Trojaner-Board - explorer.exe hat ein problem festgestellt und muss beendet werden xp

5. OTL Logs

Code:

OTL logfile created on: 14.07.2011 19:02:10 - Run 1

OTL by OldTimer - Version 3.2.22.3     Folder = C:\downloads

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 88,00% Memory free

5,00 Gb Paging File | 5,00 Gb Available in Paging File | 94,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 465,75 Gb Total Space | 227,30 Gb Free Space | 48,80% Space Free | Partition Type: NTFS

 

Computer Name: HOME-PC | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011.07.02 07:56:44 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe

PRC - [2011.05.07 08:50:23 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\downloads\OTL(1).exe

PRC - [2011.03.28 16:15:17 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe

PRC - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe

PRC - [2011.03.28 16:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe

PRC - [2009.03.17 14:24:06 | 000,161,632 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft LifeCam\MSCamS32.exe

PRC - [2007.05.29 12:06:44 | 000,598,960 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdfcoms.exe

PRC - [2006.06.01 21:06:00 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

 

 
 ========== Modules (SafeList) ==========

 

MOD - [2011.05.07 08:50:23 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\downloads\OTL(1).exe

MOD - [2006.06.01 21:06:00 | 001,050,624 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - File not found [Disabled | Stopped] --  -- (JavaQuickStarterService)

SRV - [2011.07.02 07:56:44 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [On_Demand | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2010.08.25 10:03:48 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2010.03.18 11:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)

SRV - [2009.03.17 14:24:06 | 000,161,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)

SRV - [2007.05.29 12:06:44 | 000,598,960 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdfcoms.exe -- (lxdf_device)

SRV - [2007.05.29 12:06:20 | 000,099,248 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdfserv.exe -- (lxdfCATSCustConnectService)

SRV - [2006.12.14 18:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)

SRV - [2006.06.01 21:06:00 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2005.11.17 16:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - [2011.07.02 07:56:45 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2011.07.02 07:56:45 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2011.06.03 17:51:32 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV07.sys -- (ACEDRV07)

DRV - [2011.05.29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2011.02.28 01:04:51 | 000,028,608 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sef3x1.sys -- (sef3x1)

DRV - [2011.02.28 01:03:11 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)

DRV - [2011.02.28 01:03:11 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)

DRV - [2010.06.17 15:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2010.06.17 15:26:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2009.03.17 14:24:06 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)

DRV - [2008.09.10 21:08:20 | 000,002,560 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\JungleFlasher v0.1.78 Beta (183)\portio32.sys -- (PORTIO64)

DRV - [2008.08.25 03:22:40 | 000,014,208 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)

DRV - [2008.08.06 18:12:10 | 004,755,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2008.08.01 11:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2008.08.01 11:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2008.06.16 10:02:34 | 000,017,024 | ---- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BS_I2cIo.sys -- (BS_I2cIo)

DRV - [2007.12.11 15:30:08 | 000,030,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)

DRV - [2007.05.11 04:10:50 | 000,034,704 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)

DRV - [2007.05.09 02:59:40 | 000,036,496 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)

DRV - [2007.04.16 17:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)

DRV - [2007.03.05 07:00:04 | 000,027,792 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)

DRV - [2007.03.05 06:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btnetdrv.sys -- (BT)

DRV - [2007.03.05 06:57:14 | 000,019,472 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VHIDMini.sys -- (VHidMinidrv)

DRV - [2007.03.05 06:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)

DRV - [2007.03.05 06:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\vbtenum.sys -- (BTHidEnum)

DRV - [2007.03.05 06:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)

DRV - [2007.03.05 06:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)

DRV - [2006.11.21 23:41:18 | 000,022,416 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Programme\IVT Corporation\BlueSoleil\device\Win2k\BTNetFilter.sys -- (BTNetFilter)

DRV - [2005.07.20 08:26:00 | 001,390,656 | R--- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cmudaxu.sys -- (cmudau)

DRV - [2005.03.16 08:23:54 | 000,013,696 | R--- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BIOS.sys -- (BIOS)

DRV - [2004.02.24 16:42:44 | 000,021,248 | ---- | M] (AIPTEK International Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aiptektp.sys -- (aiptektp)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultthis.engineName: "AlphaMarket Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2922774&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.selectedEngine: "AlphaMarket Customized Web Search"

FF - prefs.js..browser.startup.homepage: "hxxp://www.tixuma.de"

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6

FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2

FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10

FF - prefs.js..extensions.enabledItems: {eebc5c3f-ec4b-4ad4-b5d1-fa51b3c42c57}:1.0.2

FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.1

FF - prefs.js..extensions.enabledItems: {df4e4df5-5cb7-46b0-9aef-6c784c3249f8}:1.2.0

FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.5.5

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6

FF - prefs.js..extensions.enabledItems: {d47a9f51-8281-43fa-f450-f28ef8735e9a}:2.1.1

FF - prefs.js..keyword.URL: "hxxp://jixey.com/?id={7FB7ED77-B6D4-4fea-8F56-57F262C1728B}&ver=1.5.4&src=adr&q="

FF - prefs.js..network.proxy.http: "91.205.174.48"

FF - prefs.js..network.proxy.http_port: 80

FF - prefs.js..network.proxy.type: 0

 

 

FF - HKLM\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.03.10 17:39:42 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: E:\runtergeladene Sachen\java\lib\deploy\jqs\ff

FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.06.28 07:26:21 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins

 

[2009.11.04 22:53:56 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions

[2011.07.06 20:14:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\t93ev5hf.default\extensions

[2011.03.23 10:07:11 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\t93ev5hf.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}

[2011.06.24 09:19:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\t93ev5hf.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2011.02.19 19:42:05 | 000,000,000 | ---D | M] (Pixlr Grabber) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\t93ev5hf.default\extensions\{d47a9f51-8281-43fa-f450-f28ef8735e9a}

[2011.01.10 19:03:32 | 000,000,000 | ---D | M] (Fox!Box) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\t93ev5hf.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}

[2011.07.06 20:14:03 | 000,000,000 | ---D | M] (Awesome screenshot: Capture and Annotate) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\t93ev5hf.default\extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack

[2011.01.17 17:50:21 | 000,000,000 | ---D | M] (SkipScreen) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\t93ev5hf.default\extensions\SkipScreen@SkipScreen

[2011.05.05 09:14:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

File not found (No name found) -- 

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ADMINISTRATOR\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\T93EV5HF.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ADMINISTRATOR\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\T93EV5HF.DEFAULT\EXTENSIONS\{C45C406E-AB73-11D8-BE73-000A95BE3B12}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ADMINISTRATOR\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\T93EV5HF.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ADMINISTRATOR\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\T93EV5HF.DEFAULT\EXTENSIONS\{D57C9FF1-6389-48FC-B770-F78BD89B6E8A}.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ADMINISTRATOR\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\T93EV5HF.DEFAULT\EXTENSIONS\FINDER@MEINGUTSCHEINCODE.DE.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ADMINISTRATOR\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\T93EV5HF.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI

() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ADMINISTRATOR\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\T93EV5HF.DEFAULT\EXTENSIONS\PLUGIN@APTURE.COM.XPI

[2011.06.28 07:26:20 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll

[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml

[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml

[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml

[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml

[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml

 

Hosts file not found

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [CmUsbSound]  File not found

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0

O8 - Extra context menu item: add to &BOM - C:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)

O15 - HKCU\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)

O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: 

O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.11.04 01:50:12 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.07.11 20:39:26 | 000,634,920 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Administrator\Desktop\WindowsXP-KB932823-v3-x86-DEU.exe

[2011.07.11 20:12:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Microsoft.Internet.Explorer.8.32Bit.Build.6001.18343.SUB100-WinBeta

[2011.07.08 08:53:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com

[2011.07.08 08:41:16 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent

[2011.07.05 20:08:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2011.07.03 16:08:31 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner

[2011.07.02 09:34:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware

[2011.07.02 09:34:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Desktop

[2011.06.30 18:24:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Lx_cats

[2011.06.30 18:16:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ABBYY FineReader 6.0 Sprint

[2011.06.30 18:13:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Lexmark 6500 Series

[2011.06.24 16:03:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\FileZilla FTP Client

[2011.06.24 16:03:51 | 000,000,000 | ---D | C] -- C:\Programme\FileZilla FTP Client

[2011.06.22 21:00:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\Kopie von Link_M

[2011.06.21 21:54:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Desktop\Link_M

[2011.06.15 09:22:06 | 000,000,000 | ---D | C] -- C:\PR-Backlink-Generator

[2009.11.05 13:39:56 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdfusb1.dll

[2009.11.05 13:39:56 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdfhcp.dll

[2009.11.05 13:39:56 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdfinpa.dll

[2009.11.05 13:39:56 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdfiesc.dll

[2009.11.05 13:39:55 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdfserv.dll

[2009.11.05 13:39:55 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdfpmui.dll

[2009.11.05 13:39:55 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdflmpm.dll

[2009.11.05 13:39:55 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdfprox.dll

[2009.11.05 13:39:54 | 000,320,432 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdfih.exe

[2009.11.05 13:39:53 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdfhbn3.dll

[2009.11.05 13:39:53 | 000,598,960 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdfcoms.exe

[2009.11.05 13:39:52 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdfcomc.dll

[2009.11.05 13:39:52 | 000,365,488 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdfcfg.exe

[2009.11.05 13:39:52 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdfcomm.dll

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.07.14 18:49:25 | 000,207,407 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2011.07.14 18:49:23 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011.07.14 18:49:23 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-343818398-1606980848-839522115-500.job

[2011.07.14 18:49:22 | 003,795,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2011.07.14 18:49:20 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011.07.14 18:39:00 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011.07.14 18:19:36 | 000,000,223 | RHS- | M] () -- C:\boot.ini

[2011.07.14 17:59:17 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011.07.14 17:37:35 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011.07.11 20:39:27 | 000,634,920 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Administrator\Desktop\WindowsXP-KB932823-v3-x86-DEU.exe

[2011.07.08 08:45:06 | 000,245,302 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\cc_20110708_084417-ccleaner regidtery _aenderung.reg

[2011.07.07 08:43:00 | 000,000,294 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-343818398-1606980848-839522115-500.job

[2011.07.07 08:04:41 | 000,000,052 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\defogger_reenable

[2011.07.06 07:50:22 | 000,001,173 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\lxdf

[2011.07.06 07:50:14 | 000,019,875 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Basketball-widerrufsrecht.pdf

[2011.07.02 17:31:09 | 000,001,525 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\common.php

[2011.07.02 17:06:13 | 000,001,528 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\common.php

[2011.07.02 09:34:45 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.07.02 07:56:45 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2011.07.02 07:56:45 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2011.06.30 18:17:08 | 000,191,429 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf

[2011.06.29 09:58:22 | 000,000,218 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\meinungsstudie_a.php

[2011.06.22 21:00:42 | 000,248,533 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Link_M.rar

[2011.06.20 21:10:25 | 000,071,554 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\hobby-idee_Meinungsstudie_online_Geld_verdienen.jpg

[2011.06.20 08:13:32 | 000,050,743 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\hobby-idee.de_Tixuma_online_geld_verdienen.jpg

[2011.06.17 17:17:39 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job

[2011.06.17 17:15:20 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2011.06.15 09:04:28 | 000,005,611 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\blaue-dampflok-knuth-vb.pdf

[2011.06.15 08:49:02 | 000,019,870 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\blaue-dampflok-knuth-hv.pdf

 
 ========== Files Created - No Company Name ==========

 

[2011.07.08 08:45:00 | 000,245,302 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\cc_20110708_084417-ccleaner regidtery _aenderung.reg

[2011.07.07 08:04:34 | 000,000,052 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\defogger_reenable

[2011.07.06 07:50:14 | 000,019,875 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Basketball-widerrufsrecht.pdf

[2011.07.02 17:06:45 | 000,001,525 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\common.php

[2011.07.02 17:06:13 | 000,001,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\common.php

[2011.07.02 09:34:45 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.06.29 09:28:32 | 000,000,218 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\meinungsstudie_a.php

[2011.06.22 21:00:42 | 000,248,533 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Desktop\Link_M.rar

[2011.06.20 21:10:25 | 000,071,554 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\hobby-idee_Meinungsstudie_online_Geld_verdienen.jpg

[2011.06.20 08:13:32 | 000,050,743 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\hobby-idee.de_Tixuma_online_geld_verdienen.jpg

[2011.06.15 09:04:28 | 000,005,611 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\blaue-dampflok-knuth-vb.pdf

[2011.06.15 08:49:02 | 000,019,870 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\blaue-dampflok-knuth-hv.pdf

[2011.06.03 17:50:11 | 000,446,464 | ---- | C] () -- C:\WINDOWS\System32\Tx32.dll

[2011.06.03 17:50:11 | 000,000,151 | ---- | C] () -- C:\WINDOWS\System32\ic32.ini

[2011.01.16 19:13:42 | 000,015,873 | ---- | C] () -- C:\WINDOWS\System32\Inetde.dll

[2011.01.13 21:55:33 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2010.04.07 14:27:54 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\$_hpcst$.hpc

[2010.04.07 14:17:05 | 000,641,872 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat

[2010.03.04 16:52:08 | 000,001,545 | ---- | C] () -- C:\WINDOWS\cssslang.ini

[2010.03.04 16:52:08 | 000,000,669 | ---- | C] () -- C:\WINDOWS\Id007.ini

[2010.03.04 16:52:08 | 000,000,062 | ---- | C] () -- C:\WINDOWS\csss.ini

[2010.03.04 16:08:24 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\tblmouse.exe

[2010.03.04 16:08:23 | 000,073,728 | ---- | C] () -- C:\WINDOWS\RmTablet.exe

[2010.03.04 16:08:23 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\Funckey.dll

[2010.03.04 16:08:23 | 000,003,544 | ---- | C] () -- C:\WINDOWS\aiptbl.ini

[2010.01.28 13:39:42 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll

[2010.01.28 13:35:28 | 000,007,119 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini

[2010.01.27 20:34:27 | 000,241,664 | R--- | C] () -- C:\WINDOWS\System32\cmdrvrmu.exe

[2010.01.27 20:34:27 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\cmdrvrmu.dll

[2010.01.27 20:34:21 | 000,040,960 | R--- | C] () -- C:\WINDOWS\CmiUSB2Uninstall.exe

[2010.01.27 20:34:09 | 000,005,690 | R--- | C] () -- C:\WINDOWS\Cmudau.ini

[2010.01.15 12:52:49 | 000,000,046 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_urlsnooper_InstallInfo.dat

[2010.01.06 14:04:33 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\nnr.dll

[2009.12.03 12:48:52 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI

[2009.11.25 14:00:41 | 000,000,004 | ---- | C] () -- C:\WINDOWS\System32\mlcrs0ft.dll

[2009.11.23 11:37:54 | 000,000,166 | ---- | C] () -- C:\WINDOWS\EasyCT.INI

[2009.11.17 13:37:44 | 000,327,168 | ---- | C] () -- C:\WINDOWS\System32\cutil32.dll

[2009.11.08 14:28:48 | 000,054,404 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat

[2009.11.07 12:16:09 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2009.11.07 11:25:14 | 000,004,152 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\QuickZip45.ini

[2009.11.06 11:50:25 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\$_hpcst$.hpc

[2009.11.05 13:42:31 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdfvs.dll

[2009.11.05 13:42:30 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdfcoin.dll

[2009.11.05 13:42:07 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdfdrs.dll

[2009.11.05 13:42:07 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdfcnv4.dll

[2009.11.05 13:42:07 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdfcaps.dll

[2009.11.05 13:41:51 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdfoem.dll

[2009.11.05 13:41:51 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\LXDFPMON.DLL

[2009.11.05 13:41:51 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXDFFXPU.DLL

[2009.11.05 13:40:09 | 000,000,060 | -H-- | C] () -- C:\WINDOWS\System32\lxdfrwrd.ini

[2009.11.05 13:39:56 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\lxdfinst.dll

[2009.11.05 13:39:53 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdfgrd.dll

[2009.11.05 12:34:08 | 000,110,080 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009.11.04 22:53:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2009.11.04 19:25:38 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2009.11.04 02:07:05 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009.11.04 02:04:50 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll

[2009.11.04 01:55:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2009.11.04 01:48:05 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2009.11.04 01:44:37 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2009.11.04 01:43:39 | 003,795,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2009.01.16 04:42:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2009.01.16 04:42:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe

[2009.01.16 04:42:00 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2009.01.16 04:42:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe

[2009.01.16 04:42:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2009.01.16 04:42:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2009.01.16 04:42:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe

[2009.01.16 04:42:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe

[2006.06.01 21:06:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2006.06.01 21:06:00 | 001,868,868 | ---- | C] () -- C:\WINDOWS\System32\RSA32_16.DLL

[2006.06.01 21:06:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2006.06.01 21:06:00 | 000,452,304 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat

[2006.06.01 21:06:00 | 000,435,396 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2006.06.01 21:06:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2006.06.01 21:06:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat

[2006.06.01 21:06:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2006.06.01 21:06:00 | 000,081,136 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat

[2006.06.01 21:06:00 | 000,068,292 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2006.06.01 21:06:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2006.06.01 21:06:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat

[2006.06.01 21:06:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2006.06.01 21:06:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

[2006.06.01 21:06:00 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

[2006.06.01 21:06:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2006.06.01 21:06:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2006.06.01 21:06:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2006.06.01 21:06:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

 
 ========== LOP Check ==========

 

[2010.08.11 13:15:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\6500 Series

[2011.06.16 23:37:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\BOM

[2010.05.17 21:28:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\BSplayer

[2010.01.15 12:52:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DonationCoder

[2011.02.24 21:18:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\EurekaLog

[2011.07.03 16:34:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\FileZilla

[2010.03.01 14:11:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\FireShot

[2011.01.27 19:47:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\FVZilla

[2011.04.30 15:38:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\GetRightToGo

[2010.01.15 12:45:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\GrabPro

[2010.12.18 15:17:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\gtk-2.0

[2010.11.21 18:03:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\HamsterSoft

[2009.11.30 11:49:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\inkscape

[2011.06.30 18:24:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Lexmark Productivity Studio

[2011.03.11 21:25:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\MAGIX

[2009.11.07 14:04:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Opera

[2010.01.16 00:23:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Orbit

[2011.01.13 17:16:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\PanoramaStudio2Pro

[2010.04.11 12:40:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TeamViewer

[2011.05.03 08:00:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TuneUp Software

[2011.03.12 23:11:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\VideoPPT

[2009.11.05 13:41:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\6500 Series

[2010.08.23 12:32:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software

[2009.11.16 23:07:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bluetooth

[2010.01.15 12:52:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DonationCoder

[2011.03.11 21:23:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX

[2011.05.15 16:46:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe

[2010.05.13 13:00:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SITEguard

[2010.05.13 13:46:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\STOPzilla!

[2010.03.10 17:23:15 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\System Restore

[2009.11.07 14:41:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP

[2010.12.04 20:37:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tmp

[2011.05.04 19:56:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software

[2011.05.03 07:59:18 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}

[2009.11.07 15:03:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}

[2011.06.17 17:17:39 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job

 
 ========== Purity Check ==========

 

 
 

< End of report >

Code:

OTL Extras logfile created on: 14.07.2011 19:02:10 - Run 1

OTL by OldTimer - Version 3.2.22.3     Folder = C:\downloads

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 88,00% Memory free

5,00 Gb Paging File | 5,00 Gb Available in Paging File | 94,00% Paging File free

Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 465,75 Gb Total Space | 227,30 Gb Free Space | 48,80% Space Free | Partition Type: NTFS

 

Computer Name: HOME-PC | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.html [@ = SafariHTML] -- Reg Error: Key error. File not found

.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.exe [@ = exefile] -- Reg Error: Key error. File not found

.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

http [open] -- "F:\runtergeladene Sachen\apple safari Browser\Safari.exe" -url "%1"

https [open] -- "F:\runtergeladene Sachen\apple safari Browser\Safari.exe" -url "%1"

InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [Bridge] -- C:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [CEWE FOTOSCHAU] -- "F:\runtergeladene Sachen\Fotobuch sotware\CEWW Kalender-Software\SCHLECKER Foto Digital Service\CEWE FOTOSCHAU.exe" -d "%1"

Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [SCHLECKER Foto Digital Service] -- "F:\runtergeladene Sachen\Fotobuch sotware\CEWW Kalender-Software\SCHLECKER Foto Digital Service\SCHLECKER Foto Digital Service.exe" "%1"

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004

"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005

"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001

"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002

"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

"1037:TCP" = 1037:TCP:*:Enabled:Akamai NetSession Interface

"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"E:\runtergeladene Sachen\Free Video Zilla\FVZilla.exe" = E:\runtergeladene Sachen\Free Video Zilla\FVZilla.exe:*:Enabled:FVZilla

"E:\runtergeladene Sachen\Drucker\Lexmark 6500 Series\lxdfmon.exe" = E:\runtergeladene Sachen\Drucker\Lexmark 6500 Series\lxdfmon.exe:*:Enabled:Printer Device Monitor

"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdfpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdfpswx.exe:*:Enabled:Printer Status Window Interface -- ()

"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdfjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdfjswx.exe:*:Enabled:Job Status Window Interface -- ()

"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdftime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdftime.exe:*:Enabled:Lexmark Connect Time Executable -- (Lexmark International, Inc.)

"E:\runtergeladene Sachen\java\bin\javaw.exe" = E:\runtergeladene Sachen\java\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary

"C:\Programme\Lexmark 6500 Series\lxdfmon.exe" = C:\Programme\Lexmark 6500 Series\lxdfmon.exe:*:Enabled:Printer Device Monitor -- ()

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3

"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help

"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime

"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin

"{195FF80D-6C1E-4B7A-A48E-45C0AEAC0F24}" = Microsoft LifeCam

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 24

"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2

"{28FFFE19-141E-47CF-8E9B-DD75B43C4B06}" = BIOS Update

"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3

"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3

"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1

"{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools

"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support

"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger

"{438BB9B4-65FE-4626-91D9-A8F57B18001D}" = Bluesoleil2.6.0.8 Release 070517

"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium

"{47F74349-1262-45C4-9546-E405D0C1C39C}" = NetObjects Fusion 9.0

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent

"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings

"{7B08D306-7266-4647-A926-2F78817ED1E0}" = Microsoft Corporation

"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3

"{8544556F-92C9-478E-9ABC-BC2823E39577}" = MAGIX Speed burnR (MSI)

"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3

"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support

"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{90170407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003

"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3

"{920DF926-D85A-4ED9-8F4D-7D98F0EAF2C6}" = CEWE FOTOBUCH PRO

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}" = Adobe Illustrator CS5

"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3

"{A0CBFC47-690E-4277-82BB-13BE18CF0C2E}" = CEWE FOTOBUCH PRO Designvorlagen

"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU

"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI

"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific

"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AAE31374-02C2-452E-88EC-2F16D92731A9}" = MAGIX Screenshare

"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings

"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch

"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint

"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0

"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1

"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3

"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation

"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver

"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2

"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs

"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client

"{D0EA5DD0-8D2C-4762-A83E-A9B924FE8531}" = NetObjects Fusion 9.0

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings

"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings

"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player

"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3

"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform

"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0

"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials

"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8

"CADIX Signature Screen Saver 2.0" = CADIX Signature Screen Saver 2.0

"CCleaner" = CCleaner

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"C-Media USB Sound" = TEAC media systems 5.1 USB

"C-Media USB Sound Driver" = C-Media USB Sound Driver

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"DivX Setup.divx.com" = DivX-Setup

"FileZilla Client" = FileZilla Client 3.5.0

"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition

"Free Video Zilla_is1" = Free Video Zilla

"Google Chrome" = Google Chrome

"Hamster Free Video Converter_is1" = HamsterFreeVideoConverter

"HijackThis" = HijackThis 2.0.2

"Inkscape" = Inkscape 0.47

"IsoBuster_is1" = IsoBuster 2.8.5

"Lexmark 6500 Series" = Lexmark 6500 Series

"MAGIX 3D Maker D" = MAGIX 3D Maker (embeded)

"MAGIX Foto Manager 8 D" = MAGIX Foto Manager 8 6.0.1.457 (D)

"MAGIX Fotobuch" = MAGIX Fotobuch 3.6

"MAGIX Online Druck Service D" = MAGIX Online Druck Service 3.4.3.0 (D)

"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)

"MAGIX Video deluxe 15 Premium D" = MAGIX Video deluxe 15 Premium 8.0.0.62 (D)

"MAGIX Xtreme Foto Designer 6 D" = MAGIX Xtreme Foto Designer 6 6.0.25.0 (D)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200

"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5

"Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de)

"NVIDIA Drivers" = NVIDIA Drivers

"PanoramaStudio2Pro" = PanoramaStudio 2.1 Pro (deinstallieren)

"PC Wizard 2009_is1" = PC Wizard 2009.1.91

"RarZilla Free Unrar" = RarZilla Free Unrar

"RealPlayer 12.0" = RealPlayer

"Rmtablet" = HyperPen USB Manager

"SCHLECKER Foto Digital Service" = SCHLECKER Foto Digital Service

"TeamViewer 5" = TeamViewer 5

"Update Service" = Update Service

"URL Helper_is1" = URL Helper

"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

"WIC" = Windows Imaging Component

"Windows Media Format Runtime" = Windows Media Format 11 runtime

"Windows Media Player" = Windows Media Player 11

"WinGimp-2.0_is1" = GIMP 2.6.7

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR

"WMFDist11" = Windows Media Format 11 runtime

"wmp11" = Windows Media Player 11

"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)

"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 12.07.2011 16:01:45 | Computer Name = HOME-PC | Source = ESENT | ID = 439

Description = Catalog Database (1260) Die Shadowkopfzeile für Datei C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb

 konnte nicht geschrieben werden. Fehler -1032.

 

Error - 12.07.2011 16:01:45 | Computer Name = HOME-PC | Source = ESENT | ID = 454

Description = Catalog Database (1260) Bei Datenbankwiederherstellung trat ein unerwarteter

 Fehler -1032 auf.

 

Error - 12.07.2011 16:01:46 | Computer Name = HOME-PC | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.2180, fehlgeschlagenes

 Modul shdocvw.dll, Version 6.0.2900.3698, Fehleradresse 0x00017fa4.

 

Error - 14.07.2011 11:38:02 | Computer Name = HOME-PC | Source = ESENT | ID = 490

Description = svchost (1260) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"

 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der

 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet

 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

 

Error - 14.07.2011 11:38:02 | Computer Name = HOME-PC | Source = ESENT | ID = 439

Description = Catalog Database (1260) Die Shadowkopfzeile für Datei C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb

 konnte nicht geschrieben werden. Fehler -1032.

 

Error - 14.07.2011 11:38:02 | Computer Name = HOME-PC | Source = ESENT | ID = 454

Description = Catalog Database (1260) Bei Datenbankwiederherstellung trat ein unerwarteter

 Fehler -1032 auf.

 

Error - 14.07.2011 11:38:04 | Computer Name = HOME-PC | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.2180, fehlgeschlagenes

 Modul shdocvw.dll, Version 6.0.2900.3698, Fehleradresse 0x00017fa4.

 

Error - 14.07.2011 11:52:52 | Computer Name = HOME-PC | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.2180, fehlgeschlagenes

 Modul shdocvw.dll, Version 6.0.2900.3698, Fehleradresse 0x00017fa4.

 

Error - 14.07.2011 12:08:15 | Computer Name = HOME-PC | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.2180, fehlgeschlagenes

 Modul shdocvw.dll, Version 6.0.2900.3698, Fehleradresse 0x00017fa4.

 

Error - 14.07.2011 12:30:22 | Computer Name = HOME-PC | Source = MsiInstaller | ID = 11721

Description = Produkt: ABBYY FineReader 6.0 Sprint -- Fehler 1721. Es liegt ein 

dieses Windows Installer-Paket betreffendes Problem vor. Ein für den Abschluss der

 Installation erforderliches Programm konnte nicht ausgeführt werden. Wenden Sie

 sich an das Supportpersonal oder den Hersteller des Pakets. Aktion: Launch_Sprint.exe_deinstall,

 Pfad: C:\Programme\ABBYY FineReader 6.0 Sprint\Sprint.exe, Befehl: /deinstall 

 

[ System Events ]

Error - 14.07.2011 12:34:56 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7032

Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden

 des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Starten Sie

 den Dienst neu.) durchzuführen, ist fehlgeschlagen. Fehler:   %%1056

 

Error - 14.07.2011 12:39:01 | Computer Name = HOME-PC | Source = PlugPlayManager | ID = 11

Description = Das Gerät "Root\LEGACY_SASDIFSV\0000" wurde ohne vorbereitende Maßnahmen

 vom System entfernt.

 

Error - 14.07.2011 12:39:01 | Computer Name = HOME-PC | Source = PlugPlayManager | ID = 11

Description = Das Gerät "Root\LEGACY_SASKUTIL\0000" wurde ohne vorbereitende Maßnahmen

 vom System entfernt.

 

Error - 14.07.2011 12:49:38 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7009

Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst lxdfCATSCustConnectService.

 

Error - 14.07.2011 12:49:38 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "lxdfCATSCustConnectService" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%1053

 

Error - 14.07.2011 12:49:43 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" 

abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058

 

Error - 14.07.2011 12:49:47 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" 

abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058

 

Error - 14.07.2011 12:49:48 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" 

abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058

 

Error - 14.07.2011 12:49:48 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "RAS-Verbindungsverwaltung" ist vom Dienst "Telefonie" 

abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058

 

Error - 14.07.2011 13:00:24 | Computer Name = HOME-PC | Source = Service Control Manager | ID = 7032

Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden

 des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Starten Sie

 den Dienst neu.) durchzuführen, ist fehlgeschlagen. Fehler:   %%1056

 

 

< End of report >