Trojaner-Board - TR/Dropper.gen5 durch avira gefunden und gelöscht. ist mein rechner jetzt sauber

guten morgen cosinus
vielen dank für die schnelle hilfestellung. ich hoffe, dass ich alles verstanden habe.

otl hat nach dem scan ein editorfenster geöffnet und das logfile abgebildet. das habe ich kopiert und hier eingefügt. richtig?

schöne grüße

OTL Logfile:
OTL EXTRAS Logfile:

Code:

OTL logfile created on: 08.05.2013 09:09:16 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Sabine\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 0,73 Gb Available Physical Memory | 36,50% Memory free

3,85 Gb Paging File | 2,49 Gb Available in Paging File | 64,66% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 48,83 Gb Total Space | 7,76 Gb Free Space | 15,88% Space Free | Partition Type: NTFS

Drive E: | 208,98 Gb Total Space | 166,07 Gb Free Space | 79,47% Space Free | Partition Type: NTFS

Drive F: | 207,94 Gb Total Space | 170,64 Gb Free Space | 82,06% Space Free | Partition Type: NTFS

 

Computer Name: DAMMTOR2 | User Name: Sabine | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Dokumente und Einstellungen\Sabine\desktop\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Google\Update\1.3.21.145\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Programme\Quark\QuarkXPress Passport\QuarkXPress Passport.exe (Quark, Inc.)

PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)

PRC - C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

PRC - C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)

PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)

PRC - C:\Programme\AVG Secure Search\vprot.exe ()

PRC - C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe ()

PRC - C:\Programme\Ask.com\Updater\Updater.exe (Ask)

PRC - C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

PRC - C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe ()

PRC - C:\Programme\Advanced System Protector\AdvancedSystemProtector.exe (Systweak)

PRC - C:\Programme\Wajam\Updater\WajamUpdater.exe (Wajam)

PRC - C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)

PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)

PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)

PRC - C:\Programme\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)

PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)

PRC - C:\Programme\pdf24\pdf24.exe (Geek Software GmbH)

PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)

PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)

PRC - C:\Programme\Carambis\Driver Updater\dupdater.exe (Media Fog Ltd.)

PRC - C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)

PRC - C:\WINDOWS\system32\Crypserv.exe (CrypKey (Canada) Ltd.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\SSC Service Utility\ssc_serv.exe (SSC Localization Group)

PRC - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)

PRC - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG)

PRC - C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe (Nero AG)

PRC - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe (NVIDIA Corporation)

PRC - C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (NVIDIA Corporation)

PRC - C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe (Apache Software Foundation)

PRC - C:\Programme\UltimateZip 2007\uzqkst.exe (SWE von Schleusen)

PRC - C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)

PRC - C:\WINDOWS\system32\SAgent4.exe (SEIKO EPSON CORPORATION)

PRC - C:\WINDOWS\system32\E_S00RP2.EXE (SEIKO EPSON CORPORATION)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()

MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()

MOD - C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll ()

MOD - C:\Programme\AVG Secure Search\vprot.exe ()

MOD - C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1dad08772eb89d48a8a0cfe9b0467eb0\System.Web.Services.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\12903c3843fe923d1977801ffa3cf26c\System.Transactions.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\df1efcbac5973454c608890f72eb994d\System.Deployment.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\5b3d048d8c003d743ea5e72caf07773a\Microsoft.VisualBasic.ni.dll ()

MOD - C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\36f3953f24d4f0b767bf172331ad6f3e\System.Xml.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\9a254c455892c02355ab0ab0f0727c5b\System.Windows.Forms.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\6978f2e90f13bc720d57fa6895c911e2\System.Drawing.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\0b40341027c01716cec1dd97592698e0\System.Data.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aa7926460a336408c8041330ad90929d\System.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\9adb89fa22fd5b4ce433b5aca7fb1b07\mscorlib.ni.dll ()

MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll ()

MOD - C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()

MOD - C:\Programme\Advanced System Protector\aspsys.dll ()

MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\Programme\Advanced System Protector\System.Data.SQLite.dll ()

MOD - C:\Programme\WinRAR\RarExt.dll ()

MOD - C:\Programme\Alwil Software\Avast5\defs\10022401\algo.dll ()

MOD - C:\Programme\Carambis\Driver Updater\duManager.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxCmp.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxCommon.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxBase.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxXML2.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxIm.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxProc.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxFF.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\MEshim.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\areaifdll.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\ESSkin.esx ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\LocVistaControls.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\ESEmail.esx ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\ESCom.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\KFx.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\Atlas.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\AppCore.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\VistaControls.esx ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\Pcd.esx ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\LocESEmail.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\LocVistaCDBackup.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\kpries40.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\LocVistaPrintOnLine.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\keml40.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\DibLibIP.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\LocCamBack.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\LocVistaAdapter.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\bin\locPcd.dll ()

MOD - C:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Deployment.resources.dll ()

MOD - C:\WINDOWS\system32\nview.dll ()

MOD - C:\WINDOWS\system32\nvshell.dll ()

MOD - C:\WINDOWS\system32\msdmo.dll ()

MOD - C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libeay32.dll ()

MOD - C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\ssleay32.dll ()

MOD - C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\AddIn\VistaPCD.cyx ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\AddIn\VPCD.dll ()

MOD - C:\Programme\Kodak\Kodak EasyShare software\AddIn\LocVistaPCD.dll ()

MOD - C:\Programme\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll ()

MOD - C:\Programme\Microsoft Office\Office12\ADDINS\ColleagueImport.dll ()

MOD - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSPTLS.DLL ()

MOD - C:\Programme\UltimateZip 2007\uzshldr.dll ()

MOD - C:\Programme\UltimateZip 2007\uzshlex.dll ()

MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()

MOD - C:\Programme\Quark\QuarkXPress Passport\omniORB271_rt.dll ()

MOD - C:\Programme\Quark\QuarkXPress Passport\omnithread2_rt.dll ()

 

 
 ========== Services (SafeList) ==========

 

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found

SRV - (aswUpdSv) -- C:\Programme\Alwil Software\Avast4\aswUpdSv.exe File not found

SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)

SRV - (Application Updater) -- C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)

SRV - (vToolbarUpdater14.2.0) -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe ()

SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)

SRV - (SearchAnonymizer) -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\OCS\SM\SearchAnonymizerHelper.exe ()

SRV - (WajamUpdater) -- C:\Programme\Wajam\Updater\WajamUpdater.exe (Wajam)

SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (avast! Web Scanner) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)

SRV - (avast! Mail Scanner) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)

SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)

SRV - (Crypkey License) -- C:\WINDOWS\System32\Crypserv.exe (CrypKey (Canada) Ltd.)

SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG)

SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe (NVIDIA Corporation)

SRV - (nSvcLog) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe (NVIDIA Corporation)

SRV - (ForcewareWebInterface) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe (Apache Software Foundation)

SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)

SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (StatusAgent4) -- C:\WINDOWS\system32\SAgent4.exe (SEIKO EPSON CORPORATION)

SRV - (EPSON_PM_RPCV2_02) -- C:\WINDOWS\system32\E_S00RP2.EXE (SEIKO EPSON CORPORATION)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (WDICA) --  File not found

DRV - (PDRFRAME) --  File not found

DRV - (PDRELI) --  File not found

DRV - (PDFRAME) --  File not found

DRV - (PDCOMP) --  File not found

DRV - (PCIDump) --  File not found

DRV - (lbrtfdc) --  File not found

DRV - (i2omgmt) --  File not found

DRV - (Changer) --  File not found

DRV - (avgtp) -- C:\WINDOWS\system32\drivers\avgtpx86.sys (AVG Technologies)

DRV - (giveio) -- C:\WINDOWS\system32\giveio.sys ()

DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (ALWIL Software)

DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (ALWIL Software)

DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (ALWIL Software)

DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (ALWIL Software)

DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (ALWIL Software)

DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (ALWIL Software)

DRV - (NetworkX) -- C:\WINDOWS\system32\Ckldrv.sys ()

DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)

DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)

DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)

DRV - (nvata) -- C:\WINDOWS\system32\drivers\nvata.sys (NVIDIA Corporation)

DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)

DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()

DRV - (MR97310_USB_DUAL_CAMERA) -- C:\WINDOWS\system32\drivers\mr97310c.sys (Mars Semiconductor Corp.)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.glarysoft.com/?src=iehome

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000&st=18&barid={2F2F2864-3A2E-11E2-A226-002215B583A5}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 

IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch

IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010006.10031&barid={2F2F2864-3A2E-11E2-A226-002215B583A5}

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://isearch.glarysoft.com/?src=iehome

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =  [binary data]

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1124670

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\URLSearchHook: {94817c02-feac-4aa8-99d8-1cb47bf4d4c0} - SOFTWARE\Classes\CLSID\{94817c02-feac-4aa8-99d8-1cb47bf4d4c0}\InprocServer32 File not found

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\7.0\pdfforgeToolbarIE.dll (Spigot, Inc.)

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E6C6976652E636F6D2F726573756C74732E617370783F713D7B7365617263685465726D737D267372633D7B72656665727265723A736F757263653F7D&st={searchTerms}&clid=46e1322e-c60c-454f-a851-642a56ac0c80&pid=freewarede&k=0

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=110824&tt=4812_4&babsrc=SP_ss&mntrId=7c014ff2000000000000002215b583a5

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=8A0572BF-A330-43EC-A643-048A7D2BEA9B&apn_sauid=1CA1E6AE-CB19-44DA-BC23-F0C3AF6BCD0F

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{265EBA9A-C130-4BAA-8F6F-014B60FBF00E}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=46e1322e-c60c-454f-a851-642a56ac0c80&pid=freewarede&mode=bounce&k=0

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{382A92C5-E530-43A9-A2B1-53716E6D528F}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=46e1322e-c60c-454f-a851-642a56ac0c80&pid=freewarede&mode=bounce&k=0

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{77B5D489-AA1E-46F3-B829-0894F603CA57}: "URL" = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F66723D6368722D677265656E747265655F69652665693D7574662D3826696C633D313226747970653D33303233393826703D7B7365617263685465726D737D&st={searchTerms}&clid=46e1322e-c60c-454f-a851-642a56ac0c80&pid=freewarede&k=0

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{87FBA927-1747-4E71-AE54-38B1ED6A01CE}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=46e1322e-c60c-454f-a851-642a56ac0c80&pid=freewarede&mode=bounce&k=0

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{8D93257B-F430-4DB9-982D-75B8B551F11C}: "URL" = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26736F7572636569643D69653726726C7A3D314937475045415F6465&st={searchTerms}&clid=46e1322e-c60c-454f-a851-642a56ac0c80&pid=freewarede&k=0

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={AA384C21-9598-4660-8A86-4489A9C18F8E}&mid=ca4ed0c46f6347d081a4d16b53516a56-1ba8503b40a12040e468f2c009d81b92ea721e6d&lang=de&ds=wa012&pr=sa&d=2012-11-28 14:36:52&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1124670

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{B54CFBAD-DB0B-474B-8CE8-EC1A517E947C}: "URL" = hxxp://ecosia.org.anonymize-me.de/?anonymto=687474703A2F2F65636F7369612E6F72672F7365617263682E7068703F713D7B7365617263685465726D737D266164646F6E3D6F70656E736561726368&st={searchTerms}&clid=46e1322e-c60c-454f-a851-642a56ac0c80&pid=freewarede&k=0

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{B88F97D3-11C3-47EF-8A88-6F354CE70E95}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=46e1322e-c60c-454f-a851-642a56ac0c80&pid=freewarede&mode=bounce&k=0

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = hxxp://isearch.glarysoft.com/?q={searchTerms}&src=iesearch

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{C7F8243B-4CA7-49F4-BB4C-54EBD0C5C249}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=46e1322e-c60c-454f-a851-642a56ac0c80&pid=freewarede&mode=bounce&k=0

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com.anonymize-me.de/?anonymto=687474703A2F2F6D7973746172742E696E63726564696261722E636F6D2F6D623131392F3F7365617263683D7B7365617263685465726D737D266C6F633D49425F445326613D3650516D53437831674926693D3236&st={searchTerms}&clid=46e1322e-c60c-454f-a851-642a56ac0c80&pid=freewarede&k=0

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{D9183F89-762A-4DE8-B258-835DF5804C4F}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=46e1322e-c60c-454f-a851-642a56ac0c80&pid=freewarede&mode=bounce&k=0

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010006.10031&barid={2F2F2864-3A2E-11E2-A226-002215B583A5}

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-484763869-838170752-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>;*.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "Ask.com"

FF - prefs.js..extensions.enabledAddons: %7BEEE6C361-6118-11DC-9C72-001320C79847%7D:1.9.0.0

FF - prefs.js..extensions.enabledAddons: pdfforge%40mybrowserbar.com:7.0

FF - prefs.js..extensions.enabledAddons: firejump%40firejump.net:1.0.2.5

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Programme\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010.12.17 15:33:10 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.12.20 14:59:15 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search\FireFoxExt\14.2.0.1 [2013.02.18 23:34:19 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.04.14 18:40:19 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.04.14 18:40:12 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010.12.17 15:33:10 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firejump@firejump.net: C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\extensions\firejump@firejump.net [2012.11.28 15:36:16 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\extension@preispilot.com: C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\extensions\extension@preispilot.com

 

[2012.01.30 13:00:52 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Extensions

[2013.04.25 07:10:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\extensions

[2013.02.14 09:22:07 | 000,000,000 | ---D | M] (Spesoft Community Toolbar) -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\extensions\{94817c02-feac-4aa8-99d8-1cb47bf4d4c0}

[2012.01.30 13:00:50 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}

[2012.02.22 13:53:22 | 000,000,000 | ---D | M] (Softonic Toolbar) -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\extensions\ffxtlbra@softonic.com

[2012.11.28 15:36:16 | 000,000,000 | ---D | M] (FireJump) -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\extensions\firejump@firejump.net

[2013.03.12 10:00:46 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\extensions\toolbar@ask.com

[2012.11.29 09:59:06 | 000,111,107 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\extensions\extension@preispilot.com.xpi

[2013.02.27 18:43:06 | 000,817,280 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2013.01.07 09:00:06 | 000,190,000 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

[2013.03.12 10:00:46 | 000,002,308 | ---- | M] () -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\searchplugins\askcom.xml

[2012.11.28 15:36:02 | 000,002,745 | ---- | M] () -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\searchplugins\browsemngr.xml

[2012.01.30 12:58:18 | 000,002,203 | ---- | M] () -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\searchplugins\MyStart Search.xml

[2012.01.30 13:00:46 | 000,002,519 | ---- | M] () -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\searchplugins\Search_Results.xml

[2012.11.28 15:36:02 | 000,001,675 | ---- | M] () -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\searchplugins\softonic.xml

[2012.11.29 16:08:53 | 000,003,998 | ---- | M] () -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\searchplugins\sweetim.xml

[2012.11.28 15:36:02 | 000,002,188 | ---- | M] () -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\searchplugins\{2E3635DB-0AAE-4AA0-AF73-BF691D1E7C53}.xml

[2012.11.28 15:36:02 | 000,001,870 | ---- | M] () -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\searchplugins\{9219D445-284D-4B48-B558-B1B2FA504057}.xml

[2012.11.28 15:36:02 | 000,002,077 | ---- | M] () -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Mozilla\Firefox\Profiles\ib66viuk.default\searchplugins\{EEC9D11B-334F-4739-A80E-434010CB8B91}.xml

[2013.04.14 18:40:10 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2013.04.15 05:53:34 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAMME\PDFFORGE TOOLBAR\FF

[2013.04.14 18:40:19 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2013.01.11 10:33:30 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2013.02.18 23:34:21 | 000,003,716 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml

[2012.11.28 23:55:37 | 000,002,349 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml

[2013.01.11 10:33:30 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2013.01.11 10:33:30 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2012.11.28 14:04:34 | 000,001,567 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\glarysearch.xml

[2013.01.11 10:33:30 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.01.30 13:00:46 | 000,002,519 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml

[2013.01.11 10:33:30 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2013.01.11 10:33:30 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Ask (Enabled)

CHR - default_search_provider: search_url = hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=8A0572BF-A330-43EC-A643-048A7D2BEA9B&apn_ptnrs=U3&apn_sauid=1CA1E6AE-CB19-44DA-BC23-F0C3AF6BCD0F&apn_dtid=OSJ000YYDE&q={searchTerms}

CHR - default_search_provider: suggest_url = hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\26.0.1410.64\pdf.dll

CHR - plugin: SweetIM GC Helper (Enabled) = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.0.0.1_0\mgHelperGC.dll

CHR - plugin: Wajam (Enabled) = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll

CHR - plugin: SweetIM GC Helper (Enabled) = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.1.0.1_0\mgHelperGCFB.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Programme\Mozilla Firefox\plugins\nppl3260.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprjplug.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll

CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Updater (Enabled) = C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

CHR - Extension: Ask Toolbar = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.15.37265_0\

CHR - Extension: SweetIM for Facebook = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\

CHR - Extension: Wajam = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\

CHR - Extension: AVG Security Toolbar = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0\

CHR - Extension: SweetPacks Chrome Extension = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\

CHR - Extension: Ask Toolbar = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.15.37265_0\

CHR - Extension: SweetIM for Facebook = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.3_0\

CHR - Extension: Wajam = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\

CHR - Extension: AVG Security Toolbar = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0\

CHR - Extension: SweetPacks Chrome Extension = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0\

 

O1 HOSTS File: ([2001.08.18 15:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll File not found

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Programme\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll (Montera Technologeis LTD)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Spesoft Toolbar) - {94817c02-feac-4aa8-99d8-1cb47bf4d4c0} - C:\Programme\Spesoft\prxtbSpes.dll File not found

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()

O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()

O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)

O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Programme\Wajam\IE\priam_bho.dll (Wajam)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)

O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\7.0\pdfforgeToolbarIE.dll (Spigot, Inc.)

O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)

O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Spesoft Toolbar) - {94817c02-feac-4aa8-99d8-1cb47bf4d4c0} - C:\Programme\Spesoft\prxtbSpes.dll File not found

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()

O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.8.3.8\BabylonToolbarTlbr.dll File not found

O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()

O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\7.0\pdfforgeToolbarIE.dll (Spigot, Inc.)

O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)

O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Programme\Incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll (Montera Technologeis LTD)

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.

O3 - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.

O3 - HKU\S-1-5-21-484763869-838170752-725345543-1003\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Advanced System Protector_startup] C:\Programme\Advanced System Protector\AdvancedSystemProtector.exe (Systweak)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)

O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)

O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)

O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)

O4 - HKLM..\Run: [EPSON Stylus C86 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0R2.EXE (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found

O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe (Nero AG)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [Ocs_SM] C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\OCS\SM\SearchAnonymizer.exe (OCS)

O4 - HKLM..\Run: [PDFPrint] C:\Programme\pdf24\pdf24.exe (Geek Software GmbH)

O4 - HKLM..\Run: [SearchSettings] C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)

O4 - HKLM..\Run: [SSC Service Utility] C:\Programme\SSC Service Utility\ssc_serv.exe (SSC Localization Group)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)

O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)

O4 - HKLM..\Run: [TkBellExe] C:\Programme\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [vProt] C:\Programme\AVG Secure Search\vprot.exe ()

O4 - HKU\S-1-5-21-484763869-838170752-725345543-1003..\Run: [Akamai NetSession Interface] "C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe" File not found

O4 - HKU\S-1-5-21-484763869-838170752-725345543-1003..\Run: [Aquzpal] C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Cisye\xyetv.exe ()

O4 - HKU\S-1-5-21-484763869-838170752-725345543-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Nero\Lib\NMBgMonitor.exe (Nero AG)

O4 - HKU\S-1-5-21-484763869-838170752-725345543-1003..\Run: [Driver Updater] C:\Programme\Carambis\Driver Updater\dupdater.exe (Media Fog Ltd.)

O4 - HKU\S-1-5-21-484763869-838170752-725345543-1003..\Run: [DriverTurbo] C:\Programme\DriverTurbo\DriverTurbo.exe File not found

O4 - HKU\S-1-5-21-484763869-838170752-725345543-1003..\Run: [EPSON Stylus C86 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0R2.EXE (SEIKO EPSON CORPORATION)

O4 - HKU\S-1-5-21-484763869-838170752-725345543-1003..\Run: [IExplorer Util] C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\ie_util.exe ()

O4 - HKLM..\RunOnceEx: []  File not found

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Audible Download Manager.lnk =  File not found

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\EPSON Scanner Monitor.lnk = C:\WINDOWS\twain_32\EPEM\EPSONEM.EXE (SEIKO EPSON CORP.)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Kodak EasyShare Software.lnk = C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)

O4 - Startup: C:\Dokumente und Einstellungen\Sabine\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O4 - Startup: C:\Dokumente und Einstellungen\Sabine\Startmenü\Programme\Autostart\UltimateZip Quick Start.lnk = C:\Programme\UltimateZip 2007\uzqkst.exe (SWE von Schleusen)

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-484763869-838170752-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found

O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found

O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found

O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)

O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD659856-C28E-49DA-A7AA-FC4D6E62E1BB}: NameServer = 192.168.2.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (c:\dokume~1\alluse~1\anwend~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll) -  File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008.11.09 15:58:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{dd645a9a-ae68-11dd-a335-806d6172696f}\Shell - "" = AutoRun

O33 - MountPoints2\{dd645a9a-ae68-11dd-a335-806d6172696f}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{dd645a9a-ae68-11dd-a335-806d6172696f}\Shell\AutoRun\command - "" = D:\Bin\assetup.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.05.08 08:50:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sabine\Desktop\OTL.exe

[2013.05.07 19:12:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sabine\Desktop\Neuer Ordner

[2013.05.06 12:33:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Rylu

[2013.05.06 12:33:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Midaz

[2013.05.06 12:33:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Cisye

[2013.04.24 07:27:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\QuarkXPress Passport

[2013.04.24 07:27:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Color

[2013.04.14 18:40:10 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.05.08 09:15:00 | 000,000,228 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

[2013.05.08 08:58:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2013.05.08 08:50:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sabine\Desktop\OTL.exe

[2013.05.08 08:25:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013.05.08 06:26:01 | 000,470,232 | ---- | M] () -- C:\logfile

[2013.05.08 06:20:26 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-484763869-838170752-725345543-1003.job

[2013.05.08 06:20:21 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-484763869-838170752-725345543-1003.job

[2013.05.08 06:20:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2013.05.08 06:19:18 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2013.05.08 06:19:11 | 000,193,759 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2013.05.08 06:19:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013.05.07 19:42:52 | 000,000,000 | ---- | M] () -- C:\END

[2013.05.07 19:42:48 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\TempWmicBatchFile.bat

[2013.05.07 19:26:44 | 000,001,892 | ---- | M] () -- C:\Dokumente und Einstellungen\Sabine\Desktop\Entfernen des Avira DE-Cleaners.lnk

[2013.05.07 19:26:44 | 000,001,821 | ---- | M] () -- C:\Dokumente und Einstellungen\Sabine\Desktop\Avira DE-Cleaner.lnk

[2013.05.07 18:26:17 | 000,056,832 | ---- | M] () -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\ie_util.exe

[2013.05.07 14:31:00 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job

[2013.05.07 11:18:10 | 000,001,080 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG

[2013.05.07 11:14:44 | 000,000,020 | ---- | M] () -- C:\WINDOWS\hppsapp.INI

[2013.05.07 11:12:07 | 000,184,798 | ---- | M] () -- C:\WINDOWS\System32\AdobeFnt.lst

[2013.04.24 07:27:54 | 000,000,733 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuarkXPress 5.0.lnk

[2013.04.19 11:36:29 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2013.04.12 07:21:59 | 000,104,448 | R--- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\ESBK.mbb

[2013.04.12 07:21:59 | 000,082,944 | R--- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\ESBK.mb

[2013.04.09 11:25:13 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk

[2013.04.08 21:03:30 | 000,010,455 | ---- | M] () -- C:\Dokumente und Einstellungen\Sabine\99098886_elster_2048.pfx

[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013.05.07 19:26:44 | 000,001,892 | ---- | C] () -- C:\Dokumente und Einstellungen\Sabine\Desktop\Entfernen des Avira DE-Cleaners.lnk

[2013.05.07 19:26:44 | 000,001,821 | ---- | C] () -- C:\Dokumente und Einstellungen\Sabine\Desktop\Avira DE-Cleaner.lnk

[2013.05.06 12:39:50 | 000,056,832 | ---- | C] () -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\ie_util.exe

[2013.04.24 07:27:54 | 000,000,733 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuarkXPress 5.0.lnk

[2013.04.19 18:27:27 | 000,000,000 | ---- | C] () -- C:\END

[2013.04.09 11:25:13 | 000,002,299 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk

[2013.04.09 11:25:13 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk

[2013.04.08 21:03:16 | 000,010,455 | ---- | C] () -- C:\Dokumente und Einstellungen\Sabine\99098886_elster_2048.pfx

[2013.03.03 11:29:01 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2012.11.29 15:57:16 | 000,017,136 | ---- | C] () -- C:\WINDOWS\System32\sasnative32.exe

[2012.11.29 00:04:00 | 000,000,004 | ---- | C] () -- C:\WINDOWS\vx86036.dat

[2012.11.29 00:03:34 | 000,000,064 | ---- | C] () -- C:\WINDOWS\Crypkey.ini

[2012.11.29 00:03:31 | 000,027,648 | R--- | C] () -- C:\WINDOWS\Setup_ck.exe

[2012.11.29 00:03:31 | 000,019,584 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys

[2012.11.29 00:03:31 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll

[2012.11.29 00:03:31 | 000,011,776 | ---- | C] () -- C:\WINDOWS\Ckrfresh.exe

[2012.11.29 00:03:28 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\StellarProfile.dll

[2012.11.28 15:36:17 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\sqlite36_engine.dll

[2012.11.01 18:05:16 | 000,000,286 | ---- | C] () -- C:\WINDOWS\reimage.ini

[2012.06.16 09:41:19 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI

[2010.12.17 10:05:35 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\$_hpcst$.hpc

[2010.01.08 13:31:43 | 000,004,940 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mtbjfghn.xbe

[2008.12.31 11:42:22 | 007,652,285 | ---- | C] () -- C:\Dokumente und Einstellungen\Sabine\2009

[2008.12.10 06:55:44 | 000,001,759 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache

[2008.11.12 20:50:28 | 000,000,079 | ---- | C] () -- C:\Dokumente und Einstellungen\Sabine\default.pls

[2008.11.09 18:47:29 | 000,053,760 | ---- | C] () -- C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 
 ========== ZeroAccess Check ==========

 

[2008.11.09 18:08:02 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\System32\shdocvw.dll -- [2008.04.14 08:52:26 | 001,499,136 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2008.04.14 08:52:12 | 000,472,064 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 08:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both
 

< End of report >

--- --- ---

--- --- ---

hier noch die zweite otl-datei mit namen "extras.txt" - ich bin halt' neu in dem metier, sorry
sg milla2012

OTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 08.05.2013 09:09:16 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Sabine\Desktop

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 7.0.5730.13)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 0,73 Gb Available Physical Memory | 36,50% Memory free

3,85 Gb Paging File | 2,49 Gb Available in Paging File | 64,66% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 48,83 Gb Total Space | 7,76 Gb Free Space | 15,88% Space Free | Partition Type: NTFS

Drive E: | 208,98 Gb Total Space | 166,07 Gb Free Space | 79,47% Space Free | Partition Type: NTFS

Drive F: | 207,94 Gb Total Space | 170,64 Gb Free Space | 82,06% Space Free | Partition Type: NTFS

 

Computer Name: DAMMTOR2 | User Name: Sabine | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = ChromeHTML] -- C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

 

[HKEY_USERS\S-1-5-21-484763869-838170752-725345543-1003\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

http [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- C:\Programme\Advanced System Protector\filetypehelper.exe -scanunknown "%1" (Systweak)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"AntiVirusDisableNotify" = 1

"FirewallDisableNotify" = 1

"UpdatesDisableNotify" = 1

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002

"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpqste08.exe" = C:\Programme\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

"C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe" = C:\Programme\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation)

"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)

"C:\Programme\Microsoft Office\Office12\GROOVE.EXE" = C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)

"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)

"C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)

"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)

"C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hpqste08.exe" = C:\Programme\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)

"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)

"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)

"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)

"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)

"C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\Sabine\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)

"C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe" = C:\Dokumente und Einstellungen\Sabine\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface

"C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Programme\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker -- (Visicom Media Inc.)

"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)

"C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe" = C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager -- (SweetIM Technologies Ltd.)

"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)

"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour" -- (Apple Inc.)

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier

"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status

"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn

"{05E11ACD-08F9-4A49-8FF8-697144DDC3DE}" = Bonjour

"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC

"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg

"{0D471171-70BF-459B-AF06-9C34329295E7}" = 6000E609_Help

"{0D8E6567-7082-48DB-A305-293873AC8B39}_is1" = Preispilot für Firefox

"{109D28C7-FB38-483A-9C91-001CB59E2699}" = EPSON CardMonitor

"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday

"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD

"{1CE8E6EB-3077-4E90-9C53-28B7015231D9}" = Google SketchUp Pro 8

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager

"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30

"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt

"{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver

"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{388887F6-0661-4C80-B272-A6A23EFC7A31}" = MY CAMERA

"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup

"{441C8911-CEC0-19E6-6CAC-694553E06A28}" = myphotobook.de

"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support

"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth

"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4CE4B975-A5C1-43C0-A565-C00F0ABFC94C}" = PC-Bibliothek 3.0

"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp

"{4F57C27B-EDF4-4009-BEBA-EA7AA5C7A02D}" = ProductContext

"{551845DB-2D33-474E-B591-0831F0F2FAF6}" = BPDSoftware_Ini

"{56AB063D-1450-4BDE-9F0D-E9C693429C51}" = netbrdg

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA

"{65D85050-5610-4A91-A3B1-D5C744291AD4}" = PCDADDIN

"{65F5B7AF-3363-11D7-BB6B-00018021113F}" = EPSON PhotoQuicker3.5

"{691FCAD9-4A3F-43B9-8EC6-F7EE608D3772}" = 6000E609_eDocs

"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{716F4A62-0548-42b3-BAEA-44BC4F8E187C}" = HP Officejet 6000 E609 Series

"{722CD933-F4A3-4b3b-95D2-2A325BA693DA}" = 6000E609a

"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{800E784D-53E3-4948-B491-9E7FA5EACBDC}" = SmartWebPrinting

"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 2.9.0

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network

"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU

"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr

"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS

"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday

"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini

"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{35355EBA-4636-40B2-A995-FEB4CDBD92B3}" = 

"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007

"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui

"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync

"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt

"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore

"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove

"{A7BF5297-3E74-11D5-B00F-00104B398D77}" = QuarkXPress Passport

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox

"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch

"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK

"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime

"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes

"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI

"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore

"{B944FA21-81AF-4A77-8328-CE4F4CC51031}" = Nero 8

"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU

"{BE7785D6-045F-44FB-A1E4-3FA555874415}" = pdfforge Toolbar v7.0

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver

"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks

"{C48817E7-AA05-4151-A99D-1E1E550CE801}" = EPSON PhotoStarter3.1

"{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}" = PCDHELP

"{CBE7EB3D-FBD9-4c74-8156-082D055C0354}" = BPDSoftware

"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support

"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0

"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software

"{D777D80E-13AE-4E6C-BCB2-9AEE10D9DEF1}" = Driver Updater

"{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1" = FireJump

"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR

"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby

"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips

"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1

"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase

"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK

"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery

"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS

"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Advanced File Optimizer_is1" = Advanced File Optimizer

"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9

"avast5" = avast! Free Antivirus

"AVG Secure Search" = AVG Security Toolbar

"Bullzip PDF Printer_is1" = Bullzip PDF Printer 7.1.0.1212

"conduitEngine" = Conduit Engine 

"Crayon Physics Deluxe Demo_is1" = Crayon Physics Deluxe Demo - release 52

"de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = myphotobook.de

"DesktopIconAmazon" = Desktop Icon für Amazon

"EH_101Verm" = 101 Fallen für Vermieter

"ElsterFormular" = ElsterFormular

"ENTERPRISE" = Microsoft Office Enterprise 2007

"EPSON Printer and Utilities" = EPSON-Drucker-Software

"EPSON TWAIN" = EPSON TWAIN

"ESC86 Softwarehandbuch" = ESC86 Softwarehandbuch

"Google Chrome" = Google Chrome

"Google Updater" = Google Updater

"GPL Ghostscript Lite_is1" = GPL Ghostscript Lite 8.70

"HP Imaging Device Functions" = HP Imaging Device Functions 12.0

"HP PrecisionScan LTX" = HP PrecisionScan LTX

"HP Smart Web Printing" = HP Smart Web Printing

"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs

"ie7" = Windows Internet Explorer 7

"incredibar" = Incredibar Toolbar  on IE and Chrome

"InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager

"McAfee Security Scan" = McAfee Security Scan Plus

"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU

"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"Mp3tag" = Mp3tag v2.46a

"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP

"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs

"NVIDIA Drivers" = NVIDIA Drivers

"RealPlayer 12.0" = RealPlayer

"SearchAnonymizer" = SearchAnonymizer

"Spesoft Image Converter_is1" = Spesoft Image Converter 2.70

"Spesoft Toolbar" = Spesoft Toolbar

"SSC Service Utility_is1" = SSC Service Utility v4.30

"Stellar Phoenix Outlook PST Repair_is1" = Stellar Phoenix Outlook PST Repair

"UltimateZip 2007_is1" = UltimateZip 2007

"Wajam" = Wajam

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"Windows Searchqu Toolbar" = Windows iLivid Toolbar

"Windows XP Service Pack" = Windows XP Service Pack 3

"WinRAR archiver" = WinRAR 4.01 (32-Bit)

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-484763869-838170752-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{4E97552A-D0D2-47E3-B4A0-82E5A57A4198}_is1" = Bild Albelli Fotoservice

"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater

"Dropbox" = Dropbox

"JDownloader Download Manager Packages" = JDownloader Download Manager Packages

 
 ========== Last 20 Event Log Errors ==========

 

[ Antivirus Events ]

Error - 11.03.2009 09:30:16 | Computer Name = DAMMTOR2 | Source = avast! | ID = 33554522

Description = 

 

Error - 27.08.2009 04:27:09 | Computer Name = DAMMTOR2 | Source = avast! | ID = 33554522

Description = 

 

Error - 20.01.2010 06:48:27 | Computer Name = DAMMTOR2 | Source = avast! | ID = 33554522

Description = 

 

[ Application Events ]

Error - 06.05.2013 13:27:35 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 06.05.2013 15:39:05 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 06.05.2013 15:39:05 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 06.05.2013 15:39:05 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 06.05.2013 15:39:05 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 06.05.2013 15:40:30 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 06.05.2013 15:40:30 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 06.05.2013 15:40:42 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 07.05.2013 05:07:09 | Computer Name = DAMMTOR2 | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung AcroRd32.exe, Version 11.0.2.0, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

Error - 07.05.2013 05:08:08 | Computer Name = DAMMTOR2 | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung hppsapp.exe, Version 1.1.1.4, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

[ Application Events ]

Error - 06.05.2013 13:27:35 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 06.05.2013 15:39:05 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 06.05.2013 15:39:05 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 06.05.2013 15:39:05 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 06.05.2013 15:39:05 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 06.05.2013 15:40:30 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 06.05.2013 15:40:30 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 06.05.2013 15:40:42 | Computer Name = DAMMTOR2 | Source = nview_info | ID = 11141121

Description = 

 

Error - 07.05.2013 05:07:09 | Computer Name = DAMMTOR2 | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung AcroRd32.exe, Version 11.0.2.0, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

Error - 07.05.2013 05:08:08 | Computer Name = DAMMTOR2 | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung hppsapp.exe, Version 1.1.1.4, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

[ OSession Events ]

Error - 19.01.2009 17:53:40 | Computer Name = DAMMTOR2 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 55000

 seconds with 300 seconds of active time.  This session ended with a crash.

 

Error - 01.04.2009 17:17:16 | Computer Name = DAMMTOR2 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 11494

 seconds with 240 seconds of active time.  This session ended with a crash.

 

Error - 20.07.2011 17:10:48 | Computer Name = DAMMTOR2 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 

Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session 

lasted 19928 seconds with 420 seconds of active time.  This session ended with a

 crash.

 

Error - 20.07.2011 17:11:28 | Computer Name = DAMMTOR2 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 39425

 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 16.09.2011 15:54:23 | Computer Name = DAMMTOR2 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2033

 seconds with 60 seconds of active time.  This session ended with a crash.

 

Error - 17.08.2012 10:12:42 | Computer Name = DAMMTOR2 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 19177

 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error - 21.01.2013 11:56:55 | Computer Name = DAMMTOR2 | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 39293

 seconds with 3120 seconds of active time.  This session ended with a crash.

 

[ System Events ]

Error - 06.05.2013 10:36:23 | Computer Name = DAMMTOR2 | Source = DCOM | ID = 10010

Description = Der Server "{A18E86C2-7B08-49E5-8E5F-CCC1D5FB2ABB}" konnte innerhalb

 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

 

Error - 06.05.2013 10:42:35 | Computer Name = DAMMTOR2 | Source = Service Control Manager | ID = 7011

Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung

 von Dienst stisvc.

 

Error - 06.05.2013 13:28:16 | Computer Name = DAMMTOR2 | Source = Print | ID = 6161

Description = Das Dokument Microsoft Office Outlook - Memoformat, im Besitz von 

Sabine, konnte nicht auf dem Drucker HP Officejet 6000 E609a Series gedruckt werden.

 Datentyp: NT EMF 1.008. Größe der Warteschlangendatei in Bytes: 262144. Anzahl 

der gedruckten Bytes: 262144. Gesamtanzahl der Seiten des Dokuments: 2. Anzahl der

 gedruckten Seiten: 4. Clientcomputer: \\DAMMTOR2. Vom Druckprozessor zurückgelieferter

 Win32-Fehlercode: 0 (0x0). 

 

Error - 07.05.2013 05:14:18 | Computer Name = DAMMTOR2 | Source = Service Control Manager | ID = 7011

Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung

 von Dienst stisvc.

 

Error - 07.05.2013 05:14:48 | Computer Name = DAMMTOR2 | Source = Service Control Manager | ID = 7011

Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung

 von Dienst stisvc.

 

Error - 07.05.2013 05:24:10 | Computer Name = DAMMTOR2 | Source = DCOM | ID = 10010

Description = Der Server "{A286DE21-9642-11D0-A6BE-88EE00C10000}" konnte innerhalb

 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

 

Error - 07.05.2013 05:28:18 | Computer Name = DAMMTOR2 | Source = Service Control Manager | ID = 7011

Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung

 von Dienst stisvc.

 

Error - 07.05.2013 05:28:48 | Computer Name = DAMMTOR2 | Source = Service Control Manager | ID = 7011

Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung

 von Dienst stisvc.

 

Error - 07.05.2013 06:42:54 | Computer Name = DAMMTOR2 | Source = BROWSER | ID = 8032

Description = Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport

 "\Device\NetBT_Tcpip_{BD659856-C28E-49DA-A7AA-FC4D6E62E1BB}" zu oft fehl.  Der Sicherungssuchdienst

 wird beendet.

 

Error - 08.05.2013 01:10:31 | Computer Name = DAMMTOR2 | Source = BROWSER | ID = 8032

Description = Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport

 "\Device\NetBT_Tcpip_{BD659856-C28E-49DA-A7AA-FC4D6E62E1BB}" zu oft fehl.  Der Sicherungssuchdienst

 wird beendet.

 

 

< End of report >

--- --- ---