forefront UAG client components)
O16 - DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} https://domino.koeln.steria-mummert.de/dwa8W.cab (Domino Web Access 8 Control)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Java Plug-in 1.4.2_05)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://qliktech.webex.com/client/T27LD/nbr/ieatgpc.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C9B80A69-0E19-4CC0-A499-C8F0C5544AA3}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\qvp {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Programme\QlikView\QvProtocol\qvp.dll (QlikTech AB)
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Programme\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Programme\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP AG, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (ziswin.exe) - C:\WINDOWS\System32\ZISWIN.EXE (Novell)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (NWGINA.DLL) - C:\WINDOWS\System32\nwgina.dll (Novell, Inc.)
O20 - Winlogon\Notify\ACNotify: DllName - (ACNotify.dll) - C:\Programme\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo )
O20 - Winlogon\Notify\LCredMgr: DllName - (C:\Programme\Novell\CASA\bin\lcredmgr.dll) - C:\Programme\Novell\CASA\bin\lcredmgr.dll ()
O20 - Winlogon\Notify\NetIdentity Notification: DllName - (C:\WINDOWS\system32\Novell\XtNotify.dll) - C:\WINDOWS\system32\novell\xtnotify.dll (Novell, Inc.)
O20 - Winlogon\Notify\psfus: DllName - (C:\Programme\ThinkVantage Fingerprint Software\psqlpwd.dll) - C:\Programme\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\SMC Start Screen_1440w_Plain.BMP
O24 - Desktop BackupWallPaper: C:\WINDOWS\SMC Start Screen_1440w_Plain.BMP
O28 - HKLM ShellExecuteHooks: {763370C4-268E-4308-A60C-D8DA0342BE32} - C:\Programme\Novell\ZENworks\NalShell.dll (Novell, Inc)
O30 - LSA: Authentication Packages - (nwv1_0) - C:\WINDOWS\System32\nwv1_0.dll (Novell, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.12.01 15:06:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{7606a47c-52f5-11e1-a04e-028037ec0200}\Shell\AutoRun\command - "" = E:\Toshiba\more4you.exe
O33 - MountPoints2\{8140258f-3a1f-11e1-a010-60d819c0da1b}\Shell\AutoRun\command - "" = E:\Toshiba\Launcher\start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{0E5911DD-EA12-4626-B1A8-CB9B7E701F9F} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.03.25 18:21:27 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Desktop\OTL.exe
[2012.03.25 17:46:38 | 000,000,000 | ---D | C] -- C:\Avenger
[2012.03.25 15:06:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\Malwarebytes
[2012.03.25 15:06:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.03.25 15:06:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.03.25 15:06:47 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.03.25 15:06:47 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.03.24 16:05:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\GridinSoft Trojan Killer
[2012.03.24 16:04:58 | 000,000,000 | ---D | C] -- C:\Programme\GridinSoft Trojan Killer
[2012.03.19 14:14:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\webex
[2012.03.14 13:31:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Desktop\SAP BW
[2012.03.05 07:57:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Desktop\Qlikview
[2012.03.01 16:01:37 | 000,002,432 | ---- | C] (SMART Technologies Inc.) -- C:\WINDOWS\System32\drivers\smrtdrv.sys
[2012.03.01 16:01:35 | 000,011,648 | ---- | C] (SMART Technologies Inc.) -- C:\WINDOWS\System32\smrtdrv.dll
[2012.03.01 16:01:35 | 000,003,584 | ---- | C] (SMART Technologies Inc.) -- C:\WINDOWS\System32\smrtexp.dll
[2012.02.29 12:54:15 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\IECompatCache
[2012.02.28 18:38:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\QlikView
[2012.02.24 18:40:31 | 000,000,000 | ---D | C] -- D:\Bilder
[2011.12.20 11:23:00 | 003,145,728 | ---- | C] (SAP Technology,Inc) -- C:\Programme\Gemeinsame Dateien\sapxlhelper.dll
[2011.12.20 11:23:00 | 000,626,688 | ---- | C] (SAP AG) -- C:\Programme\Gemeinsame Dateien\sapconsaccess.dll
[2011.12.20 11:23:00 | 000,192,512 | ---- | C] (SAP Tech Inc.) -- C:\Programme\Gemeinsame Dateien\sapconsr3.dll
[2011.12.20 11:23:00 | 000,040,960 | ---- | C] (SAP-TECHNOLOGY) -- C:\Programme\Gemeinsame Dateien\DigitalSignature.ocx
[62 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.03.25 18:21:35 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Desktop\OTL.exe
[2012.03.25 18:05:42 | 000,573,893 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2012.03.25 17:50:48 | 000,020,894 | RHS- | M] () -- C:\Dokumente und Einstellungen\All Users\ntuser.pol
[2012.03.25 17:50:47 | 000,000,462 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2012.03.25 17:50:26 | 000,002,076 | ---- | M] () -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Desktop\SMC Anwendungen.nal
[2012.03.25 17:49:14 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2012.03.25 17:49:09 | 000,573,893 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2012.03.25 17:48:58 | 000,000,972 | RHS- | M] () -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\ntuser.pol
[2012.03.25 17:47:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.03.25 17:05:15 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.03.25 17:03:18 | 000,188,200 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.03.25 15:23:21 | 000,442,740 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.03.25 15:23:21 | 000,367,280 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2012.03.25 15:23:21 | 000,365,016 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.03.25 15:23:21 | 000,355,152 | ---- | M] () -- C:\WINDOWS\System32\perfh015.dat
[2012.03.25 15:23:21 | 000,071,912 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.03.25 15:23:21 | 000,069,076 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.03.25 15:23:21 | 000,049,376 | ---- | M] () -- C:\WINDOWS\System32\perfc015.dat
[2012.03.25 15:23:21 | 000,048,468 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2012.03.25 15:06:48 | 000,000,763 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.24 16:05:03 | 000,000,793 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Trojan Killer.lnk
[2012.03.24 14:42:42 | 000,000,731 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Connected TaskBar Icon.LNK
[2012.03.23 15:53:56 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.03.22 11:09:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.03.16 23:32:43 | 000,437,661 | ---- | M] () -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Desktop\FLT_3F4HCB15413_0.pdf
[2012.03.01 16:01:37 | 000,002,432 | ---- | M] (SMART Technologies Inc.) -- C:\WINDOWS\System32\drivers\smrtdrv.sys
[2012.03.01 16:01:35 | 000,011,648 | ---- | M] (SMART Technologies Inc.) -- C:\WINDOWS\System32\smrtdrv.dll
[2012.03.01 16:01:35 | 000,003,584 | ---- | M] (SMART Technologies Inc.) -- C:\WINDOWS\System32\smrtexp.dll
[2012.02.28 18:03:43 | 000,002,010 | -H-- | M] () -- D:\Default.rdp
[2012.02.28 00:42:29 | 000,000,042 | ---- | M] () -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\default.pls
[62 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.03.25 17:50:26 | 000,002,076 | ---- | C] () -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Desktop\SMC Anwendungen.nal
[2012.03.25 15:06:48 | 000,000,763 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.24 16:05:03 | 000,000,793 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Trojan Killer.lnk
[2012.03.16 23:32:43 | 000,437,661 | ---- | C] () -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Desktop\FLT_3F4HCB15413_0.pdf
[2012.02.28 00:42:29 | 000,000,042 | ---- | C] () -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\default.pls
[2012.02.19 16:12:52 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.07 13:15:05 | 000,007,680 | ---- | C] () -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.15 21:56:15 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\BRIDF10A.DAT
[2012.01.15 21:56:13 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2012.01.03 20:20:29 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.12.20 18:07:31 | 000,456,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\niciccs.sys
[2011.12.20 18:05:45 | 000,078,448 | ---- | C] () -- C:\WINDOWS\System32\bmnotify.dll
[2011.12.20 18:05:44 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ldapmethod.dll
[2011.12.20 18:05:43 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\vpnlogin.exe
[2011.12.20 18:05:43 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\ikeapp.exe
[2011.12.20 18:05:43 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\vpnstats.exe
[2011.12.20 18:05:43 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\vpnext.dll
[2011.12.20 18:05:43 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\regvpn.exe
[2011.12.20 18:05:43 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\vpnrst.exe
[2011.12.20 18:05:43 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\SlpDnsRestore.exe
[2011.12.20 18:02:57 | 000,586,752 | R--- | C] () -- C:\WINDOWS\autolog.exe
[2011.12.20 18:02:57 | 000,080,384 | ---- | C] () -- C:\WINDOWS\cusrmgr.exe
[2011.12.20 18:02:55 | 000,262,227 | ---- | C] () -- C:\WINDOWS\System32\nwshlxnt.dll
[2011.12.20 18:02:55 | 000,065,619 | ---- | C] () -- C:\WINDOWS\System32\setupw2k.dll
[2011.12.20 18:02:55 | 000,015,898 | ---- | C] () -- C:\WINDOWS\System32\vlmsup.exe
[2011.12.20 18:02:55 | 000,001,724 | ---- | C] () -- C:\WINDOWS\System32\vipx.exe
[2011.12.20 18:02:54 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\lgncon32.dll
[2011.12.20 18:02:54 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\dplgnw32.dll
[2011.12.20 18:02:51 | 000,002,757 | ---- | C] () -- C:\WINDOWS\System32\rdrstats.ini
[2011.12.20 18:02:50 | 000,225,356 | ---- | C] () -- C:\WINDOWS\System32\lgnwnt32.dll
[2011.12.20 18:02:50 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\prtwin32.dll
[2011.12.20 18:02:50 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\nwpsrv32.dll
[2011.12.20 18:02:49 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\nwslog32.dll
[2011.12.20 18:02:09 | 000,573,893 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2011.12.20 17:17:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.12.20 13:28:36 | 000,256,580 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.12.20 13:28:36 | 000,256,580 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.12.20 13:28:36 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.12.20 13:25:56 | 000,000,462 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2011.12.20 13:24:33 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2011.12.20 13:24:33 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2011.12.20 13:24:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2011.12.20 13:24:33 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2011.12.20 13:24:33 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2011.12.20 13:24:33 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2011.12.20 13:22:26 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\IntelMEFWVer.dll
[2011.12.20 13:19:14 | 000,638,784 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2011.12.20 12:55:49 | 000,023,116 | ---- | C] () -- C:\WINDOWS\System32\CcmFramework.ini
[2011.12.20 12:53:51 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.12.20 12:37:56 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2011.12.20 11:31:49 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2011.12.20 11:24:49 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.12.20 11:23:49 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[2011.12.20 11:23:48 | 001,690,896 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[2011.12.20 11:23:48 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[2011.12.20 11:23:48 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
[2011.12.20 11:23:00 | 000,955,904 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\SAPActiveXL.xlt
[2011.12.20 11:23:00 | 000,949,760 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\SAPActiveXL_nosig.xlt
[2011.12.20 11:21:43 | 001,064,960 | ---- | C] () -- C:\WINDOWS\System32\h5krnl32.dll
[2011.12.20 11:21:43 | 000,188,928 | ---- | C] () -- C:\WINDOWS\System32\h5icon32.dll
[2011.12.20 11:21:43 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\h5menu32.dll
[2011.12.20 11:21:43 | 000,095,744 | ---- | C] () -- C:\WINDOWS\System32\h5rtf32.dll
[2011.12.20 11:21:43 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\h5tool32.dll
[2011.12.20 11:18:43 | 000,009,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\WNTHW.SYS
[2011.11.09 10:08:01 | 000,001,372 | ---- | C] () -- C:\WINDOWS\System32\VoipUpdate.ini
[2011.11.09 10:07:54 | 000,030,893 | ---- | C] () -- C:\WINDOWS\System32\drivers\Mixer.ini
[2011.11.09 10:07:47 | 000,001,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\Altmixer.ini
[2011.11.09 10:03:42 | 002,286,930 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010.12.09 14:57:54 | 002,860,384 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2010.10.11 03:29:34 | 000,114,688 | ---- | C] () -- C:\Programme\ad_ff.dll
[2010.10.11 03:29:14 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\jmicasa.dll
[2010.10.11 03:29:04 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\micasa.dll
[2010.10.11 03:28:52 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\micasacache.dll
[2010.07.10 04:24:14 | 000,006,253 | ---- | C] () -- C:\Programme\eula.rtf
[2010.05.28 11:39:16 | 000,335,872 | ---- | C] () -- C:\WINDOWS\System32\casa_authtoken.dll
[2010.05.14 12:08:12 | 000,024,632 | ---- | C] () -- C:\WINDOWS\System32\providers.bin
========== LOP Check ==========
[2012.02.19 16:43:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2011.12.20 11:29:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ConeXware
[2011.12.20 13:25:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lenovo
[2011.12.20 11:15:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mummert
[2012.02.28 17:03:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QlikTech
[2012.01.14 12:45:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TechSmith
[2012.02.19 16:43:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\Babylon
[2012.01.17 14:40:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\DBDesigner4
[2011.12.20 12:53:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\Lenovo
[2011.12.20 12:56:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\Mummert
[2011.12.20 16:47:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\PwrMgr
[2012.01.06 12:22:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\QlikTech
[2012.01.14 12:54:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\TANDBERG
[2012.01.19 12:36:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\TeamViewer
[2012.03.19 14:14:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\webex
[2012.01.13 14:27:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Anwendungsdaten\Xerox
[2012.03.25 17:49:14 | 000,000,316 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012.03.25 17:47:24 | 000,000,000 | ---D | M] -- C:\Avenger
[2011.12.20 12:51:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2011.12.20 12:35:49 | 000,000,000 | -HSD | M] -- C:\DRIVERS
[2012.02.11 14:06:23 | 000,000,000 | ---D | M] -- C:\Forefront UAG Remote Access Agent
[2011.12.20 18:02:49 | 000,000,000 | -HSD | M] -- C:\INSTALLS
[2011.12.20 13:22:15 | 000,000,000 | ---D | M] -- C:\Intel
[2012.03.25 17:50:15 | 000,000,000 | -H-D | M] -- C:\NALCache
[2012.01.05 18:41:34 | 000,000,000 | ---D | M] -- C:\NDPS
[2012.03.19 20:58:40 | 000,000,000 | ---D | M] -- C:\Notes
[2011.12.20 11:10:12 | 000,000,000 | ---D | M] -- C:\Novell
[2012.03.25 15:06:47 | 000,000,000 | R--D | M] -- C:\Programme
[2012.01.08 19:44:06 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2011.12.20 18:01:14 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.03.25 15:12:34 | 000,000,000 | ---D | M] -- C:\WINDOWS
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: LOCALAPPDATA
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2008.04.14 19:30:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008.04.14 19:30:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.04.14 19:30:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 19:30:00 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp3.cab:atapi.sys
[2008.04.14 19:30:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 19:30:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 19:30:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 19:30:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 19:30:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: IASTOR.SYS >
[2009.06.04 15:13:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\DRIVERS\000_SYSTEM\MSD\iastor\IaStor.sys
[2010.11.06 00:39:18 | 000,354,840 | ---- | M] (Intel Corporation) MD5=F4037A3FEDB92DD97C95F320766EA5C9 -- C:\DRIVERS\000_SYSTEM\IaStor.sys
[2010.11.05 20:09:18 | 000,354,840 | ---- | M] (Intel Corporation) MD5=F4037A3FEDB92DD97C95F320766EA5C9 -- C:\WINDOWS\system32\drivers\iastor.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 19:30:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 19:30:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 19:30:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 19:30:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: USER32.DLL >
[2008.04.14 19:30:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\dllcache\user32.dll
[2008.04.14 19:30:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 19:30:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 19:30:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 19:30:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 19:30:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.04.14 19:30:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2008.04.14 19:30:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.12.01 20:28:19 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.12.01 20:28:18 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.12.01 20:28:18 | 000,450,560 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %USERPROFILE%\*.* >
[2011.12.20 16:02:28 | 000,069,011 | ---- | M] () -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\install.xml
[2012.03.25 17:45:59 | 004,980,736 | ---- | M] () -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\NTUSER.DAT
[2012.03.25 18:23:48 | 000,001,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\NTUSER.DAT.LOG
[2012.03.25 17:45:59 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\ntuser.ini
[2012.03.25 17:48:58 | 000,000,972 | RHS- | M] () -- C:\Dokumente und Einstellungen\Sravan Kumar Puppala\ntuser.pol
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2012.01.12 19:20:28 | 001,860,096 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< Schliesse bitte nun alle Programme >
< End of report > --- --- ---
[/CODE]
OTL_Extras:
OTL Logfile: Code:
OTL Extras logfile created on: 25.03.2012 18:24:07 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Dokumente und Einstellungen\Sravan Kumar Puppala\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,49 Gb Total Physical Memory | 2,45 Gb Available Physical Memory | 70,35% Memory free
5,32 Gb Paging File | 4,31 Gb Available in Paging File | 81,02% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 40,00 Gb Total Space | 17,81 Gb Free Space | 44,53% Space Free | Partition Type: NTFS
Drive D: | 425,26 Gb Total Space | 294,34 Gb Free Space | 69,21% Space Free | Partition Type: NTFS
Drive E: | 988,00 Mb Total Space | 917,44 Mb Free Space | 92,86% Space Free | Partition Type: FAT
Computer Name: MC00019325 | User Name: Sravan Kumar Puppala | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3024:UDP" = 3024:UDP:*:Enabled:Novell Bordermanager Proxy Services
"1761:TCP" = 1761:TCP:*:Enabled:Novell ZENworks Services
"1761:UDP" = 1761:UDP:*:Enabled:Novell ZENworks Services
"7461:TCP" = 7461:TCP:*:Enabled:Novell Asset Management
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3024:UDP" = 3024:UDP:*:Enabled:Novell Bordermanager Proxy Services
"1761:TCP" = 1761:TCP:*:Enabled:Novell ZENworks Services
"1761:UDP" = 1761:UDP:*:Enabled:Novell ZENworks Services
"2967:TCP" = 2967:TCP:*:Enabled:Symantec Client Security 1
"2967:UDP" = 2967:UDP:*:Enabled:Symantec Client Security 2
"38293:UDP" = 38293:UDP:*:Enabled:Symantec Client Security 3
"7461:TCP" = 7461:TCP:*:Enabled:Novell Asset Management
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%WINDIR%\system32\dpmw32.exe" = %WINDIR%\system32\dpmw32.exe:*:Enabled:Novell Distributed Print Services -- (Novell, Inc.)
"%WINDIR%\system32\vpnstats.exe" = %WINDIR%\system32\vpnstats.exe:*:Enabled:Novell Bordermanager VPN Services -- ()
"%WINDIR%\system32\ikeapp.exe" = %WINDIR%\system32\ikeapp.exe:*:Enabled:Novell Bordermanager VPN Services -- ()
"C:\Programme\Connected\COBackup.exe" = C:\Programme\Connected\COBackup.exe:10.0.0.0/255.0.0.0,193.26.252.0/255.255.255.0:Enabled:Connected DataProtector -- (Connected Corporation)
"C:\Programme\Connected\AgentSrv.exe" = C:\Programme\Connected\AgentSrv.exe:10.0.0.0/255.0.0.0,193.26.252.0/255.255.255.0:Enabled:Connected DataProtector -- (Connected Corporation)
"C:\WINDOWS\system32\dpmw32.exe" = C:\WINDOWS\system32\dpmw32.exe:*:Enabled:Novell Distributed Print Services -- (Novell, Inc.)
"C:\WINDOWS\system32\ikeapp.exe" = C:\WINDOWS\system32\ikeapp.exe:*:Enabled:Novell Bordermanager VPN Services -- ()
"C:\WINDOWS\system32\vpnstats.exe" = C:\WINDOWS\system32\vpnstats.exe:*:Enabled:Novell Bordermanager VPN Services -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%WINDIR%\system32\dpmw32.exe" = %WINDIR%\system32\dpmw32.exe:*:Enabled:Novell Distributed Print Services -- (Novell, Inc.)
"%WINDIR%\system32\vpnstats.exe" = %WINDIR%\system32\vpnstats.exe:*:Enabled:Novell Bordermanager VPN Services -- ()
"%WINDIR%\system32\ikeapp.exe" = %WINDIR%\system32\ikeapp.exe:*:Enabled:Novell Bordermanager VPN Services -- ()
"C:\Programme\Connected\AgentSrv.exe" = C:\Programme\Connected\AgentSrv.exe:10.0.0.0/255.0.0.0,193.26.252.0/255.255.255.0:Enabled:Connected DataProtector -- (Connected Corporation)
"C:\Programme\Connected\COBackup.exe" = C:\Programme\Connected\COBackup.exe:10.0.0.0/255.0.0.0,193.26.252.0/255.255.255.0:Enabled:Connected DataProtector -- (Connected Corporation)
"C:\WINDOWS\system32\dpmw32.exe" = C:\WINDOWS\system32\dpmw32.exe:*:Enabled:Novell Distributed Print Services -- (Novell, Inc.)
"C:\WINDOWS\system32\ikeapp.exe" = C:\WINDOWS\system32\ikeapp.exe:*:Enabled:Novell Bordermanager VPN Services -- ()
"C:\WINDOWS\system32\vpnstats.exe" = C:\WINDOWS\system32\vpnstats.exe:*:Enabled:Novell Bordermanager VPN Services -- ()
"C:\Programme\Symantec\Symantec Endpoint Protection\Smc.exe" = C:\Programme\Symantec\Symantec Endpoint Protection\Smc.exe:*:Enabled:SMC Service -- (Symantec Corporation)
"C:\Programme\Symantec\Symantec Endpoint Protection\SNAC.EXE" = C:\Programme\Symantec\Symantec Endpoint Protection\SNAC.EXE:*:Enabled:SNAC Service -- (Symantec Corporation)
"C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" = C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe:*:Enabled:Symantec Email -- (Symantec Corporation)
"C:\Programme\TeamViewer\Version7\TeamViewer.exe" = C:\Programme\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04EB530D-EFBE-4624-BC83-611E557B9F03}" = STM TPM Driver 1.0.4.15 - 32 bits
"{118C9AEE-A282-445C-8B56-A6B50795B8A6}" = Powerarchiver
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad-Dienstprogramm 'EasyEject'
"{15A3C0D8-3D81-4CF6-8797-E27BDE5F8573}" = ZENworks Uninstaller
"{1717FEDC-6D5A-44B7-AB98-814834F0E695}" = ZENworks Agent Bundle Management
"{176E8FD2-5BE4-47f5-A7FB-379428C0C027}" = ZENworks Patch Management Agent
"{17C573A8-D916-4166-81A6-7C5C608919CA}" = ZENworks Agent Authentication Satellite Module
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility
"{1BE23A18-1B51-4F59-8326-33CA5F1294F4}" = ZENworks Primary Agent
"{1CA2B9F5-835B-46C2-8961-D52C96C613B7}" = ZENworks Imaging Server
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20F7117E-1B6F-4EEC-8F47-FB7A142FAC12}" = ZENworks Desktop Management Agent
"{21EFE22F-B9A5-4842-9EB6-0D37442F6B9E}" = assetmanagementmodule-langs
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{2BF03149-7323-4347-A72E-A48642C248A4}" = SMC Vorlagen für Office 2003
"{2CB10E96-23CD-4AE2-A7C4-9CF75463C174}" = ZENworks Information Icon
"{2FE4A854-6739-45B9-AF0B-270AA25215F4}" = ZENworks Agent System Update Module
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{364DA896-84B4-4887-95AA-5A2953234217}" = windows-desktop-langs
"{3C189690-43B8-4E98-A2E4-3908A8F691D0}" = PDF Konverter
"{3C1AE512-3C37-44FA-BA42-ABB721EC5B1D}" = Symantec Endpoint Protection
"{3C6849B6-1953-4DAF-9A8B-783FB72F3CBB}" = Novell CASA Authentication Token Client
"{44D66AD9-AE19-4AFD-BE7E-A1B44C856697}" = MSXML4.0 redistributable
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{4CD57A44-0FE0-44B5-AC1A-BDE5490FEA6F}" = status-collection-point-langs
"{4DF669B8-5B56-4174-AFDE-BE7DA0662850}" = primary-agent-langs
"{4E7344D7-84E3-4FB6-967F-DD4624D7EA9C}" = ZFD Mini Inventory
"{5248DF85-F55D-4F84-A08F-3B323DB036B8}" = ThinkVantage Fingerprint Software
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53675532-C165-4916-BD97-59CE0DCF5D09}" = ConText
"{55A976DD-9D1A-4B70-B36B-459D7EE3D380}" = Steria ConfigMgr Local Policy
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5FCDC863-72E2-4C1A-86B2-593018307B1C}" = zencore-agent-langs
"{6034D614-E53F-46F2-B0BC-280222D569C2}" = CASA
"{63C63A5D-44C8-4734-85D6-72D8332721E4}" = Mummert Zertifikate
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65706020-7B6F-41F2-8047-FC69579E386A}" = Präsentationsdirektor
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142050}" = Java 2 Runtime Environment, SE v1.4.2_05
"{721ABC3B-5F12-4332-9C0C-C11424EF666C}" = WIMGAPI
"{72E37E13-0FB8-4644-A8E8-F2900B9C7B67}" = See & Share
"{79EE919C-7A93-4868-8B42-EF8F9B14FFFC}" = ZENworks Status Collection Point
"{7EB114D8-207F-45AE-BABD-1669715F2630}" = ThinkVantage Access Connections
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87467DDA-0189-4730-A3A6-079429D1657B}" = ZENworks Agent WinProxy Module
"{88C6A6D9-324C-46E8-BA87-563D14021442}_is1" = ThinkVantage Communications Utility
"{89FB3889-47EE-4CDA-A2DC-565C1D6CEE6C}" = QlikView x86
"{8E770F99-CF23-4BF9-BF4E-E3A2924FEB27}" = Microsoft redistributable runtime DLLs VS2005 SP1(x86)
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90F80407-6000-11D3-8CFE-0150048383C9}" = Tool zum Entfernen verborgener Daten
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{925E8226-FBED-43FD-BC8C-41207B999AF0}" = ZENworks Extensions Libraries
"{93699C3E-005E-4294-87CA-F5B7DE2CD687}" = SnagIt 8
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951F94FD-DDBB-4A15-B8E7-1560D3D28900}" = actions-langs
"{986F64DC-FF15-449D-998F-EE3BCEC6666A}" = Help Center
"{98AA657D-9790-4454-9DB2-E8ED0EF8C571}" = Configuration Manager Client
"{98E8A2EF-4EAE-43B8-A172-74842B764777}" = InterVideo WinDVD
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B427732-573E-4E78-B6FA-AC3E5A218BA2}" = NMAS Client
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E7260AC-22D9-4622-AA26-7CD6011D9DA4}" = SAP Mobile Infrastructure
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Energie-Manager
"{A0F74D9F-ECC1-48BB-8105-6FD5B70DD55B}" = ZENworks Agent Asset Management Module
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6D5C59E-F97B-4665-B811-DC93635E05B0}" = ZENworks Action Utilities
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{AD98F2ED-D92A-43AA-9F28-0466928AA13C}" = content-distribution-point-langs
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF2E0395-7695-41E8-AC23-D58C328126F7}" = zennotifyicon-langs
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Display Control Panel
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9A5A789-D491-49FB-958C-BFEC2C11BB1D}" = NMAS Challenge Response Method
"{BC9FD7FB-5929-47F7-9B24-D9237B14F26E}" = ZENworks Version Information
"{BE0B37FE-EF39-4B9C-A329-904616EE633C}" = ZENworks Action Handlers
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C6D4B05A-EA7E-1027-80EF-C925E740E99C}" = Intel(R) Identity Protection Technology 1.0.74.0
"{C8FE6530-2E39-4563-A7D8-183C7FA2B76A}" = ZENworks Agent Inventory Management
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB5EDF53-10D0-44F1-A25D-C7BB352AF1B8}" = Novell BorderManager 3.8.15 VPN Client
"{CBA13F11-D29E-48CC-9EBC-F122567F9119}" = Action Handler Resources
"{CD124C12-BEFD-4DBA-A915-A2F995F56B13}" = Policy Action Handler Resources
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF5737AF-8550-4546-A69B-0EA9EF5A9B55}" = ThinkVantage Productivity Center
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D4CAD0A4-A14D-4F70-A8CB-475776C76CF8}" = inventory-langs
"{D6C9AF27-9414-46C8-B9D8-D878BA041031}" = Nero 8
"{D6EA1689-AA4C-4CF6-862C-87D9877F3651}" = ZENworks Content Distribution Point
"{D728E945-256D-4477-B377-6BBA693714AC}" = Ergänzung zu Productivity Center für ThinkPad
"{D9CFF2FF-620F-4842-A075-8A0769816FA4}" = Novell ZENworks Adaptive Agent Help
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E7E836B8-4BDD-454F-82E6-5FEA17C83AD4}" = Message Center
"{E8542277-8C9D-4CC9-8D92-7C126EE7110E}" = bundle-langs
"{E855E69B-79FA-499D-866B-16B082D6D83A}" = Lotus Notes 8.0.2 de
"{EA9640BE-414E-4195-B53B-7905BF1A5A09}" = Mobile Broadband Drivers
"{EC482C6E-8F7F-4187-BB4C-841E1B64022B}" = ZENworks Actions
"{EE1B5DDC-BE68-4F19-BEEE-7FFD4DD43BFD}" = ZENworks Agent Core Modules
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F02DBC5D-33E3-45E9-B0F8-B7745229ED1C}" = NICI (Shared) U.S./Worldwide (128 bit) (2.7.4-1)
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F48BE301-EC78-4686-B580-EE4934558798}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{F594EA1A-5603-4B82-B624-BE1F807BC8E1}" = WinProxy-langs
"{F5F97313-4454-4B49-A602-285447A55B86}" = Intel(R) PROSet/Wireless WiFi-Software
"{F6B2EDDE-108F-463B-B788-42329FE00D9E}" = Microsoft Redistributable Files (x86)
"{FB6C607F-B865-42A2-B14B-14E207F2EA90}" = QvPluginSetup
"{FB83EAC4-E3F6-4666-B45B-44522F2344B6}" = Brother MFL-Pro Suite DCP-J315W
"{FE041B02-234C-4AAA-9511-80DF6482A458}" = RICOH_Media_Driver_v2.13.18.02
"{FEAD3C72-1A18-4BAB-94FB-E508C31B2E79}" = auth-satellite-server-langs
"{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}" = User Profile Hive Cleanup Service
"ActiveTouchMeetingClient" = Cisco WebEx Meetings
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CNXT_AUDIO_HDA" = Conexant 20672 SmartAudio HD
"Connected" = Connected DataProtector
"GridinSoft Trojan Killer" = Trojan Killer
"ie8" = Windows Internet Explorer 8
"InstallShield_{9E7260AC-22D9-4622-AA26-7CD6011D9DA4}" = SAP Mobile Infrastructure
"LENOVO.SMIIF" = Lenovo System Interface Driver
"LenovoAutoScrollUtility" = Lenovo Auto Scroll Utility
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Forefront UAG endpoint components 3.1.0" = Microsoft Forefront UAG endpoint components v4.0.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NICI U.S./Worldwide (128 bit)" = NICI U.S./Worldwide 1.7.0 (128 bit)
"Novell Client for Windows" = Novell Client für Windows
"OnScreenDisplay" = On Screen Display
"Power Management Driver" = ThinkPad Power Management Driver
"PPTView97" = Microsoft PowerPoint Viewer 97
"ProInst" = Intel PROSet Wireless
"RDC" = RDC
"SAP_ALD80" = Adobe LiveCycle Designer 8.0
"SAP_WUS" = SAPSetup Automatic Workstation Update Service
"SAPBI" = SAP Business Explorer
"SAPGUI710" = SAP GUI 7.10
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"TeamViewer 7" = TeamViewer 7
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"TreeSize Professional_is1" = TreeSize Professional 4.3
"VLC media player" = VLC media player 1.1.11
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZENworks" = Novell ZENworks
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 22.03.2012 05:11:45 | Computer Name = MC00019325 | Source = MSSHA | ID = 1008
Description = Ein Offlinescanvorgang konnte vom Windows-Sicherheitsintegritäts-Agent
nicht abgeschlossen werden. Fehlercode: 80070422.
Error - 22.03.2012 06:11:45 | Computer Name = MC00019325 | Source = MSSHA | ID = 1008
Description = Ein Offlinescanvorgang konnte vom Windows-Sicherheitsintegritäts-Agent
nicht abgeschlossen werden. Fehlercode: 80070422.
Error - 22.03.2012 07:11:46 | Computer Name = MC00019325 | Source = MSSHA | ID = 1008
Description = Ein Offlinescanvorgang konnte vom Windows-Sicherheitsintegritäts-Agent
nicht abgeschlossen werden. Fehlercode: 80070422.
Error - 22.03.2012 08:11:47 | Computer Name = MC00019325 | Source = MSSHA | ID = 1008
Description = Ein Offlinescanvorgang konnte vom Windows-Sicherheitsintegritäts-Agent
nicht abgeschlossen werden. Fehlercode: 80070422.
Error - 22.03.2012 09:11:47 | Computer Name = MC00019325 | Source = MSSHA | ID = 1008
Description = Ein Offlinescanvorgang konnte vom Windows-Sicherheitsintegritäts-Agent
nicht abgeschlossen werden. Fehlercode: 80070422.
Error - 22.03.2012 15:08:07 | Computer Name = MC00019325 | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 23.03.2012 02:33:26 | Computer Name = MC00019325 | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 23.03.2012 05:22:01 | Computer Name = MC00019325 | Source = PerfNet | ID = 2005
Description = Die Leistungsinformationen vom Serverdienst konnten nicht gelesen
werden. Es werden keine Server-Leistungsinformationen zurückgegeben. Der zurückgegebene
Fehlercode befindet sich in DWORD 0, der IOSB.Status ist DWORD 1 und die IOSB.Information
ist DWORD 2.
Error - 23.03.2012 05:22:01 | Computer Name = MC00019325 | Source = PerfNet | ID = 2006
Description = Die Server Queue-Leistungsinformationen konnten nicht gelesen werden.
Es
werden keine Server-Leistungsinformationen zurückgegeben. Der zurückgegebene Fehlercode
ist DWORD 0, der IOSB.Status ist DWORD 1 und die IOSB.Information ist DWORD 2.
Error - 23.03.2012 05:23:37 | Computer Name = MC00019325 | Source = MSSHA | ID = 1008
Description = Ein Offlinescanvorgang konnte vom Windows-Sicherheitsintegritäts-Agent
nicht abgeschlossen werden. Fehlercode: 80070422.
[ Lumension Events ]
Error - 15.03.2012 14:11:37 | Computer Name = MC00019325 | Source = ZENworks Patch Management Detection Agent | ID = 2
Description = Error occurred posting detection to PLUS (full diff) - error code
= -2 error msg = ''
Error - 15.03.2012 14:12:37 | Computer Name = MC00019325 | Source = ZENworks Patch Management Detection Agent | ID = 2
Description = Error occurred posting fingerprints results to PLUS - error code
= -2
Error - 15.03.2012 14:13:37 | Computer Name = MC00019325 | Source = ZENworks Patch Management Detection Agent | ID = 2
Description = Error occurred posting detection to PLUS (full diff) - error code
= -2 error msg = ''
Error - 15.03.2012 14:14:37 | Computer Name = MC00019325 | Source = ZENworks Patch Management Detection Agent | ID = 2
Description = Error occurred posting fingerprints results to PLUS - error code
= -2
Error - 15.03.2012 14:15:37 | Computer Name = MC00019325 | Source = ZENworks Patch Management Detection Agent | ID = 2
Description = Error occurred posting detection to PLUS (full diff) - error code
= -2 error msg = ''
Error - 15.03.2012 14:16:37 | Computer Name = MC00019325 | Source = ZENworks Patch Management Detection Agent | ID = 2
Description = Error occurred posting fingerprints results to PLUS - error code
= -2
Error - 17.03.2012 05:06:54 | Computer Name = MC00019325 | Source = ZENworks Patch Management Detection Agent | ID = 2
Description = Error occurred posting detection to PLUS (incremental diff) -
error code = -30 error msg = 'Error: Invalid CheckSum'
Error - 19.03.2012 05:07:56 | Computer Name = MC00019325 | Source = ZENworks Patch Management Detection Agent | ID = 2
Description = Error occurred posting detection to PLUS (incremental diff) -
error code = -30 error msg = 'Error: Invalid CheckSum'
Error - 24.03.2012 07:20:40 | Computer Name = MC00019325 | Source = ZENworks Patch Management Detection Agent | ID = 2
Description = Error occurred posting detection to PLUS (incremental diff) -
error code = -30 error msg = 'Error: Invalid CheckSum'
Error - 25.03.2012 09:25:55 | Computer Name = MC00019325 | Source = ZENworks Patch Management Detection Agent | ID = 2
Description = Error occurred posting detection to PLUS (incremental diff) -
error code = -30 error msg = 'Error: Invalid CheckSum'
[ PatchLink Events ]
Error - 03.01.2012 11:33:29 | Computer Name = MC00019325 | Source = ZENworks Patch Management Detection Agent | ID = 2
Description = Error occurred posting detection to PLUS (incremental diff) -
error code = -30 error msg = 'Error: Invalid CheckSum'
Error - 04.01.2012 10:26:29 | Computer Name = MC00019325 | Source = ZENworks Patch Management Detection Agent | ID = 2
Description = Error occurred posting detection to PLUS (incremental diff) -
error code = -30 error msg = 'Error: Invalid CheckSum'
Error - 06.01.2012 04:45:50 | Computer Name = MC00019325 | Source = ZENworks Patch Management Detection Agent | ID = 2
Description = Error occurred posting detection to PLUS (incremental diff) -
error code = -30 error msg = 'Error: Invalid CheckSum'
Error - 08.01.2012 03:15:00 | Computer Name = MC00019325 | Source = ZENworks Patch Management Detection Agent | ID = 2
Description = Error occurred posting detection to PLUS (incremental diff) -
error code = -30 error msg = 'Error: Invalid CheckSum'
[ System Events ]
Error - 15.03.2012 14:25:15 | Computer Name = MC00019325 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IBMTPCHK" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error - 15.03.2012 14:25:15 | Computer Name = MC00019325 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IBMTPCHK" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error - 15.03.2012 14:25:46 | Computer Name = MC00019325 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IBMTPCHK" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error - 15.03.2012 14:25:48 | Computer Name = MC00019325 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IBMTPCHK" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
Error - 15.03.2012 14:56:37 | Computer Name = MC00019325 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "wuauserv"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 15.03.2012 14:56:37 | Computer Name = MC00019325 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "wuauserv"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 15.03.2012 14:58:03 | Computer Name = MC00019325 | Source = NapAgent | ID = 30
Description = Der System-Integritäts-Agent 79745 hat den Fehlercode FailureCategory
Other zurückgeliefert.
Error - 15.03.2012 15:56:37 | Computer Name = MC00019325 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "wuauserv"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 15.03.2012 15:56:37 | Computer Name = MC00019325 | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "wuauserv"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error - 16.03.2012 01:37:57 | Computer Name = MC00019325 | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IBMTPCHK" wurde aufgrund folgenden Fehlers nicht gestartet:
%%31
< End of report > --- --- ---
[/CODE] |