USB Stick/CD-ROM glaub ich eher nicht.
Frisches OTL Log (Extras.log viele Fehler) Code:
OTL logfile created on: 07.10.2012 18:22:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\USERNAME\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 65,00% Memory free
3,84 Gb Paging File | 3,18 Gb Available in Paging File | 82,79% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 69,65 Gb Total Space | 9,84 Gb Free Space | 14,14% Space Free | Partition Type: NTFS
Drive D: | 69,64 Gb Total Space | 9,40 Gb Free Space | 13,51% Space Free | Partition Type: NTFS
Computer Name: USERNAME_PC | User Name: USERNAME | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.10.07 18:20:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\USERNAME\Desktop\OTL.exe
PRC - [2012.10.06 11:26:52 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Dokumente und Einstellungen\USERNAME\Lokale Einstellungen\temp\RtkBtMnt.exe
PRC - [2012.09.08 09:11:25 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.08.31 16:54:37 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.07.03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () -- C:\Programme\Synology\Assistant\UsbClientService.exe
PRC - [2010.12.23 12:41:36 | 003,304,768 | ---- | M] (devolo AG) -- C:\Programme\devolo\dlan\devolonetsvc.exe
PRC - [2009.09.17 12:52:35 | 000,614,400 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
PRC - [2009.07.28 17:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
PRC - [2008.04.23 02:08:13 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.07 17:39:06 | 000,343,552 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2007.10.17 19:59:44 | 000,858,632 | ---- | M] (Dritek System Inc.) -- C:\Programme\Launch Manager\LManager.exe
PRC - [2007.07.04 12:44:00 | 000,475,136 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2007.06.17 13:27:58 | 000,128,608 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
PRC - [2007.06.14 20:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\bgsvcgen.exe
PRC - [2007.04.03 18:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2007.03.21 14:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007.03.21 14:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007.03.02 12:25:08 | 000,208,896 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
PRC - [2007.03.01 19:21:52 | 000,024,576 | ---- | M] ( ) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
PRC - [2007.01.17 12:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
========== Modules (No Company Name) ==========
MOD - [2012.10.07 14:27:20 | 001,815,040 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\12100701\algo.dll
MOD - [2012.10.06 20:18:30 | 001,815,040 | ---- | M] () -- C:\Programme\AVAST Software\Avast\defs\12100601\algo.dll
MOD - [2012.09.08 09:11:24 | 002,244,064 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.06.15 00:32:46 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_adef2e1e\system.drawing.dll
MOD - [2012.06.15 00:32:36 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_392d579f\system.windows.forms.dll
MOD - [2012.06.15 00:32:13 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012.01.08 12:27:42 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_8a1d6637\mscorlib.dll
MOD - [2012.01.08 12:27:17 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_e0117812\system.dll
MOD - [2012.01.08 12:27:06 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012.01.08 12:27:04 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () -- C:\Programme\Synology\Assistant\UsbClientService.exe
MOD - [2009.09.17 12:52:35 | 000,614,400 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
MOD - [2008.06.05 08:58:57 | 000,026,624 | ---- | M] () -- C:\WINDOWS\system32\ssp3ml3.dll
MOD - [2008.03.22 21:38:00 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2008.03.22 21:38:00 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll
MOD - [2007.07.04 12:44:00 | 000,475,136 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
MOD - [2006.01.12 21:20:48 | 001,265,664 | ---- | M] () -- C:\Programme\Adobe\Acrobat 7.0\Distillr\adistres.DEU
MOD - [2006.01.12 21:20:26 | 000,019,968 | ---- | M] () -- C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.DEU
MOD - [2006.01.12 21:13:46 | 000,019,968 | ---- | M] () -- C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.FRA
MOD - [2005.10.20 18:20:24 | 000,208,896 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\DialogDLL.dll
MOD - [2005.10.11 14:18:54 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll
MOD - [2003.06.07 22:30:08 | 000,057,344 | ---- | M] () -- C:\Programme\Launch Manager\PowerUtl.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.09.08 09:11:24 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.31 16:54:37 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.02.27 01:15:42 | 000,055,144 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011.10.17 21:50:58 | 000,245,760 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Synology Data Replicator 3\SynoDrService.exe -- (SynoDrService)
SRV - [2011.04.19 17:12:22 | 000,009,216 | ---- | M] (Vodafone) [On_Demand | Stopped] -- C:\Programme\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2011.02.18 08:18:50 | 000,245,760 | ---- | M] () [Auto | Running] -- C:\Programme\Synology\Assistant\UsbClientService.exe -- (UsbClientService)
SRV - [2010.12.23 12:41:36 | 003,304,768 | ---- | M] (devolo AG) [Auto | Running] -- C:\Programme\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService)
SRV - [2010.09.23 10:49:08 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [On_Demand | Stopped] -- C:\Programme\Cobian Backup 10\cbVSCService.exe -- (cbVSCService)
SRV - [2009.12.04 15:53:42 | 000,065,248 | ---- | M] (Greatis Software (c)) [Auto | Stopped] -- C:\Programme\BootLog XP\BootLogService.exe -- (BootlogService)
SRV - [2009.10.27 10:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.07.28 17:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2007.09.28 17:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007.06.14 20:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\WINDOWS\system32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2007.03.21 14:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007.03.01 19:21:52 | 000,024,576 | ---- | M] ( ) [Auto | Running] -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe -- (eLockService)
SRV - [2007.01.17 12:20:10 | 000,061,440 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\SSPORT.sys -- (SSPORT)
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\radix_installer1009\sdthlpr.sys -- (SDTHelper)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\PLCMPR5.SYS -- (PLCMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\PCASp50.sys -- (PCASp50)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\DgiVecp.sys -- (DgiVecp)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\CHRIST~1\LOKALE~1\Temp\catchme.sys -- (catchme)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.08.21 11:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.08.21 11:13:13 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.01.29 23:55:13 | 000,013,816 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\WINDOWS\system32\unikey.sys -- (phunter)
DRV - [2012.01.15 23:08:08 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2011.10.07 17:21:06 | 000,066,048 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2011.04.18 16:43:36 | 000,114,688 | R--- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnet.sys -- (ZTEusbnet)
DRV - [2011.04.18 16:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\zteusbvoice.sys -- (ZTEusbvoice)
DRV - [2011.04.18 16:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2011.04.18 16:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2011.04.18 16:43:36 | 000,105,856 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2011.04.18 16:43:26 | 000,072,832 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011.02.18 08:20:08 | 000,046,304 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\busenum.sys -- (busenum)
DRV - [2010.09.01 15:33:12 | 000,080,000 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
DRV - [2010.06.10 13:32:14 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf_devolo.sys -- (NPF_devolo)
DRV - [2010.03.11 10:36:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2010.03.11 10:36:24 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2009.11.10 10:15:52 | 000,385,544 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2009.11.10 10:15:52 | 000,034,392 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2009.11.10 10:15:50 | 000,040,560 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2009.10.06 12:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.10.06 12:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.10.06 12:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.10.06 12:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.04.09 13:38:32 | 000,007,680 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\massfilter.sys -- (massfilter)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.03.25 17:24:22 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008.03.25 14:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2008.03.19 12:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008.01.22 21:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007.12.10 18:59:36 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007.12.10 18:59:36 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)
DRV - [2007.12.10 18:59:34 | 000,014,120 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2007.11.29 10:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007.10.18 15:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007.10.02 12:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007.09.21 06:26:48 | 001,123,328 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2007.05.30 21:04:56 | 004,424,192 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007.05.02 04:52:00 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2007.02.16 16:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006.12.22 20:56:44 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006.12.22 20:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006.12.22 20:55:56 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006.02.20 03:17:40 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2005.01.07 06:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2002.04.02 16:30:16 | 000,033,024 | ---- | M] (Colorvision Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cvspydr2.sys -- (cvspydr2)
DRV - [2000.07.24 02:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\BRPAR.SYS -- (BrPar)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {6F2894D0-8492-4C4F-BC43-709280CB71E9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{247AA57F-6A40-4B87-86FF-41F14B1DE46E}: "URL" = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{6F2894D0-8492-4C4F-BC43-709280CB71E9}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: spam@trashmail.net:2.6.2
FF - prefs.js..extensions.enabledAddons: {EDA7B1D7-F793-4e03-B074-E6F303317FB0}:1.2.7
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledAddons: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.7.9.1
FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.5.6
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1466
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.0.36605
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9
FF - prefs.js..extensions.enabledItems: spam@trashmail.net:2.0.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Programme\Nokia\Nokia PC Suite 7\bkmrksync\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\ff-bmboc@bytemobile.com: C:\Programme\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2012.01.29 22:49:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2012.10.03 21:29:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.09.08 09:11:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.06.16 06:47:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012.05.19 21:50:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
[2010.01.09 12:44:59 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Extensions
[2010.01.09 12:44:59 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.10.03 21:35:32 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\extensions
[2012.08.05 09:30:19 | 000,217,069 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\extensions\spam@trashmail.net.xpi
[2012.09.24 17:40:31 | 000,506,361 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2012.09.28 18:12:25 | 000,529,316 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012.10.03 21:35:32 | 000,741,958 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.09.15 22:34:05 | 000,823,486 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi
[2011.05.03 14:43:50 | 000,091,556 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Mozilla\Firefox\Profiles\ecjcefr4.default\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi
[2012.06.16 06:47:24 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.06.16 06:47:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.10.03 21:29:49 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAMME\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.09.08 09:11:26 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.01.23 12:50:38 | 000,170,080 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Programme\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2012.09.08 09:11:18 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.08 09:11:18 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.09.08 09:11:18 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.08 09:11:18 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.08 09:11:18 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.08 09:11:18 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012.10.02 20:02:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe (Acer Inc.)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe ()
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Programme\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [preload] C:\WINDOWS\RunXMLPL.exe (Wistron Corp.)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [StarteLock] C:\Acer\Empowering Technology\eLock\Service\startelock.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinColor.exe.lnk = C:\Programme\Pro Imaging Powertoys\Microsoft Color Control Panel Applet for Windows XP\WinColor.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\FRITZ!DSL\\sarah.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1344194921015 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\x-mem1 {C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC} - C:\WINDOWS\system32\wowctl2.dll (EzTools Software)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\ACERTX.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\ACERTX.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.10.07 18:20:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\USERNAME\Desktop\OTL.exe
[2012.10.07 18:11:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\USERNAME\Startmenü\Programme\CyberLink PowerDVD
[2012.10.07 09:36:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\BootLog XP
[2012.10.07 09:36:53 | 000,000,000 | ---D | C] -- C:\Programme\BootLog XP
[2012.10.07 09:36:21 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.10.05 19:44:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012.10.05 19:44:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012.10.05 19:44:47 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012.10.05 19:44:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012.10.05 19:44:31 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.10.05 19:42:29 | 004,762,471 | R--- | C] (Swearware) -- C:\Dokumente und Einstellungen\USERNAME\Desktop\ComboFix.exe
[2012.10.04 22:16:44 | 000,116,736 | ---- | C] (Xerox) -- C:\WINDOWS\System32\dllcache\xrxwiadr.dll
[2012.10.04 22:16:40 | 000,023,040 | ---- | C] (Xerox Corporation) -- C:\WINDOWS\System32\dllcache\xrxwbtmp.dll
[2012.10.04 22:16:22 | 000,099,865 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\xlog.exe
[2012.10.04 22:16:17 | 000,016,970 | ---- | C] (US Robotics MCD (Megahertz)) -- C:\WINDOWS\System32\dllcache\xem336n5.sys
[2012.10.04 22:14:48 | 000,154,624 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\wlluc48.sys
[2012.10.04 22:14:44 | 000,035,402 | ---- | C] (Raytheon Corp.) -- C:\WINDOWS\System32\dllcache\wlandrv2.sys
[2012.10.04 22:14:28 | 000,771,581 | ---- | C] (Rockwell) -- C:\WINDOWS\System32\dllcache\winacisa.sys
[2012.10.04 22:14:01 | 000,035,871 | ---- | C] (Winbond Electronics Corp.) -- C:\WINDOWS\System32\dllcache\wbfirdma.sys
[2012.10.04 22:13:42 | 000,016,925 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w940nd.sys
[2012.10.04 22:13:38 | 000,019,016 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w926nd.sys
[2012.10.04 22:13:34 | 000,019,528 | ---- | C] (Winbond Electronics Corporation) -- C:\WINDOWS\System32\dllcache\w840nd.sys
[2012.10.04 22:13:26 | 000,064,605 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vvoice.sys
[2012.10.04 22:13:20 | 000,397,502 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\vpctcom.sys
[2012.10.04 22:13:15 | 000,604,253 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\vmodem.sys
[2012.10.04 22:13:11 | 000,249,402 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\vinwm.sys
[2012.10.04 22:12:52 | 000,765,884 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usrti.sys
[2012.10.04 22:12:34 | 000,794,399 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806v.sys
[2012.10.04 22:12:30 | 000,793,598 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1806.sys
[2012.10.04 22:12:26 | 000,794,654 | ---- | C] (U.S. Robotics, Inc.) -- C:\WINDOWS\System32\dllcache\usr1801.sys
[2012.10.04 22:12:16 | 000,032,384 | ---- | C] (KLSI USA, Inc.) -- C:\WINDOWS\System32\dllcache\usb101et.sys
[2012.10.04 22:11:51 | 000,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.) -- C:\WINDOWS\System32\dllcache\umaxscan.dll
[2012.10.04 22:11:36 | 000,212,480 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um54scan.dll
[2012.10.04 22:11:32 | 000,216,576 | ---- | C] (UMAX Data Systems Inc.) -- C:\WINDOWS\System32\dllcache\um34scan.dll
[2012.10.04 22:11:17 | 000,166,784 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxpm.sys
[2012.10.04 22:11:13 | 000,525,568 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridxp.dll
[2012.10.04 22:11:09 | 000,159,232 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkbm.sys
[2012.10.04 22:11:06 | 000,440,576 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tridkb.dll
[2012.10.04 22:11:02 | 000,222,336 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3dm.sys
[2012.10.04 22:10:58 | 000,315,520 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\trid3d.dll
[2012.10.04 22:10:17 | 000,123,995 | ---- | C] (Tiger Jet Network) -- C:\WINDOWS\System32\dllcache\tjisdn.sys
[2012.10.04 22:10:10 | 000,138,528 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiulnt5.sys
[2012.10.04 22:10:04 | 000,081,408 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\tgiul50.dll
[2012.10.04 22:10:03 | 000,149,376 | ---- | C] (M-Systems) -- C:\WINDOWS\System32\dllcache\tffsport.sys
[2012.10.04 22:09:57 | 000,017,129 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdkcd31.sys
[2012.10.04 22:09:52 | 000,037,961 | ---- | C] (TDK Corporation) -- C:\WINDOWS\System32\dllcache\tdk100b.sys
[2012.10.04 22:09:33 | 000,036,640 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\t2r4mini.sys
[2012.10.04 22:09:29 | 000,172,768 | ---- | C] (Number Nine Visual Technology) -- C:\WINDOWS\System32\dllcache\t2r4disp.dll
[2012.10.04 22:08:52 | 000,159,744 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnprop.dll
[2012.10.04 22:08:48 | 000,053,248 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlncoin.dll
[2012.10.04 22:08:45 | 000,287,232 | ---- | C] (Stallion Technologies) -- C:\WINDOWS\System32\dllcache\stlnata.sys
[2012.10.04 22:08:39 | 000,017,152 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\stcusb.sys
[2012.10.04 22:08:30 | 000,048,736 | ---- | C] (3Com) -- C:\WINDOWS\System32\dllcache\srwlnd5.sys
[2012.10.04 22:07:19 | 000,058,368 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smiminib.sys
[2012.10.04 22:07:12 | 000,147,200 | ---- | C] (Silicon Motion Inc.) -- C:\WINDOWS\System32\dllcache\smidispb.dll
[2012.10.04 22:07:07 | 000,025,034 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smcpwr2n.sys
[2012.10.04 22:07:02 | 000,035,913 | ---- | C] (SMC) -- C:\WINDOWS\System32\dllcache\smcirda.sys
[2012.10.04 22:06:58 | 000,024,576 | ---- | C] (SMC Networks, Inc.) -- C:\WINDOWS\System32\dllcache\smc8000n.sys
[2012.10.04 22:06:27 | 000,063,547 | ---- | C] (Symbol Technologies) -- C:\WINDOWS\System32\dllcache\sla30nd5.sys
[2012.10.04 22:06:23 | 000,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) -- C:\WINDOWS\System32\dllcache\skfpwin.sys
[2012.10.04 22:06:20 | 000,095,178 | ---- | C] (SysKonnect GmbH.) -- C:\WINDOWS\System32\dllcache\sk98xwin.sys
[2012.10.04 22:06:12 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\dllcache\sisnic.sys
[2012.10.04 22:05:17 | 000,161,888 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmusb.sys
[2012.10.04 22:05:14 | 000,018,400 | ---- | C] (Micro Systemation) -- C:\WINDOWS\System32\dllcache\sgsmld.sys
[2012.10.04 22:05:10 | 000,098,080 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiulnt5.sys
[2012.10.04 22:05:07 | 000,386,560 | ---- | C] (Trident Microsystems Inc.) -- C:\WINDOWS\System32\dllcache\sgiul50.dll
[2012.10.04 22:04:35 | 000,017,792 | ---- | C] (SCM Microsystems) -- C:\WINDOWS\System32\dllcache\scr111.sys
[2012.10.04 22:04:27 | 000,023,936 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmusbm.sys
[2012.10.04 22:04:23 | 000,024,192 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\sccmn50m.sys
[2012.10.04 22:04:03 | 000,077,824 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4m.sys
[2012.10.04 22:03:59 | 000,198,400 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav4.dll
[2012.10.04 22:03:56 | 000,061,504 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[2012.10.04 22:03:53 | 000,179,264 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3sav3d.dll
[2012.10.04 22:03:50 | 000,210,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mvirge.dll
[2012.10.04 22:03:47 | 000,062,496 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mtrio.dll
[2012.10.04 22:03:43 | 000,041,216 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.sys
[2012.10.04 22:03:40 | 000,182,272 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3mt3d.dll
[2012.10.04 22:03:37 | 000,166,720 | ---- | C] (S3 Incorporated) -- C:\WINDOWS\System32\dllcache\s3m.sys
[2012.10.04 22:03:29 | 000,083,968 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia450.dll
[2012.10.04 22:03:25 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia430.dll
[2012.10.04 22:03:23 | 000,029,696 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw450ext.dll
[2012.10.04 22:03:22 | 000,027,648 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw430ext.dll
[2012.10.04 22:03:04 | 000,010,752 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[2012.10.04 22:02:51 | 000,079,360 | ---- | C] (Comtrol Corporation) -- C:\WINDOWS\System32\dllcache\rocket.sys
[2012.10.04 22:02:46 | 000,037,563 | ---- | C] (RadioLAN) -- C:\WINDOWS\System32\dllcache\rlnet5.sys
[2012.10.04 22:02:21 | 000,715,242 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[2012.10.04 22:02:18 | 000,899,658 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[2012.10.04 22:01:42 | 000,130,942 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlv.sys
[2012.10.04 22:01:38 | 000,112,574 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserlp.sys
[2012.10.04 22:01:35 | 000,128,286 | ---- | C] (PCTEL, INC.) -- C:\WINDOWS\System32\dllcache\ptserli.sys
[2012.10.04 22:01:20 | 000,016,384 | ---- | C] (SCM Microsystems, Inc.) -- C:\WINDOWS\System32\dllcache\pscr.sys
[2012.10.04 22:00:17 | 000,086,016 | ---- | C] (PCtel, Inc.) -- C:\WINDOWS\System32\dllcache\pctspk.exe
[2012.10.04 22:00:04 | 000,026,153 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pcmlm56.sys
[2012.10.04 21:59:58 | 000,029,502 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\pca200e.sys
[2012.10.04 21:59:55 | 000,030,495 | ---- | C] (Linksys) -- C:\WINDOWS\System32\dllcache\pc100nds.sys
[2012.10.04 21:59:13 | 000,054,730 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otcsercb.sys
[2012.10.04 21:59:06 | 000,027,209 | ---- | C] (Ositech Communications, Inc.) -- C:\WINDOWS\System32\dllcache\otc06x5.sys
[2012.10.04 21:59:02 | 000,054,528 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\opl3sax.sys
[2012.10.04 21:58:21 | 000,051,552 | ---- | C] (Kensington Technology Group) -- C:\WINDOWS\System32\dllcache\ntgrip.sys
[2012.10.04 21:58:04 | 000,087,040 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm6wdm.sys
[2012.10.04 21:58:00 | 000,126,080 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[2012.10.04 21:57:46 | 000,132,695 | ---- | C] (802.11b) -- C:\WINDOWS\System32\dllcache\netwlan5.sys
[2012.10.04 21:57:30 | 000,039,264 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.sys
[2012.10.04 21:57:27 | 000,060,480 | ---- | C] (NeoMagic Corporation) -- C:\WINDOWS\System32\dllcache\neo20xx.dll
[2012.10.04 21:57:17 | 000,091,488 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3disp.dll
[2012.10.04 21:57:14 | 000,027,936 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i3d.sys
[2012.10.04 21:57:10 | 000,033,088 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.sys
[2012.10.04 21:57:07 | 000,059,104 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128v2.dll
[2012.10.04 21:57:04 | 000,013,664 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.sys
[2012.10.04 21:57:01 | 000,035,392 | ---- | C] (Number Nine Visual Technology Corp.) -- C:\WINDOWS\System32\dllcache\n9i128.dll
[2012.10.04 21:56:51 | 000,076,288 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxport.sys
[2012.10.04 21:56:48 | 000,007,168 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxport.dll
[2012.10.04 21:56:45 | 000,019,968 | ---- | C] (Macronix International Co., Ltd. ) -- C:\WINDOWS\System32\dllcache\mxnic.sys
[2012.10.04 21:56:42 | 000,020,480 | ---- | C] (Moxa Technologies Co., Ltd) -- C:\WINDOWS\System32\dllcache\mxicfg.dll
[2012.10.04 21:56:39 | 000,022,144 | ---- | C] (Moxa Technologies Co., Ltd.) -- C:\WINDOWS\System32\dllcache\mxcard.sys
[2012.10.04 21:54:00 | 000,164,970 | ---- | C] (Madge Networks Ltd) -- C:\WINDOWS\System32\dllcache\mdgndis5.sys
[2012.10.04 21:53:33 | 000,797,500 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltsmt.sys
[2012.10.04 21:53:30 | 000,802,683 | ---- | C] (Lucent Technologies) -- C:\WINDOWS\System32\dllcache\ltsm.sys
[2012.10.04 21:53:29 | 000,422,016 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[2012.10.04 21:53:26 | 000,577,226 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[2012.10.04 21:53:25 | 000,607,196 | ---- | C] (LT) -- C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[2012.10.04 21:53:22 | 000,728,298 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ltck000c.sys
[2012.10.04 21:53:11 | 000,070,730 | ---- | C] (Linksys Group, Inc.) -- C:\WINDOWS\System32\dllcache\lne100tx.sys
[2012.10.04 21:53:08 | 000,020,573 | ---- | C] (The Linksts Group ) -- C:\WINDOWS\System32\dllcache\lne100.sys
[2012.10.04 21:53:05 | 000,025,065 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\lmndis3.sys
[2012.10.04 21:53:02 | 000,016,256 | ---- | C] (Litronic Industries) -- C:\WINDOWS\System32\dllcache\lit220p.sys
[2012.10.04 21:52:57 | 000,026,506 | ---- | C] (SMSC) -- C:\WINDOWS\System32\dllcache\lanepic5.sys
[2012.10.04 21:52:54 | 000,019,016 | ---- | C] (Kingston Technology Company ) -- C:\WINDOWS\System32\dllcache\ktc111.sys
[2012.10.04 21:52:22 | 000,023,552 | ---- | C] (MKNet Corporation) -- C:\WINDOWS\System32\dllcache\irmk7.sys
[2012.10.04 21:51:26 | 000,372,824 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\iconf32.dll
[2012.10.04 21:48:58 | 000,068,608 | ---- | C] (Avisioin) -- C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[2012.10.04 21:48:48 | 000,126,976 | ---- | C] (Hewlett Packard) -- C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[2012.10.04 21:48:16 | 000,028,672 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grserial.sys
[2012.10.04 21:48:14 | 000,082,560 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\grclass.sys
[2012.10.04 21:48:11 | 000,017,792 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\dllcache\gpr400.sys
[2012.10.04 21:47:47 | 000,454,912 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fxusbase.sys
[2012.10.04 21:47:36 | 000,455,296 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fusbbase.sys
[2012.10.04 21:47:34 | 000,455,680 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fus2base.sys
[2012.10.04 21:47:27 | 000,442,240 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpnpbase.sys
[2012.10.04 21:47:25 | 000,441,728 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcmbase.sys
[2012.10.04 21:47:22 | 000,444,416 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\fpcibase.sys
[2012.10.04 21:47:20 | 000,034,173 | ---- | C] (Marconi Communications, Inc.) -- C:\WINDOWS\System32\dllcache\forehe.sys
[2012.10.04 21:47:03 | 000,024,618 | ---- | C] (NETGEAR) -- C:\WINDOWS\System32\dllcache\fa410nd5.sys
[2012.10.04 21:46:59 | 000,011,850 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[2012.10.04 21:46:57 | 000,012,362 | ---- | C] (FUJITSU LIMITED) -- C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[2012.10.04 21:45:01 | 000,334,208 | ---- | C] (Yamaha Corp.) -- C:\WINDOWS\System32\dllcache\ds1wdm.sys
[2012.10.04 21:44:53 | 000,028,062 | ---- | C] (National Semiconductor Coproration) -- C:\WINDOWS\System32\dllcache\dp83820.sys
[2012.10.04 21:44:38 | 000,029,696 | ---- | C] (CNet Technology, Inc. ) -- C:\WINDOWS\System32\dllcache\dm9pci5.sys
[2012.10.04 21:44:36 | 000,026,698 | ---- | C] (D-Link Corporation) -- C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[2012.10.04 21:44:34 | 000,952,007 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diwan.sys
[2012.10.04 21:44:29 | 000,236,060 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\ditrace.exe
[2012.10.04 21:44:27 | 000,038,985 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvsu.dll
[2012.10.04 21:44:25 | 000,006,729 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\disrvci.dll
[2012.10.04 21:44:20 | 000,091,305 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\dimaint.sys
[2012.10.04 21:43:53 | 000,024,649 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650d.sys
[2012.10.04 21:43:51 | 000,024,648 | ---- | C] (D-Link) -- C:\WINDOWS\System32\dllcache\dfe650.sys
[2012.10.04 21:43:46 | 000,020,928 | ---- | C] (Digital Networks, LLC) -- C:\WINDOWS\System32\dllcache\defpa.sys
[2012.10.04 21:43:12 | 000,048,640 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwrwdm.sys
[2012.10.04 21:43:11 | 000,093,952 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcwdm.sys
[2012.10.04 21:43:09 | 000,111,872 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcspud.sys
[2012.10.04 21:43:08 | 000,003,584 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[2012.10.04 21:43:07 | 000,072,832 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbwdm.sys
[2012.10.04 21:43:05 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbmidi.sys
[2012.10.04 21:43:04 | 000,003,072 | ---- | C] (Crystal Semiconductor Corp.) -- C:\WINDOWS\System32\dllcache\cwbase.sys
[2012.10.04 21:43:02 | 000,252,928 | ---- | C] (Comtrol® Corporation) -- C:\WINDOWS\System32\dllcache\ctmasetp.dll
[2012.10.04 21:42:50 | 000,216,576 | ---- | C] (COMPAQ Inc.) -- C:\WINDOWS\System32\dllcache\cpscan.dll
[2012.10.04 21:42:26 | 000,020,864 | ---- | C] (OMNIKEY AG) -- C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[2012.10.04 21:42:13 | 000,980,034 | ---- | C] (Xircom) -- C:\WINDOWS\System32\dllcache\cicap.sys
[2012.10.04 21:42:00 | 000,049,182 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem56n5.sys
[2012.10.04 21:41:59 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem33n5.sys
[2012.10.04 21:41:58 | 000,022,556 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cem28n5.sys
[2012.10.04 21:41:57 | 000,027,164 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce3n5.sys
[2012.10.04 21:41:56 | 000,021,530 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\ce2n5.sys
[2012.10.04 21:41:51 | 000,715,210 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[2012.10.04 21:41:50 | 000,046,108 | ---- | C] (Xircom, Inc.) -- C:\WINDOWS\System32\dllcache\cben5.sys
[2012.10.04 21:41:49 | 000,039,680 | ---- | C] (Silicom Ltd.) -- C:\WINDOWS\System32\dllcache\cb325.sys
[2012.10.04 21:41:48 | 000,037,916 | ---- | C] (Fast Ethernet Controller Provider) -- C:\WINDOWS\System32\dllcache\cb102.sys
[2012.10.04 21:41:45 | 000,032,256 | ---- | C] (Eicon Technology Corporation) -- C:\WINDOWS\System32\dllcache\diapi2NT.dll
[2012.10.04 21:41:44 | 000,164,923 | ---- | C] (Eicon Technology) -- C:\WINDOWS\System32\dllcache\diapi2.sys
[2012.10.04 21:40:54 | 000,031,529 | ---- | C] (BreezeCOM) -- C:\WINDOWS\System32\dllcache\brzwlan.sys
[2012.10.04 21:40:53 | 000,010,368 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbscn.sys
[2012.10.04 21:40:52 | 000,011,008 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brusbmdm.sys
[2012.10.04 21:40:51 | 000,060,416 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brserwdm.sys
[2012.10.04 21:40:50 | 000,009,728 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brserif.dll
[2012.10.04 21:40:50 | 000,005,120 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\dllcache\brscnrsm.dll
[2012.10.04 21:40:49 | 000,039,808 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparwdm.sys
[2012.10.04 21:40:48 | 000,003,168 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brparimg.sys
[2012.10.04 21:40:45 | 000,041,472 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfusb.dll
[2012.10.04 21:40:44 | 000,032,256 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[2012.10.04 21:40:43 | 000,029,696 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmflpt.dll
[2012.10.04 21:40:42 | 000,015,360 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brmfbidi.dll
[2012.10.04 21:40:41 | 000,003,968 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltup.sys
[2012.10.04 21:40:40 | 000,012,160 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brfiltlo.sys
[2012.10.04 21:40:39 | 000,012,800 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brevif.dll
[2012.10.04 21:40:39 | 000,002,944 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brfilt.sys
[2012.10.04 21:40:38 | 000,009,728 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\dllcache\brcoinst.dll
[2012.10.04 21:40:37 | 000,019,456 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\dllcache\brbidiif.dll
[2012.10.04 21:40:31 | 000,871,388 | ---- | C] (BCM) -- C:\WINDOWS\System32\dllcache\bcmdm.sys
[2012.10.04 21:40:24 | 000,036,128 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.sys
[2012.10.04 21:40:23 | 000,342,336 | ---- | C] (3Dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\banshee.dll
[2012.10.04 21:40:22 | 000,089,952 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\b1cbase.sys
[2012.10.04 21:40:21 | 000,036,992 | ---- | C] (Aztech Systems Ltd) -- C:\WINDOWS\System32\dllcache\aztw2320.sys
[2012.10.04 21:40:20 | 000,037,568 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmwan.sys
[2012.10.04 21:40:19 | 000,144,384 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmenum.dll
[2012.10.04 21:40:18 | 000,087,552 | ---- | C] (AVM GmbH) -- C:\WINDOWS\System32\dllcache\avmcoxp.dll
[2012.10.04 21:39:37 | 000,097,354 | ---- | C] (Bay Networks, Inc.) -- C:\WINDOWS\System32\dllcache\aspndis3.sys
[2012.10.04 21:39:28 | 000,016,969 | ---- | C] (AmbiCom, Inc.) -- C:\WINDOWS\System32\dllcache\amb8002.sys
[2012.10.04 21:39:14 | 000,046,112 | ---- | C] (Adaptec, Inc ) -- C:\WINDOWS\System32\dllcache\adptsf50.sys
[2012.10.04 21:39:10 | 000,010,880 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\admjoy.sys
[2012.10.04 21:39:06 | 000,747,392 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8830.sys
[2012.10.04 21:39:05 | 000,553,984 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8820.sys
[2012.10.04 21:39:04 | 000,584,448 | ---- | C] (Aureal, Inc.) -- C:\WINDOWS\System32\dllcache\adm8810.sys
[2012.10.04 21:39:00 | 000,061,952 | ---- | C] (Farb-Flachbett-Scanner) -- C:\WINDOWS\System32\dllcache\acerscad.dll
[2012.10.04 21:38:57 | 000,462,848 | ---- | C] (Aureal Inc.) -- C:\WINDOWS\System32\dllcache\a3dapi.dll
[2012.10.04 21:38:56 | 000,098,304 | ---- | C] (Aureal Semiconductor) -- C:\WINDOWS\System32\dllcache\a3d.dll
[2012.10.04 21:38:54 | 000,148,352 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[2012.10.04 21:38:53 | 000,689,216 | ---- | C] (3dfx Interactive, Inc.) -- C:\WINDOWS\System32\dllcache\3dfxvs.dll
[2012.10.04 21:38:52 | 000,762,780 | ---- | C] (3Com, Inc.) -- C:\WINDOWS\System32\dllcache\3cwmcru.sys
[2012.10.03 21:34:45 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\USERNAME\Desktop\TFC.exe
[2012.10.03 21:31:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus
[2012.10.03 21:31:12 | 000,355,632 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012.10.03 21:31:12 | 000,021,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012.10.03 21:31:07 | 000,035,928 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012.10.03 21:31:06 | 000,054,232 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012.10.03 21:31:05 | 000,729,752 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012.10.03 21:31:04 | 000,097,608 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012.10.03 21:31:04 | 000,089,624 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012.10.03 21:31:03 | 000,025,256 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012.10.03 21:29:37 | 000,041,224 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012.10.03 21:29:34 | 000,227,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012.10.03 21:27:42 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2012.10.03 21:27:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012.10.02 22:35:35 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.10.02 19:44:46 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012.10.02 19:07:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2012.09.29 16:40:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\USERNAME\Desktop\Defogger
[2012.09.29 15:29:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Malwarebytes
[2012.09.29 15:28:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.09.29 15:28:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.09.29 15:28:51 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.09.29 15:28:50 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.09.09 17:04:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\USERNAME\Lokale Einstellungen\Anwendungsdaten\Sun
========== Files - Modified Within 30 Days ==========
[2012.10.07 18:20:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\USERNAME\Desktop\OTL.exe
[2012.10.07 18:09:09 | 000,000,314 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.10.07 18:08:51 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.10.07 18:08:13 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.07 18:06:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.10.07 18:06:10 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.07 09:57:04 | 000,001,096 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.07 09:50:53 | 262,406,144 | ---- | M] () -- C:\LogFile.Etl
[2012.10.05 19:43:03 | 004,762,471 | R--- | M] (Swearware) -- C:\Dokumente und Einstellungen\USERNAME\Desktop\ComboFix.exe
[2012.10.04 20:59:17 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012.10.03 21:34:54 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\USERNAME\Desktop\TFC.exe
[2012.10.03 21:31:13 | 000,001,657 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2012.10.03 21:31:05 | 000,003,001 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.10.03 20:36:49 | 000,341,832 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.10.02 20:02:41 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.09.30 15:29:20 | 000,007,254 | RHS- | M] () -- C:\Dokumente und Einstellungen\All Users\ntuser.pol
[2012.09.30 12:13:57 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\USERNAME\Desktop\Microsoft Word 2003.lnk
[2012.09.13 23:07:28 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== Files Created - No Company Name ==========
[2012.10.07 09:41:04 | 262,406,144 | ---- | C] () -- C:\LogFile.Etl
[2012.10.05 19:44:47 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012.10.05 19:44:47 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012.10.05 19:44:47 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012.10.05 19:44:47 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012.10.05 19:44:47 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012.10.04 22:16:39 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxscnui.dll
[2012.10.04 22:16:35 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xrxftplt.exe
[2012.10.04 22:02:42 | 000,086,097 | ---- | C] () -- C:\WINDOWS\System32\dllcache\reslog32.dll
[2012.10.04 22:01:29 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012.10.04 22:01:23 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012.10.04 21:59:10 | 000,044,105 | ---- | C] () -- C:\WINDOWS\System32\dllcache\otceth5.sys
[2012.10.04 21:55:05 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012.10.04 21:48:56 | 000,165,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt53.dll
[2012.10.04 21:48:51 | 000,093,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt42.dll
[2012.10.04 21:48:46 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt34.dll
[2012.10.04 21:48:41 | 000,089,088 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt33.dll
[2012.10.04 21:48:36 | 000,083,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hpgt21.dll
[2012.10.04 21:44:33 | 000,029,768 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divasu.dll
[2012.10.04 21:44:31 | 000,037,962 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaprop.dll
[2012.10.04 21:44:30 | 000,006,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\divaci.dll
[2012.10.04 21:44:26 | 000,031,817 | ---- | C] () -- C:\WINDOWS\System32\dllcache\disrvpp.dll
[2012.10.04 21:40:05 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativxbar.sys
[2012.10.04 21:40:05 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atixbar.sys
[2012.10.04 21:40:04 | 000,019,456 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativttxx.sys
[2012.10.04 21:40:03 | 000,009,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ativmdcd.sys
[2012.10.04 21:40:02 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitvsnd.sys
[2012.10.04 21:40:01 | 000,026,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtsnd.sys
[2012.10.04 21:40:01 | 000,017,152 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atitunep.sys
[2012.10.04 21:40:00 | 000,049,920 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atirtcap.sys
[2012.10.04 21:39:57 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atipcxxx.sys
[2012.10.04 21:39:49 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\dllcache\atibt829.sys
[2012.10.04 20:59:24 | 000,001,177 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WinColor.exe.lnk
[2012.10.03 21:31:13 | 000,001,657 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\avast! Free Antivirus.lnk
[2012.10.03 21:31:05 | 000,000,314 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012.10.02 19:45:12 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012.10.02 19:45:05 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2012.09.29 19:40:49 | 2137,444,352 | -HS- | C] () -- C:\hiberfil.sys
[2012.05.20 01:22:20 | 000,000,030 | ---- | C] () -- C:\Programme\Exiferupdate.ini
[2012.05.07 20:04:20 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2012.05.07 20:00:31 | 000,107,520 | RHS- | C] () -- C:\WINDOWS\System32\TAKDSDecoder.dll
[2012.05.07 17:13:49 | 008,913,920 | ---- | C] () -- C:\WINDOWS\System32\mp22.dll
[2012.04.21 13:06:04 | 000,007,254 | RHS- | C] () -- C:\Dokumente und Einstellungen\All Users\ntuser.pol
[2012.04.19 22:20:02 | 000,000,182 | ---- | C] () -- C:\WINDOWS\venple.ini
[2012.03.10 13:39:25 | 000,000,031 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012.02.16 08:16:16 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.12 23:40:10 | 000,482,408 | ---- | C] () -- C:\WINDOWS\ssndii.exe
[2012.02.12 23:38:06 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\ssp3ml3.dll
[2012.02.06 21:54:46 | 000,000,040 | ---- | C] () -- C:\WINDOWS\BO5150D.INI
[2012.02.06 21:53:12 | 000,000,142 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2012.02.06 21:53:12 | 000,000,040 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI
[2012.02.06 21:53:12 | 000,000,023 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2012.02.06 21:53:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\bw5150d.ini
[2012.02.06 21:53:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2012.02.06 21:53:11 | 000,000,052 | ---- | C] () -- C:\WINDOWS\brpp2ka.ini
[2012.02.06 21:52:59 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC32.DLL
[2012.02.06 21:52:59 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC16.DLL
[2012.02.06 21:52:58 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2012.02.06 21:52:56 | 000,015,108 | ---- | C] () -- C:\WINDOWS\HL-5150D.INI
[2012.02.06 21:52:47 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\BRSS01A.ini
[2012.02.06 21:47:54 | 000,000,060 | R--- | C] () -- C:\Programme\BRINST.INI
[2012.01.29 23:51:38 | 000,013,816 | ---- | C] () -- C:\WINDOWS\System32\unikey.sys
[2011.11.25 23:00:41 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011.11.25 23:00:41 | 000,000,058 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\Lokale Einstellungen\Anwendungsdaten\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011.10.31 22:52:41 | 000,000,127 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\qtdsyncmonitor.xml
[2011.10.31 22:10:59 | 000,000,394 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\qtdsync.xml
[2011.08.13 19:05:28 | 000,000,432 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011.08.13 19:05:28 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2030.DAT
[2011.08.08 00:00:17 | 000,000,043 | ---- | C] () -- C:\WINDOWS\GSWIN32.INI
[2011.07.21 22:58:53 | 000,000,001 | R--- | C] () -- C:\Dokumente und Einstellungen\USERNAME\serverport
[2011.04.18 16:39:56 | 000,226,364 | R--- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DeviceManager.xml.rc4
[2009.03.20 23:42:14 | 000,003,899 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.html-tasks
[2009.03.20 23:42:14 | 000,003,800 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.html-resources
[2009.03.20 23:42:14 | 000,003,713 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.html
[2009.03.20 23:42:14 | 000,003,163 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.html-chart
[2009.03.20 23:42:14 | 000,002,438 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.html.png
[2009.03.20 23:42:14 | 000,002,414 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.html.res.png
[2009.03.20 23:41:14 | 000,003,404 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.ganttproject
[2009.03.20 22:27:03 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\.recently-used
[2008.12.28 14:37:53 | 000,078,336 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.20 00:14:01 | 000,000,142 | ---- | C] () -- C:\Dokumente und Einstellungen\USERNAME\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
========== ZeroAccess Check ==========
[2008.03.22 21:34:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2012.10.03 21:27:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012.03.16 16:04:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2009.04.02 22:25:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2009.02.08 11:59:42 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2010.01.16 17:58:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\explauncher
[2010.01.08 22:13:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2009.12.22 19:58:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ISDNWatch
[2008.12.04 22:36:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LightScribe
[2010.01.08 22:14:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2012.03.07 12:46:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ntrip0
[2010.06.22 19:07:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panasonic
[2010.01.16 20:10:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Paragon
[2010.01.08 22:06:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2008.11.20 23:24:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\photools.com
[2009.02.08 12:19:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2012.01.29 22:59:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Vodafone
[2011.07.20 16:21:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2010.05.26 20:41:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.10.07 18:49:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011.07.01 23:03:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Amazon
[2012.01.19 23:48:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Assimil_d_ru
[2009.04.02 22:25:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Buhl Data Service
[2010.01.29 22:31:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Canon
[2011.11.25 23:00:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\DonationCoder
[2012.05.07 19:20:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\DVDVideoSoft
[2008.12.22 17:56:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\ePaperPress
[2009.10.21 20:49:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\FileZilla
[2012.02.25 11:09:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Foxit Software
[2010.03.07 18:04:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\FRITZ!
[2009.12.22 19:58:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\FRITZ!fax für FRITZ!Box
[2012.01.15 23:18:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\KeePass
[2010.01.08 22:14:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Nokia
[2008.11.21 00:52:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\OfficeUpdate12
[2009.01.21 22:02:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Opera
[2010.01.09 19:18:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\PC Suite
[2010.10.19 21:40:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Philipp Winterberg
[2008.11.20 23:27:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\photools.com
[2010.02.07 21:49:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Process Hacker
[2009.02.08 12:19:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\ScanSoft
[2011.08.20 17:31:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\TeamViewer
[2010.01.09 12:44:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Thunderbird
[2012.01.16 00:00:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\TrueCrypt
[2012.04.19 22:21:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Vensim
[2012.01.29 22:57:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Vodafone
[2012.02.06 00:41:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\USERNAME\Anwendungsdaten\Vodafone Mobile Broadband
========== Purity Check ==========
< End of report > --- --- ---
--- --- ---
Hier die Extras.log
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 07.10.2012 18:22:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\USERNAME\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 65,00% Memory free
3,84 Gb Paging File | 3,18 Gb Available in Paging File | 82,79% Paging File free
Paging file location(s): C:\pagefile.sys 2048 2048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 69,65 Gb Total Space | 9,84 Gb Free Space | 14,14% Space Free | Partition Type: NTFS
Drive D: | 69,64 Gb Total Space | 9,40 Gb Free Space | 13,51% Space Free | Partition Type: NTFS
Computer Name: USERNAME_PC | User Name: USERNAME | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Digital Photo Professional] -- C:\Programme\Canon\Digital Photo Professional\DPP\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Scrabblev2_0\Scrabble v2.0.exe" = C:\Programme\Scrabblev2_0\Scrabble v2.0.exe:*:Disabled:Scrabble v2.0 -- ()
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programme\FRITZ!\FriFax32.exe" = C:\Programme\FRITZ!\FriFax32.exe:*:Enabled:FRITZ!fax -- (AVM Berlin)
"C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programme\FRITZ!DSL\IGDCTRL.EXE" = C:\Programme\FRITZ!DSL\IGDCTRL.EXE:*:Enabled:AVM FRITZ!DSL - igdctrl.exe -- (AVM Berlin)
"C:\Programme\FRITZ!DSL\FBOXUPD.EXE" = C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!DSL - fboxupd.exe -- (AVM Berlin)
"C:\Programme\FRITZ!DSL\WebwaIgd.exe" = C:\Programme\FRITZ!DSL\WebwaIgd.exe:*:Enabled:AVM FRITZ!DSL - webwaigd.exe -- (AVM Berlin)
"C:\Dokumente und Einstellungen\USERNAME\Lokale Einstellungen\Apps\2.0\GLXC4G2V.YVY\67Q04YGR.6LT\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe" = C:\Dokumente und Einstellungen\USERNAME\Lokale Einstellungen\Apps\2.0\GLXC4G2V.YVY\67Q04YGR.6LT\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe:*:Enabled:FRITZ!Box USB-Fernanschluss -- (AVM Berlin)
"C:\Programme\TeamViewer\Version6\TeamViewer.exe" = C:\Programme\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Programme\Synology\Assistant\DSAssistant.exe" = C:\Programme\Synology\Assistant\DSAssistant.exe:*:Enabled:DSAssistant -- ()
"C:\Programme\Synology Data Replicator 3\Backup.exe" = C:\Programme\Synology Data Replicator 3\Backup.exe:*:Enabled:Data Replicator -- (Synology Inc.)
"C:\Programme\devolo\dlan\devolonetsvc.exe" = C:\Programme\devolo\dlan\devolonetsvc.exe:*:Enabled:devolo dLAN Cockpit -- (devolo AG)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C58EBE-223E-4AB6-8AE9-38F27F4420BD}" = WISO Sparbuch 2009
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{0443A856-B498-4FF9-8C15-4B7057242783}" = HD Writer 2.6E for HDC
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX700_series" = Canon MX700 series
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2899C5-8938-4232-98CC-7A075ECB3172}" = t@x 2010 Standard
"{1F2C8256-2773-46C7-9ABA-3E39C24ABB51}" = Acer eSettings Management
"{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = PhotoStitch
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2DFB5485-A3EF-4298-9280-4AF80C9F4BE9}" = Microsoft SQL Server VSS Writer
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A6F4A31-8CFD-46B4-8385-E1F384DB121E}" = PDF-XChange Viewer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{485DF5E7-8379-4BFA-BAE1-9B8DBFE0D6B4}" = Paragon Backup & Recovery™ 10 Kompakt
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AAD21AD-EE06-46C9-8B57-28D53DF9FB06}_is1" = NTRIP
"{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management
"{4BA6C917-E51C-4C49-9CD6-381A0A441CFD}" = PTLens
"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{547DCEC7-DD2A-47E9-82C7-5CF1EAB526DA}" = Microsoft SQL Server Native Client
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74A929E2-FBD8-4736-A84E-2ABBB2ABADF2}" = AVM FRITZ!DSL
"{74BE7519-41A7-45A8-8AA6-78C7907A4808}" = EOS Capture 1.2
"{750CF8D7-4B04-404F-AFA2-14C129C42373}" = EOS Viewer Utility 1.2.1
"{75171746-D5CA-4831-948C-B7EAC696E63D}" = IMatch 3.6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846E4C72-DF45-43ED-1680-EDF5F87F279E}" = dLAN Cockpit
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8B92D97D-DB3D-4926-A8F7-718FE7C5EE18}" = iTunes
"{8E310838-457C-4269-B177-3EFB300CBDDC}" = Synology Data Replicator 3
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A99A1AE2-5EAB-4742-91DB-72A8B2F9529C}" = HardlinkBackup
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-1033-F400-BA7E-100000000002}" = Adobe Acrobat 7.0 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2012.build.51 (April 7, 2012) Version v2012.build.51
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE378F36-E404-4244-A33F-F50A2A6D31BD}" = Microsoft Color Control Panel Applet for Windows XP
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}" = Broadcom Gigabit Integrated Controller
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3}" = Canon Camera WIA Driver
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"{FE3D551C-0B6F-4BAA-B4C1-2F0646E52886}}_is1" = Assimil Russisch ohne Mühe heute
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows-Treiberpaket - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.62
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows-Treiberpaket - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Acrobat 7.0 Standard - EFG - V" = Adobe Acrobat 7.1.3 Standard - English, Français, Deutsch
"Adobe Acrobat 7.0 Standard - EFG - V_713" = Adobe Acrobat 7.1.3 - CPSID_49168
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AktienProfi_is1" = AktienProfi 3.20.2
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"avast" = avast! Free Antivirus
"BootLog XP_is1" = BootLog XP
"Bridge Construction Set_is1" = Bridge Construction Set 1.37
"Brother HL-5150D" = Brother HL-5150D
"CamStudio" = CamStudio
"Canon MX700 series Benutzerregistrierung" = Canon MX700 series Benutzerregistrierung
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"CobBackup10" = Cobian Backup 10
"Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1" = dLAN Cockpit
"DPP" = Canon Utilities Digital Photo Professional 3.9
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"ESET Online Scanner" = ESET Online Scanner v3
"Exifer_is1" = Exifer
"ExposurePlot_is1" = ExposurePlot 1.14
"GML Undistorter_is1" = GML Undistorter 1.05
"GPS-Track-Analyse.NET 6.0_is1" = GPS-Track-Analyse.NET 6.0
"GridVista" = Acer GridVista
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}" = NTI Backup NOW! 4.7
"InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{4AD13F68-CADA-4C6B-9759-C33753F89908}" = Acer eDataSecurity Management 2.2.5097
"InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}" = NTI Shadow
"InstallShield_{74BE7519-41A7-45A8-8AA6-78C7907A4808}" = Canon Utilities EOS Capture 1.2
"InstallShield_{750CF8D7-4B04-404F-AFA2-14C129C42373}" = Canon Utilities EOS Viewer Utility 1.2
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{ED9775A0-383E-4EAA-8DA5-8CC6860D60A3}" = Canon EOS 20D WIA-Treiber
"IrfanView" = IrfanView (remove only)
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.18
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"Mozilla Thunderbird 15.0.1 (x86 de)" = Mozilla Thunderbird 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"Neat Image_is1" = Neat Image v5.0 Home
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"OpenAL" = OpenAL
"Opera 12.02.1578" = Opera 12.02
"Pontifex" = Pontifex
"Process_Hacker_is1" = Process Hacker 1.8
"RarZilla Free Unrar" = RarZilla Free Unrar
"Recuva" = Recuva
"Samsung ML-2855 Series" = Samsung ML-2855 Series
"Scrabble v2.0" = Scrabble v2.0
"SpeedFan" = SpeedFan (remove only)
"Spyder2express" = Spyder2express
"Synology Assistant" = Synology Assistant (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 6" = TeamViewer 6
"TrueCrypt" = TrueCrypt
"VLC media player" = VLC media player 2.0.2
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"YDKJG2" = YOU DON'T KNOW JACK® 2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f018cf21c0452c64" = AVM FRITZ!Box USB-Fernanschluss
"STANLY Track" = STANLY Track
"STANLY Track EDDM" = STANLY Track EDDM
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 04.10.2012 15:18:21 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = Fehler beim Entschlüsseln.
Error - 04.10.2012 15:18:22 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
Error - 05.10.2012 10:10:55 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = Fehler beim Entschlüsseln.
Error - 05.10.2012 10:10:57 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
Error - 06.10.2012 05:23:31 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = Fehler beim Entschlüsseln.
Error - 06.10.2012 05:23:34 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
Error - 07.10.2012 03:43:37 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = Fehler beim Entschlüsseln.
Error - 07.10.2012 03:43:47 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
Error - 07.10.2012 12:08:05 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 15466
Description = Fehler beim Entschlüsseln.
Error - 07.10.2012 12:08:08 | Computer Name = USERNAME_PC | Source = MSSQL$MSSMLBIZ | ID = 17190
Description = Fehler beim Initialisieren des FallBack-Zertifikats. Fehlercode: 1.
[ System Events ]
Error - 07.10.2012 03:44:24 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IMAPI-CD-Brenn-COM-Dienste" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 07.10.2012 03:47:58 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst eLock
Service.
Error - 07.10.2012 12:08:48 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Treiber für parallelen Anschluss" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 07.10.2012 12:08:48 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7002
Description = Der Dienst "BrPar" ist von der Gruppe "Parallel arbitrator" abhängig.
Kein Mitglied dieser Gruppe wurde jedoch gestartet.
Error - 07.10.2012 12:08:48 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 07.10.2012 12:08:48 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Cyberlink
RichVideo Service(CRVS).
Error - 07.10.2012 12:08:48 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 07.10.2012 12:08:48 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSPORT" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 07.10.2012 12:08:48 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst eLock
Service.
Error - 07.10.2012 12:12:13 | Computer Name = USERNAME_PC | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst eLock
Service.
< End of report > --- --- ---
Habe mit BootLog XP mal eine Aufzeichnung gemacht.
Der Bootvorgang ab Desktop beträgt demnach knapp 11 min.
Richtig lange braucht dabei folgender Prozess, aber es gibt noch mehrere, die über 5 min. brauchen: Code:
Path: C:\WINDOWS\system32\svchost.exe
Start: 115,457 sec Duration: 401,524 sec
ID: 1468 07.10.2012 09:41:34.175
DLL's:
C:\WINDOWS\system32\svchost.exe Start: 115,457 sec
C:\WINDOWS\system32\ntdll.dll Start: 115,457 sec
C:\WINDOWS\system32\kernel32.dll Start: 115,458 sec
C:\WINDOWS\system32\advapi32.dll Start: 115,463 sec
C:\WINDOWS\system32\rpcrt4.dll Start: 115,463 sec
C:\WINDOWS\system32\secur32.dll Start: 115,463 sec
C:\WINDOWS\system32\shimeng.dll Start: 115,463 sec
C:\WINDOWS\AppPatch\acgenral.dll Start: 115,464 sec
C:\WINDOWS\system32\user32.dll Start: 115,464 sec
C:\WINDOWS\system32\gdi32.dll Start: 115,464 sec
C:\WINDOWS\system32\winmm.dll Start: 115,464 sec
C:\WINDOWS\system32\ole32.dll Start: 115,464 sec
C:\WINDOWS\system32\msvcrt.dll Start: 115,466 sec
C:\WINDOWS\system32\oleaut32.dll Start: 115,466 sec
C:\WINDOWS\system32\msacm32.dll Start: 115,466 sec
C:\WINDOWS\system32\version.dll Start: 115,466 sec
C:\WINDOWS\system32\shell32.dll Start: 115,466 sec
C:\WINDOWS\system32\shlwapi.dll Start: 115,467 sec
C:\WINDOWS\system32\userenv.dll Start: 115,467 sec
C:\WINDOWS\system32\uxtheme.dll Start: 115,467 sec
C:\WINDOWS\system32\imm32.dll Start: 115,474 sec
C:\WINDOWS\system32\lpk.dll Start: 115,474 sec
C:\WINDOWS\system32\usp10.dll Start: 115,475 sec
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll Start: 115,492 sec
C:\WINDOWS\system32\comctl32.dll Start: 115,504 sec
C:\WINDOWS\system32\ntmarta.dll Start: 115,508 sec
C:\WINDOWS\system32\samlib.dll Start: 115,508 sec
C:\WINDOWS\system32\wldap32.dll Start: 115,508 sec
C:\WINDOWS\system32\xpsp2res.dll Start: 115,512 sec
C:\WINDOWS\system32\shsvcs.dll Start: 115,515 sec
C:\WINDOWS\system32\winsta.dll Start: 115,521 sec
C:\WINDOWS\system32\netapi32.dll Start: 115,522 sec
C:\WINDOWS\system32\rsaenh.dll Start: 116,252 sec
C:\WINDOWS\system32\dhcpcsvc.dll Start: 117,468 sec
C:\WINDOWS\system32\dnsapi.dll Start: 117,47 sec
C:\WINDOWS\system32\ws2_32.dll Start: 117,47 sec
C:\WINDOWS\system32\ws2help.dll Start: 117,471 sec
C:\WINDOWS\system32\iphlpapi.dll Start: 117,471 sec
C:\WINDOWS\system32\msapsspc.dll Start: 117,843 sec
C:\WINDOWS\system32\msvcrt40.dll Start: 117,844 sec
C:\WINDOWS\system32\schannel.dll Start: 117,848 sec
C:\WINDOWS\system32\crypt32.dll Start: 117,851 sec
C:\WINDOWS\system32\msasn1.dll Start: 117,851 sec
C:\WINDOWS\system32\digest.dll Start: 117,883 sec
C:\WINDOWS\system32\msnsspc.dll Start: 117,884 sec
C:\WINDOWS\system32\msvcrt40.dll Start: 117,885 sec
C:\Programme\FRITZ!DSL\SARAH.DLL Start: 117,887 sec
C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll Start: 117,898 sec
C:\Programme\FRITZ!DSL\BLOCK.DLL Start: 117,901 sec
C:\WINDOWS\system32\mswsock.dll Start: 117,925 sec
C:\WINDOWS\system32\hnetcfg.dll Start: 117,925 sec
C:\WINDOWS\system32\wshtcpip.dll Start: 117,929 sec
C:\WINDOWS\system32\wzcsvc.dll Start: 119,151 sec
C:\WINDOWS\system32\rtutils.dll Start: 119,152 sec
C:\WINDOWS\system32\wmi.dll Start: 119,152 sec
C:\WINDOWS\system32\crypt32.dll Start: 119,152 sec
C:\WINDOWS\system32\msasn1.dll Start: 119,153 sec
C:\WINDOWS\system32\eapolqec.dll Start: 119,153 sec
C:\WINDOWS\system32\atl.dll Start: 119,153 sec
C:\WINDOWS\system32\qutil.dll Start: 119,154 sec
C:\WINDOWS\system32\msvcp60.dll Start: 119,154 sec
C:\WINDOWS\system32\dot3api.dll Start: 119,155 sec
C:\WINDOWS\system32\wtsapi32.dll Start: 119,156 sec
C:\WINDOWS\system32\esent.dll Start: 119,156 sec
C:\WINDOWS\system32\irmon.dll Start: 119,277 sec
C:\WINDOWS\system32\msv1_0.dll Start: 119,278 sec
C:\WINDOWS\system32\cryptdll.dll Start: 119,279 sec
C:\WINDOWS\system32\clbcatq.dll Start: 119,316 sec
C:\WINDOWS\system32\comres.dll Start: 119,317 sec
C:\WINDOWS\system32\rastls.dll Start: 119,328 sec
C:\WINDOWS\system32\cryptui.dll Start: 119,329 sec
C:\WINDOWS\system32\wininet.dll Start: 119,343 sec
C:\WINDOWS\system32\normaliz.dll Start: 119,344 sec
C:\WINDOWS\system32\urlmon.dll Start: 119,344 sec
C:\WINDOWS\system32\iertutil.dll Start: 119,346 sec
C:\WINDOWS\system32\wintrust.dll Start: 119,355 sec
C:\WINDOWS\system32\imagehlp.dll Start: 119,355 sec
C:\WINDOWS\system32\mprapi.dll Start: 119,364 sec
C:\WINDOWS\system32\activeds.dll Start: 119,364 sec
C:\WINDOWS\system32\adsldpc.dll Start: 119,364 sec
C:\WINDOWS\system32\setupapi.dll Start: 119,365 sec
C:\WINDOWS\system32\rasapi32.dll Start: 119,365 sec
C:\WINDOWS\system32\rasman.dll Start: 119,365 sec
C:\WINDOWS\system32\tapi32.dll Start: 119,366 sec
C:\WINDOWS\system32\schannel.dll Start: 119,366 sec
C:\WINDOWS\system32\winscard.dll Start: 119,366 sec
C:\WINDOWS\system32\psapi.dll Start: 119,368 sec
C:\WINDOWS\system32\riched20.dll Start: 119,399 sec
C:\WINDOWS\system32\raschap.dll Start: 119,42 sec
C:\WINDOWS\system32\wshirda.dll Start: 119,42 sec
C:\WINDOWS\system32\netman.dll Start: 119,539 sec
C:\WINDOWS\system32\netshell.dll Start: 119,541 sec
C:\WINDOWS\system32\credui.dll Start: 119,541 sec
C:\WINDOWS\system32\dot3dlg.dll Start: 119,541 sec
C:\WINDOWS\system32\onex.dll Start: 119,541 sec
C:\WINDOWS\system32\eappcfg.dll Start: 119,541 sec
C:\WINDOWS\system32\eappprxy.dll Start: 119,541 sec
C:\WINDOWS\system32\wzcsapi.dll Start: 119,542 sec
C:\WINDOWS\system32\mlang.dll Start: 122,774 sec
C:\WINDOWS\system32\xmlprovi.dll Start: 122,796 sec
C:\WINDOWS\system32\wzcsapi.dll Start: 122,796 sec
C:\WINDOWS\system32\schedsvc.dll Start: 123,073 sec
C:\WINDOWS\system32\ntdsapi.dll Start: 123,073 sec
C:\WINDOWS\system32\kbdgr.dll Start: 123,132 sec
C:\WINDOWS\system32\msidle.dll Start: 123,136 sec
C:\WINDOWS\system32\audiosrv.dll Start: 123,517 sec
C:\WINDOWS\system32\wkssvc.dll Start: 123,625 sec
C:\WINDOWS\system32\cryptsvc.dll Start: 130,64 sec
C:\WINDOWS\system32\certcli.dll Start: 130,64 sec
C:\WINDOWS\system32\dmserver.dll Start: 130,762 sec
C:\WINDOWS\system32\ersvc.dll Start: 130,767 sec
C:\WINDOWS\system32\es.dll Start: 130,782 sec
C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll Start: 131,042 sec
C:\WINDOWS\system32\srvsvc.dll Start: 132,67 sec
C:\WINDOWS\system32\netmsg.dll Start: 133,197 sec
C:\WINDOWS\system32\netman.dll Start: 150,765 sec
C:\WINDOWS\system32\netshell.dll Start: 150,768 sec
C:\WINDOWS\system32\credui.dll Start: 150,768 sec
C:\WINDOWS\system32\dot3dlg.dll Start: 150,769 sec
C:\WINDOWS\system32\onex.dll Start: 150,77 sec
C:\WINDOWS\system32\eappcfg.dll Start: 150,77 sec
C:\WINDOWS\system32\eappprxy.dll Start: 150,771 sec
C:\WINDOWS\system32\seclogon.dll Start: 155,438 sec
C:\WINDOWS\system32\srsvc.dll Start: 157,925 sec
C:\WINDOWS\system32\powrprof.dll Start: 159,097 sec
C:\WINDOWS\system32\sens.dll Start: 159,337 sec
C:\WINDOWS\system32\trkwks.dll Start: 161,63 sec
C:\WINDOWS\system32\tapisrv.dll Start: 162,482 sec
C:\WINDOWS\system32\w32time.dll Start: 163,836 sec
C:\WINDOWS\system32\wbem\wmisvc.dll Start: 165,165 sec
C:\WINDOWS\system32\vssapi.dll Start: 166,194 sec
C:\WINDOWS\system32\wscsvc.dll Start: 170,363 sec
C:\WINDOWS\system32\msi.dll Start: 170,965 sec
C:\WINDOWS\system32\wbem\wbemcore.dll Start: 171,312 sec
C:\WINDOWS\system32\wbem\esscli.dll Start: 172,255 sec
C:\WINDOWS\system32\wbem\wbemcomn.dll Start: 173,195 sec
C:\WINDOWS\system32\wbem\fastprox.dll Start: 173,35 sec
C:\WINDOWS\system32\actxprxy.dll Start: 177,06 sec
C:\WINDOWS\system32\wuauserv.dll Start: 177,961 sec
C:\WINDOWS\system32\sxs.dll Start: 178,39 sec
C:\WINDOWS\system32\wuaueng.dll Start: 178,661 sec
C:\WINDOWS\system32\winspool.drv Start: 179,184 sec
C:\WINDOWS\system32\winhttp.dll Start: 179,389 sec
C:\WINDOWS\system32\cabinet.dll Start: 179,567 sec
C:\WINDOWS\system32\mspatcha.dll Start: 180,203 sec
C:\WINDOWS\system32\browser.dll Start: 182,879 sec
C:\WINDOWS\system32\wbem\wbemprox.dll Start: 183,452 sec
C:\WINDOWS\system32\wbem\wbemsvc.dll Start: 183,818 sec
C:\WINDOWS\system32\comsvcs.dll Start: 185,311 sec
C:\WINDOWS\system32\colbact.dll Start: 186,357 sec
C:\WINDOWS\system32\mtxclu.dll Start: 187,173 sec
C:\WINDOWS\system32\wsock32.dll Start: 187,939 sec
C:\WINDOWS\system32\clusapi.dll Start: 188,777 sec
C:\WINDOWS\system32\resutils.dll Start: 189,561 sec
C:\WINDOWS\system32\sfc.dll Start: 191,625 sec
C:\WINDOWS\system32\sfc_os.dll Start: 191,626 sec
C:\WINDOWS\system32\wbem\wmiutils.dll Start: 192,135 sec
C:\WINDOWS\system32\wups.dll Start: 193,187 sec
C:\WINDOWS\system32\wups2.dll Start: 193,765 sec
C:\WINDOWS\system32\wbem\repdrvfs.dll Start: 194,784 sec
C:\WINDOWS\system32\wbem\wmiprvsd.dll Start: 199,288 sec
C:\WINDOWS\system32\ncobjapi.dll Start: 199,788 sec
C:\WINDOWS\system32\wbem\wbemess.dll Start: 203,035 sec
C:\WINDOWS\system32\apphelp.dll Start: 205,2 sec
C:\WINDOWS\system32\ipnathlp.dll Start: 207,512 sec
C:\WINDOWS\system32\authz.dll Start: 208,215 sec
C:\WINDOWS\system32\unimdm.tsp Start: 209,434 sec
C:\WINDOWS\system32\uniplat.dll Start: 210,284 sec
C:\WINDOWS\system32\unimdmat.dll Start: 211,523 sec
C:\WINDOWS\system32\modemui.dll Start: 213,516 sec
C:\WINDOWS\system32\kmddsp.tsp Start: 214,787 sec
C:\WINDOWS\system32\ndptsp.tsp Start: 215,746 sec
C:\WINDOWS\system32\ipconf.tsp Start: 216,996 sec
C:\WINDOWS\system32\h323.tsp Start: 217,613 sec
C:\WINDOWS\system32\hidphone.tsp Start: 219,571 sec
C:\WINDOWS\system32\hid.dll Start: 220,777 sec
C:\WINDOWS\system32\wuapi.dll Start: 221,417 sec
C:\WINDOWS\system32\wups.dll Start: 223,871 sec
C:\WINDOWS\system32\upnp.dll Start: 227,303 sec
C:\WINDOWS\system32\ssdpapi.dll Start: 228,447 sec
C:\WINDOWS\system32\wbem\ncprov.dll Start: 231,05 sec
C:\WINDOWS\system32\wbem\wbemcons.dll Start: 234,26 sec
C:\WINDOWS\system32\netcfgx.dll Start: 237,035 sec
C:\WINDOWS\system32\wups2.dll Start: 238,288 sec
C:\WINDOWS\system32\rasmans.dll Start: 240,407 sec
C:\WINDOWS\system32\winipsec.dll Start: 241,407 sec
C:\WINDOWS\system32\rastapi.dll Start: 253,135 sec
C:\WINDOWS\system32\unimdm.tsp Start: 254,216 sec
C:\WINDOWS\system32\uniplat.dll Start: 254,574 sec
C:\WINDOWS\system32\unimdmat.dll Start: 254,788 sec
C:\WINDOWS\system32\modemui.dll Start: 254,799 sec
C:\WINDOWS\system32\kmddsp.tsp Start: 254,84 sec
C:\WINDOWS\system32\ndptsp.tsp Start: 254,843 sec
C:\WINDOWS\system32\ipconf.tsp Start: 254,847 sec
C:\WINDOWS\system32\h323.tsp Start: 254,85 sec
C:\WINDOWS\system32\hidphone.tsp Start: 254,852 sec
C:\WINDOWS\system32\hid.dll Start: 254,852 sec
C:\WINDOWS\system32\rasppp.dll Start: 255,087 sec
C:\WINDOWS\system32\ntlsapi.dll Start: 257,124 sec
C:\WINDOWS\system32\kerberos.dll Start: 257,991 sec
C:\WINDOWS\system32\rasqec.dll Start: 259,281 sec
C:\WINDOWS\system32\msxml3.dll Start: 286,248 sec
C:\WINDOWS\system32\rasadhlp.dll Start: 374,691 sec
C:\WINDOWS\system32\wuapi.dll Start: 374,701 sec
C:\WINDOWS\system32\mlang.dll Start: 375,873 sec
C:\WINDOWS\system32\wbem\wbemprox.dll Start: 378,68 sec
C:\WINDOWS\system32\wups.dll Start: 379,782 sec
C:\WINDOWS\system32\xmlprovi.dll Start: 381,216 sec
C:\WINDOWS\system32\mlang.dll Start: 516,933 sec
C:\WINDOWS\system32\xmlprovi.dll Start: 516,98 sec |