Nautiker | 10.08.2010 11:17 | hier das ergebnis von OTL
'Extras.txt':
OTL Logfile: Code:
OTL Extras logfile created on: 10.08.2010 12:06:45 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 297,98 Gb Total Space | 158,46 Gb Free Space | 53,18% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive H: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive O: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive P: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive S: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive T: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive U: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive V: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive W: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive X: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive Y: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive Z: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Computer Name: LAPTOP
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDBrowse] -- "C:\Programme\ACD Systems\ACDSee\ACDSee.exe" "%1" (ACD Systems, Ltd.)
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1927:TCP" = 1927:TCP:*:Enabled:eytron Cipc
"13364:UDP" = 13364:UDP:*:Enabled:Print Server Utility
"13107:UDP" = 13107:UDP:*:Enabled:Print Server Utility
"69:UDP" = 69:UDP:*:Enabled:Print Server Utility
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"13364:UDP" = 13364:UDP:*:Enabled:Print Server Utility
"13107:UDP" = 13107:UDP:*:Enabled:Print Server Utility
"69:UDP" = 69:UDP:*:Enabled:Print Server Utility
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"C:\Programme\Kyocera Mita\KyoNetCon\KyoNetCon.exe" = C:\Programme\Kyocera Mita\KyoNetCon\KyoNetCon.exe:*:Enabled:Kyocera Network Configuration -- File not found
"C:\Programme\TeamViewer3\TeamViewer.exe" = C:\Programme\TeamViewer3\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- File not found
"C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- File not found
"C:\Programme\ABUS Security-Center\Installationsassistent 2\IW2.exe" = C:\Programme\ABUS Security-Center\Installationsassistent 2\IW2.exe:*:Enabled:Installation Wizard 2 -- ()
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\Winfonie mobile 2\WinfonieMobile2.exe" = C:\Programme\Winfonie mobile 2\WinfonieMobile2.exe:*:Enabled:WinfonieMobile2 -- (Bertels + Hirsch)
"C:\Programme\TeamViewer\Version5\TeamViewer.exe" = C:\Programme\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\Tobit Radio.fx\Server\rfx-server.exe" = C:\Programme\Tobit Radio.fx\Server\rfx-server.exe:*:Enabled:Radio.fx Server -- ()
"C:\Programme\Tobit Radio.fx\Client\rfx-client.exe" = C:\Programme\Tobit Radio.fx\Client\rfx-client.exe:*:Enabled:Radio.fx Client -- (Tobit.Software)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- File not found
"C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe:*:Enabled:CyberLink PowerDVD DX -- (CyberLink Corp.)
"C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" = C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe:*:Enabled:CyberLink PowerDVD DX Resident Program -- (CyberLink Corp.)
"C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- File not found
"C:\Programme\Orbitdownloader\orbitdm.exe" = C:\Programme\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Programme\Orbitdownloader\orbitnet.exe" = C:\Programme\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01866A44-A697-4821-871F-1CB9F907E8DE}" = OpenOffice.org 2.3
"{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{105F3CE5-FE55-408E-BF30-E78F85BA0B12}" = Dell-Druckersoftware
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1882D3BE-8B8F-4EA3-9414-EB06CD5B9CD8}" = Modem Diagnostics Tool
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 19
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (DAVID)
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{38ADB9A6-798C-11D6-A855-00105A80791C}" = OKI Network Extension
"{3D9892BB-A751-4E48-ADC8-E4289956CE1D}" = QuickTime
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4394DC3A-5DAC-4C80-A86E-FF462D0AD653}" = Windows 7 Upgrade Advisor Beta
"{48AB06FF-059D-43DE-ACC1-15920D5A7FF2}" = JRE 1.4.2
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{5F045A94-B4B0-4F24-BE71-8491B7121CB0}" = Auerswald COMtools 2.2.69
"{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{65B2B4C4-A67F-485E-9A6B-E72E07AB8DFF}" = Auerswald COMlist 2.4.36
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86CEBAE9-5752-414A-86BC-170154E30E2A}" = Dell MFP Laser 3115cn Dienstprogramme Ver.1.0.2.1
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{8DA7286C-FBF6-48E4-A24A-FA9481EF4C0F}" = Dell MFP Laser 3115cn ScanButton-Manager Ver.1.1.0.2
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90510407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Visio Professional 2003
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{938996BF-AE93-451A-853C-91F16CF4333A}" = Auerswald COMfortel Melody 1.0.37
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A344F95E-E51A-450C-8F84-C940BF61903E}" = OKI Color Swatch-Dienstprogramm
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB9E5A7B-009D-4A55-BB8C-8AB3FC72C841}" = eytron.® VMS
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.4 - Deutsch
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{B256C380-AC47-4681-8342-7F42E4F0F434}" = JRE 1.6.1
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1E11C46-E6EB-4BD2-9ADF-2A98ACBEB216}" = iTunes
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C87DEAF3-0964-419F-B747-DFBB5E8F0279}" = ScanSoft PaperPort 11
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CAFECAFE-0013-0001-0122-ABCDEFABCDEF}" = Oracle JInitiator 1.3.1.22
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D92776DD-F1B6-4E31-BDA2-A1D6EB58CC1C}" = Auerswald COMfortel Set 1.9.03
"{E3B99F3D-9856-482A-9048-305E28E2510C}" = Vodafone Mobile Connect Lite
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F24B25C8-26E2-4FA4-8801-5642B3073899}" = ACDSee 3.1 (SR-1)
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FDEC0704-D15E-4DB8-A624-2256DD4C65D7}" = Dell MFP Laser 3115cn Scanner-Treiber
"{FE23E2F5-553F-4861-B8AF-279791A5E28F}" = Auerswald COMset 2.6.28
"A Smaller Note 99" = A Smaller Note 99
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Auerswald CAPI 2.0 Treiber" = Auerswald CAPI 2.0 Treiber
"Auerswald ISDN WAN Treiber" = Auerswald ISDN WANTreiber
"Auerswald UNI TSP Treiber" = Auerswald UNI TSP Treiber
"Auerswald USB Treiber Preinstall" = Auerswald USB Treiber Preinstall
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"CCleaner" = CCleaner (remove only)
"CHECK20" = CHECK20
"David Client" = David Client
"FileZilla Client" = FileZilla Client 3.3.2
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"IMDG-Code - Storck Verlag Hamburg - 03-09_is1" = IMDG-Code - Storck Verlag Hamburg - 03-09
"Installationsassistent2" = Installationsassistent2
"Jpeg Enhancer_is1" = Jpeg Enhancer 1.8
"LetsTrade" = LetsTrade Komponenten
"LiveViewer" = LiveViewer (Remove Only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.5.8)" = Mozilla Firefox (3.5.8)
"MultiPlayer" = MultiPlayer (Remove Only)
"NVIDIA Drivers" = NVIDIA Drivers
"Orbit_is1" = Orbit Downloader
"orgaMAX_is1" = orgaMAX Business Software
"PDF FormServer_is1" = PDF FormServer 1.3.7.2
"PrintServer Network driver" = PrintServer Network driver
"ProInst" = Intel(R) PROSet/Wireless Software
"SearchAssist" = SearchAssist
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.3
"TeamViewer 5" = TeamViewer 5
"Tobit Radio.fx Server" = Radio.fx
"VLC media player" = VLC media player 0.9.9
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"Winfonie mobile 2" = Winfonie mobile 2.2.2.41
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"xvid" = XviD MPEG-4 Video Codec
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Skat-Online V8" = Skat-Online V8
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.07.2010 04:22:33 | Computer Name = LAPTOP | Source = UserInit | ID = 1000
Description = Folgendes Skript konnte nicht ausgeführt werden: \\bera-server\NETLOGON\beralogin.vbs.
Das Netzlaufwerk ist nicht erreichbar. Weitere Informationen über die Behebung
von Netzwerkproblemen finden Sie in der Windows-Hilfe.
Error - 30.07.2010 04:23:41 | Computer Name = LAPTOP | Source = AutoEnrollment | ID = 15
Description = Die automatische Zertifikatregistrierung für "***"
konnte keine Verbindung zum Active Directory (0x8007054b) herstellen. Die angegebene
Domäne ist nicht vorhanden oder es konnte keine Verbindung hergestellt werden.
Die Registrierung wird nicht durchgeführt.
Error - 30.07.2010 07:37:43 | Computer Name = LAPTOP | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 03.08.2010 01:37:35 | Computer Name = LAPTOP | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 04.08.2010 01:54:15 | Computer Name = LAPTOP | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 04.08.2010 01:59:33 | Computer Name = LAPTOP | Source = Application Error | ID = 1000
Description = Faulting application dvwin32.exe, version 11.0.0.3092, faulting module
dvwin32.exe, fault address 0x005b54b2.
Error - 05.08.2010 01:05:31 | Computer Name = LAPTOP | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 06.08.2010 01:53:51 | Computer Name = LAPTOP | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 09.08.2010 02:02:35 | Computer Name = LAPTOP | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 10.08.2010 02:12:49 | Computer Name = LAPTOP | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
[ System Events ]
Error - 06.08.2010 10:40:46 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst CiSvc.
Error - 06.08.2010 10:41:17 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst CiSvc.
Error - 06.08.2010 10:54:10 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst CiSvc.
Error - 06.08.2010 10:56:03 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst CiSvc.
Error - 06.08.2010 11:05:22 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7011
Description = Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung
von Dienst CiSvc.
Error - 09.08.2010 02:03:43 | Computer Name = LAPTOP | Source = ACPIEC | ID = 327681
Description = \Device\ACPIEC: Die Hardware des Embedded Controllers (EC) hat nicht
innerhalb des Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware
oder -Firmware bzw. auf ein schlecht angelegtes BIOS hin, das auf nicht sichere
Art und Weise auf den EC zugreift. Der EC-Treiber wird erneut versuchen, die fehlgeschlagene
Transaktion durchzuführen.
Error - 09.08.2010 02:03:51 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst David
Service Layer.
Error - 09.08.2010 02:03:51 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "David Service Layer" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 10.08.2010 02:14:12 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst David
Service Layer.
Error - 10.08.2010 02:14:12 | Computer Name = LAPTOP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "David Service Layer" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
< End of report > --- --- ---
und hier otl.txt:
OTL Logfile: Code:
OTL logfile created on: 10.08.2010 12:06:45 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 297,98 Gb Total Space | 158,46 Gb Free Space | 53,18% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive H: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive O: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive P: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive S: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive T: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive U: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive V: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive W: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive X: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive Y: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Drive Z: | 134,06 Gb Total Space | 49,26 Gb Free Space | 36,75% Space Free | Partition Type: NTFS
Computer Name: LAPTOP
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Tobit Radio.fx\Server\rfx-server.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Tobit InfoCenter\DVWIN32.EXE (Tobit.Software)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Google\Update\1.2.183.23\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Programme\Tobit InfoCenter\David\Apps\Replica\CODE\replica.exe (Tobit Software)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Programme\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\GIG\PdfFormServer\PdfFormServer.exe (GIG mbH)
PRC - C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
PRC - C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
PRC - C:\Programme\DellTPad\hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\WLKEEPER.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Programme\ceytec internet+software GmbH\A Smaller Note 99\note.exe (ceytec internet+software GmbH)
PRC - C:\Programme\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe (Dell Inc.)
PRC - C:\Programme\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe (Dell Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation)
MOD - C:\Programme\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Programme\Dell\QuickSet\dadkeyb.dll ()
========== Win32 Services (SafeList) ==========
SRV - (RoxLiveShare9) -- C:\Programme\Gemeinsame Dateien\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe File not found
SRV - (deltraDBServer) -- C:\***\orgaMAX\DB-Server\bin\delserv.exe File not found
SRV - (deltraDBGuard) -- C:\***\orgaMAX\DB-Server\bin\DelGuard.exe File not found
SRV - (Radio.fx) -- C:\Programme\Tobit Radio.fx\Server\rfx-server.exe ()
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (DavidServiceLayer) -- C:\Programme\Tobit InfoCenter\David\Code\SL.EXE (Tobit Software)
SRV - (VMCService) -- C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (DavidReplica) -- C:\Programme\Tobit InfoCenter\David\Apps\Replica\CODE\replica.exe (Tobit Software)
SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQL$DAVID) SQL Server (DAVID) -- c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- C:\Programme\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (PdfFormServer) -- C:\Programme\GIG\PdfFormServer\PdfFormServer.exe (GIG mbH)
SRV - (LBTServ) -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (WLANKEEPER) Intel(R) -- C:\Programme\Intel\Wireless\Bin\WLKEEPER.exe (Intel(R) Corporation)
SRV - (S24EventMonitor) Intel(R) -- C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) Intel(R) -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (stllssvr) -- C:\Programme\Gemeinsame Dateien\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)
SRV - (DLSDB) -- C:\Programme\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe (Dell Inc.)
SRV - (DLPWD) -- C:\Programme\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe (Dell Inc.)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (RimUsb) -- C:\WINDOWS\System32\Drivers\RimUsb.sys File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (ZTEusbnet) -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV - (ZTEusbvoice) -- C:\WINDOWS\system32\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (iaStor) -- C:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (O2SDRDR) -- C:\WINDOWS\system32\drivers\o2sd.sys (O2Micro )
DRV - (O2MDRDR) -- C:\WINDOWS\system32\drivers\o2media.sys (O2Micro )
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (FTSER2K) -- C:\WINDOWS\system32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (FTDIBUS) -- C:\WINDOWS\system32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (NETw4x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (DLADResM) -- C:\WINDOWS\system32\drivers\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Roxio)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (auusb) -- C:\WINDOWS\system32\drivers\auusb.sys (Auerswald GmbH & Co. KG )
DRV - (tausb) -- C:\WINDOWS\system32\drivers\tausb.sys (Auerswald GmbH & Co. KG )
DRV - (auwmac) Auerswald ISDN WAN Driver (Ver. %V_VERSION%) -- C:\WINDOWS\system32\drivers\auwmac.sys (Auerswald GmbH & Co. KG )
DRV - (APPDRV) -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS (Dell Inc)
DRV - (Oscapi) -- C:\WINDOWS\system32\drivers\Oscapi20.sys (OSITRON GmbH)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=0080703
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.de/hws/sb/dell-row/de/side.html?channel=de-smb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=0080703
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://192.168.1.22/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.bera-papenburg.de"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.20 11:25:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.07.20 11:26:14 | 000,000,000 | ---D | M]
[2008.07.09 10:24:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2010.08.06 11:07:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\bw41hz8l.default\extensions
[2010.08.03 08:47:03 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\bw41hz8l.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2009.09.17 08:00:57 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\bw41hz8l.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.04.07 07:24:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\e9jug43o.***\extensions
[2010.04.07 07:24:48 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\e9jug43o.***\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009.07.08 07:29:43 | 000,002,164 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\bw41hz8l.default\searchplugins\bing.xml
[2008.11.03 12:23:08 | 000,002,028 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\bw41hz8l.default\searchplugins\xing---powering-relationships.xml
[2010.08.06 11:07:01 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.07.31 07:44:50 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2005.04.05 04:38:20 | 000,053,355 | ---- | M] (Oracle Corporation) -- C:\Programme\Mozilla Firefox\plugins\NPJinit13122.dll
[2010.03.19 09:32:29 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.19 09:32:29 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.19 09:32:29 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.19 09:32:29 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.19 09:32:29 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.08.04 17:02:43 | 000,416,505 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.163ns.com
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 14376 more lines...
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programme\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programme\Orbitdownloader\GrabPro.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programme\Orbitdownloader\GrabPro.dll ()
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Programme\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Programme\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\A Smaller Note 99.lnk = C:\Programme\ceytec internet+software GmbH\A Smaller Note 99\note.exe (ceytec internet+software GmbH)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {00000045-9980-0010-8000-00AA00389B71} hxxp://codecs.microsoft.com/codecs/i386/sg726acm.cab (Reg Error: Key error.)
O16 - DPF: {03C0000A-CF6D-4EF4-A2D6-376622318018} hxxp://217.91.207.201:12088/WatSearCtrl.cab (RASplus_WatSear Control)
O16 - DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} hxxp://169.254.0.99/RtspVaPgDec.cab (RtspVaPgCtrlNew Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1253697622667 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} Reg Error: Value error. (JInitiator 1.3.1.22)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Bera.de
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - Reg Error: Key error. File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll - c:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.08.13 13:54:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{586ca97c-6a0b-11de-921d-02010104e077}\Shell - "" = AutoRun
O33 - MountPoints2\{586ca97c-6a0b-11de-921d-02010104e077}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{586ca97c-6a0b-11de-921d-02010104e077}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{587e3315-1553-11de-91df-02010104687b}\Shell - "" = AutoRun
O33 - MountPoints2\{587e3315-1553-11de-91df-02010104687b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{587e3315-1553-11de-91df-02010104687b}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{587e3318-1553-11de-91df-02010104687b}\Shell - "" = AutoRun
O33 - MountPoints2\{587e3318-1553-11de-91df-02010104687b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{587e3318-1553-11de-91df-02010104687b}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{c607c9f0-ee0d-11de-9291-020101048040}\Shell - "" = AutoRun
O33 - MountPoints2\{c607c9f0-ee0d-11de-9291-020101048040}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c607c9f0-ee0d-11de-9291-020101048040}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 90 Days ==========
[2010.08.10 11:19:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes
[2010.08.10 11:19:10 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.08.10 11:19:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.08.10 11:19:08 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.08.10 11:19:08 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.06 09:24:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ProgSense
[2010.08.06 09:24:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\GrabPro
[2010.08.06 09:24:20 | 000,000,000 | ---D | C] -- C:\downloads
[2010.08.06 09:24:18 | 000,000,000 | ---D | C] -- C:\Programme\Orbitdownloader
[2010.08.06 09:24:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Orbit
[2010.08.05 11:07:57 | 000,000,000 | ---D | C] -- C:\Programme\Hex-Editor MX
[2010.08.05 10:56:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads
[2010.07.21 14:53:55 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Eigene Bilder
[2010.07.20 15:43:41 | 001,848,584 | ---- | C] (Tobit.Software) -- C:\WINDOWS\RXSUnins.exe
[2010.07.20 15:43:41 | 001,848,584 | ---- | C] (Tobit.Software) -- C:\WINDOWS\RXCUnins.exe
[2010.07.20 15:43:41 | 000,000,000 | ---D | C] -- C:\Programme\Tobit Radio.fx
[2010.07.20 11:27:26 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.07.20 11:27:20 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.07.20 11:25:52 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010.07.20 11:24:52 | 003,062,048 | ---- | C] (Apple, Inc.) -- C:\WINDOWS\System32\usbaaplrc.dll
[2010.07.20 11:24:41 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.07.20 11:14:25 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\System32\GEARAspi.dll
[2010.07.20 11:12:48 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2010.07.20 11:10:41 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***\Recent
[2010.07.06 16:27:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\afzqfixq
[2010.06.28 12:58:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Software4u
[2010.06.16 15:43:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.06.16 07:20:06 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Eigene Musik
[2010.06.16 07:20:02 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Eigene Videos
[2010.05.18 16:35:16 | 000,107,808 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\dns-sd.exe
[2010.05.18 16:35:16 | 000,091,424 | ---- | C] (Apple Inc.) -- C:\WINDOWS\System32\dnssd.dll
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\***\*.tmp files -> C:\Dokumente und Einstellungen\***\*.tmp -> ]
========== Files - Modified Within 90 Days ==========
[2010.08.10 11:59:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.08.10 11:32:32 | 000,054,016 | ---- | M] () -- C:\WINDOWS\System32\drivers\dveamwvp.sys
[2010.08.10 11:19:59 | 012,582,912 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.dat
[2010.08.10 11:19:13 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.10 08:15:03 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tobit.ini
[2010.08.10 08:13:52 | 000,170,285 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.08.10 08:13:52 | 000,121,572 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2010.08.10 08:13:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.08.10 08:13:44 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.08.10 08:12:49 | 000,000,202 | ---- | M] () -- C:\WINDOWS\System32\PSLOG
[2010.08.10 08:12:37 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.08.10 08:12:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.08.10 08:12:32 | 3219,574,784 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.06 12:57:53 | 000,000,546 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.08.06 12:57:53 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.08.06 12:57:53 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010.08.06 09:24:19 | 000,000,698 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Orbit.lnk
[2010.08.06 08:37:27 | 000,223,567 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\screenshot passwort.JPG
[2010.08.06 07:59:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\null
[2010.08.05 14:39:01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.08.04 17:04:44 | 000,000,390 | -HS- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.ini
[2010.08.04 17:02:43 | 000,416,505 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.08.03 09:33:06 | 000,082,432 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.30 10:23:36 | 000,000,963 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\A Smaller Note 99.lnk
[2010.07.30 10:23:34 | 000,121,572 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010.07.29 09:14:30 | 000,416,203 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100804-170243.backup
[2010.07.23 11:57:22 | 000,415,318 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100729-091430.backup
[2010.07.21 16:34:36 | 000,041,884 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.07.20 15:52:03 | 000,001,908 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Skat-Online V8.lnk
[2010.07.20 11:28:27 | 000,049,880 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.07.20 11:07:50 | 000,208,104 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.07.20 11:03:28 | 000,000,274 | ---- | M] () -- C:\WINDOWS\wiso.ini
[2010.07.19 12:53:02 | 000,412,718 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100723-115722.backup
[2010.07.16 15:42:56 | 000,000,525 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2010.07.08 13:45:55 | 000,412,516 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100719-125302.backup
[2010.06.17 11:40:21 | 000,000,292 | ---- | M] () -- C:\WINDOWS\TOBITADD.INI
[2010.06.16 08:47:45 | 000,404,991 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100708-134555.backup
[2010.06.10 16:16:59 | 000,000,256 | ---- | M] () -- C:\WINDOWS\System32\pool.bin
[2010.06.10 15:41:19 | 036,910,734 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\LoaderBackup-(2010-06-10).ipd
[2010.06.06 17:46:47 | 002,648,064 | ---- | M] () -- C:\WINDOWS\System32\DVMSG.DLL
[2010.06.03 12:21:34 | 000,404,292 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100616-084745.backup
[2010.06.01 09:57:14 | 001,848,584 | ---- | M] (Tobit.Software) -- C:\WINDOWS\RXSUnins.exe
[2010.06.01 09:57:14 | 001,848,584 | ---- | M] (Tobit.Software) -- C:\WINDOWS\RXCUnins.exe
[2010.05.31 10:25:43 | 000,397,558 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100603-122134.backup
[2010.05.20 09:26:19 | 000,395,918 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100531-102543.backup
[2010.05.18 16:35:16 | 000,107,808 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\dns-sd.exe
[2010.05.18 16:35:16 | 000,091,424 | ---- | M] (Apple Inc.) -- C:\WINDOWS\System32\dnssd.dll
[2010.05.12 15:16:21 | 000,395,820 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20100520-092619.backup
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\***\*.tmp files -> C:\Dokumente und Einstellungen\***\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.08.10 11:32:32 | 000,054,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\dveamwvp.sys
[2010.08.10 11:19:13 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.06 09:24:19 | 000,000,698 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Orbit.lnk
[2010.08.06 08:37:27 | 000,223,567 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\screenshot passwort.JPG
[2010.07.20 15:52:03 | 000,001,908 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Skat-Online V8.lnk
[2010.07.20 11:12:50 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.07.08 16:18:40 | 000,002,418 | ---- | C] () -- C:\WINDOWS\System32\bl_ovnet.set
[2010.07.07 08:14:31 | 000,010,075 | ---- | C] () -- C:\WINDOWS\System32\ovnet.set
[2010.07.06 16:26:41 | 000,003,503 | ---- | C] () -- C:\WINDOWS\System32\ymdvqdfr.dll
[2010.07.06 16:26:41 | 000,000,077 | ---- | C] () -- C:\WINDOWS\System32\nuqalzlf.dll
[2010.06.18 12:51:39 | 000,041,884 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010.06.10 15:41:13 | 036,910,734 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\LoaderBackup-(2010-06-10).ipd
[2010.05.28 11:12:55 | 002,134,016 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\Zoll Frau Riekmann.WAV
[2010.04.14 10:12:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\DVEXTINF.INI
[2010.03.17 12:31:47 | 000,031,658 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009.09.23 14:25:00 | 000,000,720 | ---- | C] () -- C:\WINDOWS\System32\CameraTitle.ini
[2009.08.17 12:04:47 | 000,000,101 | ---- | C] () -- C:\WINDOWS\PSXLPR.INI
[2009.08.17 12:04:46 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\Bot.dll
[2009.08.06 11:00:45 | 000,000,070 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2009.07.16 00:35:40 | 000,018,432 | ---- | C] () -- C:\WINDOWS\vmmreg3.dll
[2009.06.11 12:48:45 | 003,345,408 | ---- | C] () -- C:\WINDOWS\System32\avcodec-51.dll
[2009.06.11 12:48:45 | 001,605,632 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2009.06.11 12:48:45 | 000,448,512 | ---- | C] () -- C:\WINDOWS\System32\avformat-50.dll
[2009.06.11 12:48:45 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\avutil-49.dll
[2009.06.11 12:47:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.06.11 12:47:50 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.04.20 09:05:16 | 000,000,274 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2008.10.09 11:29:26 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2008.08.18 16:38:06 | 000,036,962 | ---- | C] () -- C:\WINDOWS\System32\ActPanel.dll
[2008.07.25 08:08:39 | 000,000,292 | ---- | C] () -- C:\WINDOWS\TOBITADD.INI
[2008.07.25 08:07:54 | 000,114,688 | ---- | C] () -- C:\WINDOWS\DVGRF.DLL
[2008.07.25 08:07:54 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\IMGMSGMO.dll
[2008.07.25 08:07:46 | 002,648,064 | ---- | C] () -- C:\WINDOWS\System32\DVMSG.DLL
[2008.07.25 08:07:31 | 000,000,023 | ---- | C] () -- C:\WINDOWS\AVFD.INI
[2008.07.25 08:07:27 | 006,502,912 | ---- | C] () -- C:\WINDOWS\TOBITCLT.DLL
[2008.07.25 08:03:47 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tobit.ini
[2008.07.18 08:00:07 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.07.14 10:04:32 | 000,017,036 | R--- | C] () -- C:\WINDOWS\System32\capi20.dll
[2008.07.14 10:03:00 | 000,081,920 | R--- | C] () -- C:\WINDOWS\System32\aucoinst.dll
[2008.07.14 10:03:00 | 000,010,570 | R--- | C] () -- C:\WINDOWS\drvinfo.ini
[2008.07.14 09:57:22 | 000,315,444 | ---- | C] () -- C:\WINDOWS\System32\isdnapi32.dll
[2008.07.14 09:57:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AuerCapiJNINative.dll
[2008.07.14 09:57:22 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\AuerUsbJNINative.dll
[2008.07.10 09:36:45 | 000,000,107 | ---- | C] () -- C:\WINDOWS\OPHD.ini
[2008.07.09 14:04:38 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_1430.ini
[2008.07.09 08:33:49 | 000,000,039 | ---- | C] () -- C:\WINDOWS\orgaMAX.ini
[2008.07.09 08:16:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2008.07.07 15:38:42 | 000,000,026 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2008.07.07 15:33:55 | 000,000,618 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2008.07.03 13:55:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008.07.03 13:48:55 | 000,000,234 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.07.03 13:23:10 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.07.03 13:23:10 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.07.03 13:23:10 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.07.03 13:23:09 | 001,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.07.03 13:21:49 | 000,001,502 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007.04.05 17:18:14 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\KcCodeU.dll
[2004.08.13 14:04:30 | 000,000,942 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004.08.13 13:51:43 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004.08.13 13:40:32 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo(2).dll
< End of report > --- --- --- |