| Fantomas68a | 27.02.2013 20:06 |
Hallo,
so, ich habe alles gemäß Deinen Anweisungen abgearbeitet. Alles lief problemlos - es gab keinerlei Komplikationen.
Wenn ich jetzt einen neuen Tab öffne, erscheint auch nicht mehr die Search.ChatZum-Seite, sondern alles ist wie früher, also normal.
Hier nun die einzelnen gewünschten Log-Dateien. JRT Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.5 (02.18.2013:1)
OS: Microsoft Windows XP x86
Ran by Michael Hoffmann on 27.02.2013 at 18:56:58,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-776561741-1343024091-682003330-1003\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_current_user\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\iminent
Successfully deleted: [Registry Key] hkey_local_machine\software\iminent
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\opencandy"
Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\pdfforge"
Successfully deleted: [Folder] "C:\Programme\chatzum toolbar"
~~~ FireFox
Successfully deleted: [Folder] C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\mozilla\firefox\profiles\3ky6v07y.default\extensions\{acaa314b-eeba-48e4-ad47-84e31c44796c}
Successfully deleted the following from C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\mozilla\firefox\profiles\3ky6v07y.default\prefs.js
user_pref("browser.newtab.url", "hxxp://search.chatzum.com/?orig=HP&affid=61&cztbid=1393235142");
user_pref("extensions.foxlingo.addit.defaultAddons", "{ \"software\": {\"20\": {\"id\": \"20\",\"title\": \"Babylon\",\"type\": \"EXE\",\"url\": \"hxxps://www.addonfox.com/dow
user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !impor
user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
user_pref("extensions.wrc.SearchRules.baidu.com.style", ".WRCN {display:none} .result .f .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
user_pref("extensions.wrc.SearchRules.baidu.com.url", "^hxxp\\:\\/\\/www\\.baidu\\.com\\/.*");
user_pref("extensions.wrc.SearchRules.excite.com.style", ".WRCN {display:none} .searchResult .resultTitlePane .WRCN {display:inline !important; background: url(\"IMAGE\") righ
user_pref("extensions.wrc.SearchRules.excite.com.url", "^hxxp\\\\:\\\\/\\\\/msxml\\\\.excite\\\\.com\\\\/search\\\\/.*");
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.02.2013 at 19:02:32,29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Danach adw-Cleaner
AdwCleaner Logfile: Code:
# AdwCleaner v2.113 - Datei am 27/02/2013 um 19:04:47 erstellt
# Aktualisiert am 23/02/2013 von Xplode
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzer : Michael Hoffmann - HOFFMANN
# Bootmodus : Normal
# Ausgeführt unter : C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Gelöscht mit Neustart : C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dnpmlnedpdikbgdghljdepnljfpkhccn
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.18702
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=59c4c243-e0cc-407f-92fc-6552ed11613d&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms} --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=59c4c243-e0cc-407f-92fc-6552ed11613d&affid=113129&searchtype=ds&babsrc=lnkry&q={searchTerms} --> hxxp://www.google.com
-\\ Mozilla Firefox v19.0 (de)
Datei : C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v25.0.1364.97
Datei : C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [6935 octets] - [27/02/2013 19:04:47]
########## EOF - C:\AdwCleaner[S1].txt - [6995 octets] ##########
--- --- ---
[/CODE] und danach OTL OTL Logfile: Code:
OTL logfile created on: 27.02.2013 19:09:48 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 69,43% Memory free
3,84 Gb Paging File | 3,38 Gb Available in Paging File | 87,90% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 110,23 Gb Total Space | 51,67 Gb Free Space | 46,87% Space Free | Partition Type: NTFS
Drive G: | 1,55 Gb Total Space | 1,31 Gb Free Space | 84,37% Space Free | Partition Type: NTFS
Computer Name: HOFFMANN | User Name: Michael Hoffmann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\Google\Update\1.3.21.135\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\WINDOWS\system32\UTSCSI.EXE ()
PRC - C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Programme\PDF Architect\HelperService.exe (pdfforge GbR)
PRC - C:\Programme\PDF Architect\ConversionService.exe (pdfforge GbR)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
PRC - C:\Programme\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.)
PRC - C:\Programme\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.)
PRC - C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software)
PRC - C:\Programme\Vista Start Menu\VistaStartMenu.exe (OrdinarySoft)
PRC - C:\Programme\Raxco\PerfectDisk\PDAgent.exe (Raxco Software, Inc.)
PRC - C:\Programme\Raxco\PerfectDisk\PDEngine.exe (Raxco Software, Inc.)
PRC - C:\Programme\Greenshot\Greenshot.exe ()
PRC - C:\Programme\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Programme\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
PRC - C:\Programme\Nuance\PaperPort\PDFProFiltSrvPP.exe (Nuance Communications, Inc.)
PRC - C:\Programme\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
PRC - C:\WINDOWS\system32\HMXUtil6x.exe (Magic Control Technology Corporation)
PRC - C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
PRC - C:\WINDOWS\system32\MoveIt.exe ()
PRC - C:\Programme\TuneUp Utilities 2009\MemOptimizer.exe (TuneUp Software GmbH)
PRC - C:\WINDOWS\system32\mctudll.exe (TODO: <Company name>)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - C:\WINDOWS\SMINST\Scheduler.exe ()
PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
========== Modules (No Company Name) ==========
MOD - C:\Programme\AVAST Software\Avast\defs\13022700\algo.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll ()
MOD - C:\WINDOWS\system32\UTSCSI.EXE ()
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU ()
MOD - C:\Programme\Greenshot\Greenshot.exe ()
MOD - C:\Programme\Greenshot\GreenshotPlugin.dll ()
MOD - C:\WINDOWS\system32\Watch.dll ()
MOD - C:\WINDOWS\system32\MoveIt.exe ()
MOD - C:\Programme\Brother\BrUtilities\BrLogAPI.dll ()
MOD - C:\WINDOWS\system32\UDLL.dll ()
MOD - C:\Programme\Intel\Wireless\Bin\iWMSProv.dll ()
MOD - C:\WINDOWS\system32\flcdlmsg.dll ()
MOD - C:\Programme\Intel\Wireless\Bin\acAuth.dll ()
MOD - C:\WINDOWS\SMINST\naspp.dll ()
MOD - C:\WINDOWS\system32\btwicons.dll ()
MOD - C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\WINDOWS\SMINST\Scheduler.exe ()
========== Services (SafeList) ==========
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (UTSCSI) -- C:\WINDOWS\system32\UTSCSI.EXE ()
SRV - (PDF Architect Helper Service) -- C:\Programme\PDF Architect\HelperService.exe (pdfforge GbR)
SRV - (PDF Architect Service) -- C:\Programme\PDF Architect\ConversionService.exe (pdfforge GbR)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (TuneUp.ProgramStatisticsSvc) -- C:\WINDOWS\system32\TUProgSt.exe (TuneUp Software)
SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software)
SRV - (PDAgent) -- C:\Programme\Raxco\PerfectDisk\PDAgent.exe (Raxco Software, Inc.)
SRV - (PDEngine) -- C:\Programme\Raxco\PerfectDisk\PDEngine.exe (Raxco Software, Inc.)
SRV - (PDFProFiltSrvPP) -- C:\Programme\Nuance\PaperPort\PDFProFiltSrvPP.exe (Nuance Communications, Inc.)
SRV - (BrYNSvc) -- C:\Programme\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (Fabs) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (SXDS10) -- C:\Programme\Gemeinsame Dateien\soft Xpansion\SXDS10.exe (soft Xpansion)
SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\RpcAgentSrv.exe (SiSoftware)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (FLCDLOCK) -- C:\WINDOWS\system32\flcdlock.exe (Hewlett-Packard Ltd)
SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (IviRegMgr) -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
SRV - (IDriverT) -- C:\Programme\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe (Macrovision Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOKUME~1\MICHAE~1\LOKALE~1\Temp\catchme.sys File not found
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (ggsemc) -- C:\WINDOWS\system32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\WINDOWS\system32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (seehcri) -- C:\WINDOWS\system32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (DefragFS) -- C:\WINDOWS\System32\drivers\DefragFs.sys (Raxco Software, Inc.)
DRV - (nusb3xhc) -- C:\WINDOWS\system32\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV - (nusb3hub) -- C:\WINDOWS\system32\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV - (IT9135BDA) -- C:\WINDOWS\system32\drivers\IT9135BDA.sys (ITE )
DRV - (hmxproj) -- C:\WINDOWS\system32\drivers\hmxusb.sys (Magic Control Technology Corp.)
DRV - (HMXProjMir) -- C:\WINDOWS\system32\drivers\HMXMrGrp.sys (Magic Control Technology Corp.)
DRV - (HMXProjExt) -- C:\WINDOWS\system32\drivers\HMXExGrp.sys (Magic Control Technology Corp.)
DRV - (BrUsbSIb) -- C:\WINDOWS\system32\drivers\BrUsbSib.sys (Brother Industries Ltd.)
DRV - (BrSerIb) -- C:\WINDOWS\system32\drivers\BrSerIb.sys (Brother Industries Ltd.)
DRV - (azvusb) -- C:\WINDOWS\system32\drivers\azvusb.sys (AzureWave Technologies, Inc.)
DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\WNt500x86\sandra.sys (SiSoftware)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (mod7700) -- C:\WINDOWS\system32\drivers\mod7700.sys (DiBcom SA)
DRV - (hcw95rc) -- C:\WINDOWS\system32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)
DRV - (hcw95bda) -- C:\WINDOWS\system32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (NETw4x32) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (MODRC) -- C:\WINDOWS\system32\drivers\modrc.sys (DiBcom S.A.)
DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (HpqKbFiltr) -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (DAMDrv) -- C:\WINDOWS\system32\drivers\DAMDrv.sys (Hewlett-Packard Development Company L.P.)
DRV - (ss_mdm) -- C:\WINDOWS\system32\drivers\ss_mdm.sys (MCCI Corporation)
DRV - (ss_mdfl) -- C:\WINDOWS\system32\drivers\ss_mdfl.sys (MCCI Corporation)
DRV - (ss_bus) -- C:\WINDOWS\system32\drivers\ss_bus.sys (MCCI Corporation)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (HBtnKey) -- C:\WINDOWS\system32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search
IE - HKLM\..\SearchScopes\{1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = about:blank
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-776561741-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-776561741-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-776561741-1343024091-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-776561741-1343024091-682003330-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-776561741-1343024091-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-776561741-1343024091-682003330-1003\..\SearchScopes\{1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-776561741-1343024091-682003330-1003\..\SearchScopes\{1BA7A5C0-C071-46C0-BF58-2FB79C5187B5}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-776561741-1343024091-682003330-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-776561741-1343024091-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-776561741-1343024091-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Programme\Google\Google Gears\Firefox\ [2011.02.08 21:02:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2012.11.09 23:58:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Programme\PDF Architect\FFPDFArchitectExt [2012.12.06 20:33:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.02.20 17:40:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.02.23 15:54:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012.09.22 20:20:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
[2011.10.09 15:37:50 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Extensions
[2013.02.27 19:02:19 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions
[2012.10.12 17:02:47 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2013.02.15 13:16:58 | 000,000,000 | ---D | M] (Flagfox) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.12.25 12:16:03 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2011.02.08 21:02:37 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.12.31 13:51:00 | 000,000,000 | ---D | M] (Quick Translator) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}
[2013.01.31 18:49:24 | 000,000,000 | ---D | M] (WOT) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.08.29 20:24:06 | 000,000,000 | ---D | M] (PitchDark) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{c1dffba0-628e-11d9-9669-0800200c9a66}
[2012.12.29 20:26:02 | 000,000,000 | ---D | M] (Google Redesigned) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}
[2011.10.30 13:31:38 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2012.12.31 13:51:00 | 000,000,000 | ---D | M] (Right Inbox) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{eb692b9a-0dce-45fa-b0e6-765d83e386bd}
[2012.11.10 00:04:09 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2011.12.30 21:41:52 | 000,000,000 | ---D | M] ("Gutscheinsammler.de") -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\alarm@gutscheinsammler.de
[2011.10.19 17:57:33 | 000,000,000 | ---D | M] (gui:config) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\guiconfig@slosd.net
[2012.12.31 14:01:45 | 000,000,000 | ---D | M] (LastPass) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\support@lastpass.com
[2013.02.23 18:26:52 | 002,345,043 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\nasanightlaunch@example.com.xpi
[2013.02.13 19:34:56 | 000,281,921 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
[2013.02.23 16:08:35 | 000,531,369 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012.12.31 14:19:25 | 000,358,225 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{9fb7d178-155a-4318-9173-1a8eaaea7fe4}.xpi
[2013.02.14 19:34:40 | 000,817,280 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Mozilla\Firefox\Profiles\3ky6v07y.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.22 18:09:46 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.10.14 12:50:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.10.14 12:50:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.10.19 18:32:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\MICHAEL HOFFMANN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\3KY6V07Y.DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
[2012.11.09 23:58:29 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAMME\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013.02.20 17:40:12 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://www.google.com/
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.12_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.8_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.1_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\djolekdiiojehgfggcjckachfgkkdmjd\1_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.51_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.56_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.14_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd\3.10.10.1_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\hfbckmilnhkcajpjifgbonfkkoekhmnp\1.2_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ihffmkcfkejomlfnilnmkokcpgclhfeg\2.0.10_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jbpcjmidkkgldeplajgnbpjkfpmpeepb\1.0.10_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pilobbegphefikcgjpajnneiiahhejam\2.0.5_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pnnolmnbolameihploheccpnmkkcgcfm\1.1.1_0\
O1 HOSTS File: ([2013.02.26 20:09:59 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Programme\IEPro\IEPro.dll (IE7Pro.com)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Programme\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Programme\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Programme\LastPass\LPBar.dll (LastPass)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Programme\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Programme\LastPass\LPBar.dll (LastPass)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programme\IEPro\IEProRecorder.dll ()
O3 - HKU\S-1-5-21-776561741-1343024091-682003330-1003\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programme\IEPro\IEProRecorder.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BrStsMon00] C:\Programme\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Programme\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Cpqset] C:\Programme\Hewlett-Packard\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [HMXUtil6x] C:\WINDOWS\system32\HMXUtil6x.exe (Magic Control Technology Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Programme\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [LexwareInfoService] C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [mctudll] C:\WINDOWS\system32\mctudll.exe (TODO: <Company name>)
O4 - HKLM..\Run: [MoveIt] C:\WINDOWS\system32\MoveIt.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Programme\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Programme\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Programme\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PTHOSTTR] C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\WINDOWS\CREATOR\Remind_XP.exe ()
O4 - HKLM..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WatchDog] C:\Programme\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - HKU\S-1-5-21-776561741-1343024091-682003330-1003..\Run: [Greenshot] C:\Programme\Greenshot\Greenshot.exe ()
O4 - HKU\S-1-5-21-776561741-1343024091-682003330-1003..\Run: [ISUSPM] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-776561741-1343024091-682003330-1003..\Run: [TuneUp MemOptimizer] C:\Programme\TuneUp Utilities 2009\MemOptimizer.exe (TuneUp Software GmbH)
O4 - HKU\S-1-5-21-776561741-1343024091-682003330-1003..\Run: [VistaStartMenu] C:\Programme\Vista Start Menu\VistaStartMenu.exe (OrdinarySoft)
O4 - Startup: C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\Install LastPass FF RunOnce.lnk = C:\Programme\Gemeinsame Dateien\lpuninstall.exe (LastPass)
O4 - Startup: C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\Install LastPass IE RunOnce.lnk = C:\Programme\Gemeinsame Dateien\lpuninstall.exe (LastPass)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\DVD Check.lnk = C:\Programme\InterVideo\DVD Check\DVDCheck.exe (InterVideo Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\_ocster_backup_\Startmenü\Programme\Autostart\Install LastPass FF RunOnce.lnk = C:\Programme\Gemeinsame Dateien\lpuninstall.exe (LastPass)
O4 - Startup: C:\Dokumente und Einstellungen\_ocster_backup_\Startmenü\Programme\Autostart\Install LastPass IE RunOnce.lnk = C:\Programme\Gemeinsame Dateien\lpuninstall.exe (LastPass)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-776561741-1343024091-682003330-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-776561741-1343024091-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-776561741-1343024091-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-776561741-1343024091-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm File not found
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: LastPass - file://C:\Programme\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Ausfüllformulare - file://C:\Programme\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: Mit PDF Viewer Plus öffnen - C:\Programme\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Programme\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Programme\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Programme\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Programme\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Programme\LastPass\LPBar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Programme\LastPass\LPBar.dll (LastPass)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://waeco-mail.waeco.de/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340470080765 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {A6A216EB-4F7C-11D5-8438-0000B456BA3D} https://waeco-mail.waeco.de/mtn5250_ger/matn5250.cab (Matn5250 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5E1FE9BE-289E-4305-8FAB-DDA6BE415521}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\DeviceNP: DllName - (DeviceNP.dll) - C:\WINDOWS\System32\DeviceNP.dll (Hewlett-Packard Limited)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.02.07 01:04:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (PDBoot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.02.27 18:56:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.02.27 18:56:46 | 000,000,000 | ---D | C] -- C:\JRT
[2013.02.27 18:54:31 | 000,547,439 | ---- | C] (Oleg N. Scherbakov) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\JRT.exe
[2013.02.26 20:15:44 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.02.26 20:01:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.02.26 20:01:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.02.26 20:01:17 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.02.26 20:01:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.02.26 20:01:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.02.26 20:01:06 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Michael Hoffmann\Startmenü\Programme\Verwaltung
[2013.02.26 20:00:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.02.26 19:55:58 | 005,036,023 | R--- | C] (Swearware) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\ComboFix.exe
[2013.02.25 17:50:28 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\tdsskiller.exe
[2013.02.24 23:27:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\mbar-1.01.0.1020
[2013.02.24 23:23:53 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\aswMBR.exe
[2013.02.24 21:32:23 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013.02.24 19:52:40 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Michael Hoffmann\Recent
[2013.02.24 16:57:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\OTL.exe
[2013.02.24 15:23:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft ICE
[2013.02.24 15:23:52 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Research
[2013.02.23 16:52:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael Hoffmann\Eigene Dateien\Tyre
[2013.02.23 16:52:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Tyre
[2013.02.23 16:44:19 | 000,000,000 | ---D | C] -- C:\Programme\Soda PDF 5
[2013.02.23 16:43:51 | 000,000,000 | ---D | C] -- C:\Programme\Common Files
[2013.02.23 16:43:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\PDF Software
[2013.02.22 20:12:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Sun
[2013.02.22 18:10:30 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.02.22 18:10:22 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.02.22 18:10:22 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.02.22 18:10:22 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.02.16 19:12:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\LuPO-NRW
[2013.02.16 19:12:18 | 000,000,000 | ---D | C] -- C:\LuPO
[2013.02.16 16:46:07 | 000,000,000 | ---D | C] -- C:\Programme\Dropbox
[2013.02.10 17:07:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Dell Inspirion 17R SE 7720
[2013.02.07 22:20:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael Hoffmann\Eigene Dateien\Eigene PaperPort-Dokumente
[2013.02.03 13:09:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Publish Data
[2013.02.03 13:06:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\Publish_Data
[2013.02.03 13:05:18 | 000,000,000 | ---D | C] -- C:\Programme\Publish Data
[2013.02.01 22:32:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Fernseher Dennis
[2013.02.01 12:21:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CyberLink PhotoDirector 3
[2013.02.01 12:20:32 | 000,000,000 | ---D | C] -- C:\Programme\CyberLink
[2013.01.31 21:12:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Zoner Photo Studio 14
[2012.06.23 19:27:32 | 011,035,168 | ---- | C] (LastPass) -- C:\Programme\Gemeinsame Dateien\lpuninstall.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.02.27 19:07:32 | 000,000,308 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.02.27 19:06:49 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.02.27 19:06:41 | 000,001,106 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.27 19:06:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.02.27 19:06:31 | 2138,361,856 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.27 18:57:01 | 000,001,110 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.27 18:54:50 | 000,547,439 | ---- | M] (Oleg N. Scherbakov) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\JRT.exe
[2013.02.27 18:53:20 | 000,594,019 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\adwcleaner.exe
[2013.02.27 18:48:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.02.27 18:17:09 | 000,001,254 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-776561741-1343024091-682003330-1003UA.job
[2013.02.26 20:09:59 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.02.26 19:56:20 | 005,036,023 | R--- | M] (Swearware) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\ComboFix.exe
[2013.02.25 19:17:00 | 000,001,202 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-776561741-1343024091-682003330-1003Core.job
[2013.02.25 17:50:34 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\tdsskiller.exe
[2013.02.25 00:14:53 | 000,000,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\MBR.dat
[2013.02.24 23:25:55 | 000,138,868 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Leider auch Ärger mit ChatZum - Trojaner-Board - Mozilla Firefox_2013-02-24_23-25-27.pdf
[2013.02.24 23:25:29 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\aswMBR.exe
[2013.02.24 23:22:26 | 013,711,621 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\mbar-1.01.0.1020.zip
[2013.02.24 19:41:25 | 000,002,461 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Microsoft ICE.lnk
[2013.02.24 17:07:41 | 000,002,503 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Word 2007.lnk
[2013.02.24 17:05:01 | 000,451,907 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten_ - Trojaner-Board.pdf
[2013.02.24 16:58:53 | 000,376,832 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\gmer_2.1.19081.exe
[2013.02.24 16:57:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\OTL.exe
[2013.02.24 15:57:42 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.24 15:35:26 | 000,000,838 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013.02.22 18:21:20 | 000,002,445 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Google Chrome.lnk
[2013.02.22 18:10:13 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.02.22 18:10:12 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013.02.22 18:10:12 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.02.22 18:10:12 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013.02.22 18:10:11 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npdeployJava1.dll
[2013.02.22 18:10:11 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2013.02.22 18:10:11 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.02.19 20:40:19 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.02.19 20:40:19 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.02.17 15:53:12 | 000,108,426 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Große Stadtrundfahrt per Fahrrad _ Kennst Du Dresden_.pdf
[2013.02.17 14:30:55 | 000,002,545 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\PowerPoint 2007.lnk
[2013.02.16 19:54:18 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2013.02.16 19:26:28 | 000,432,042 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Anleitung_LuPO_Schuelerversion.pdf
[2013.02.16 19:24:40 | 001,206,670 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\LuPO_Handbuch.pdf
[2013.02.16 19:12:20 | 000,000,489 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\LuPO-Schülerversion.lnk
[2013.02.16 19:12:20 | 000,000,474 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\LuPO-Lehrerversion.lnk
[2013.02.16 16:45:54 | 000,001,085 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Dropbox.lnk
[2013.02.13 19:28:48 | 000,403,920 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.02.13 19:05:03 | 000,531,676 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.02.13 19:05:03 | 000,506,040 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.02.13 19:05:03 | 000,107,092 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.02.13 19:05:03 | 000,089,504 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.02.07 21:33:14 | 000,000,188 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Transcend (D).lnk
[2013.02.03 19:56:07 | 000,387,866 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Hotelgutscheine Radisson Blu Park Hotel Dresden Radebeul.pdf
[2013.02.03 19:22:48 | 000,471,642 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Testbericht Dell Inspiron 17R-SE-7720 Notebook.pdf
[2013.02.03 19:14:39 | 000,544,345 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Testbericht Dell Inspiron 17R SE.pdf
[2013.02.02 17:02:13 | 001,073,848 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Cortal Consors Daten Heike.pdf
[2013.02.01 12:21:48 | 000,001,824 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\CyberLink PhotoDirector 3.lnk
[2013.01.31 21:12:45 | 000,001,676 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Zoner Photo Studio 14.lnk
[2013.01.30 21:05:22 | 001,086,569 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Cortal Consors Daten Michael.pdf
[2013.01.29 21:05:07 | 000,269,776 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Hotelgutschein Dresden Hoffmann.pdf
[2013.01.29 21:03:58 | 000,269,771 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Hotelgutschein Dresden Stellbrink.pdf
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.02.27 18:53:20 | 000,594,019 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\adwcleaner.exe
[2013.02.26 20:01:17 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.02.26 20:01:17 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.02.26 20:01:17 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.02.26 20:01:17 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.02.26 20:01:17 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.02.25 00:14:53 | 000,000,512 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\MBR.dat
[2013.02.24 23:25:54 | 000,138,868 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Leider auch Ärger mit ChatZum - Trojaner-Board - Mozilla Firefox_2013-02-24_23-25-27.pdf
[2013.02.24 23:22:11 | 013,711,621 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\mbar-1.01.0.1020.zip
[2013.02.24 17:04:57 | 000,451,907 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten_ - Trojaner-Board.pdf
[2013.02.24 16:58:53 | 000,376,832 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\gmer_2.1.19081.exe
[2013.02.24 15:37:55 | 000,002,461 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Microsoft ICE.lnk
[2013.02.24 15:24:44 | 000,000,838 | ---- | C] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2013.02.17 15:53:10 | 000,108,426 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Große Stadtrundfahrt per Fahrrad _ Kennst Du Dresden_.pdf
[2013.02.16 19:26:28 | 000,432,042 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Anleitung_LuPO_Schuelerversion.pdf
[2013.02.16 19:24:39 | 001,206,670 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\LuPO_Handbuch.pdf
[2013.02.16 19:12:20 | 000,000,489 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\LuPO-Schülerversion.lnk
[2013.02.16 19:12:20 | 000,000,474 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\LuPO-Lehrerversion.lnk
[2013.02.07 21:33:14 | 000,000,188 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Transcend (D).lnk
[2013.02.03 22:39:27 | 000,388,842 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2013.02.03 19:56:07 | 000,387,866 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Hotelgutscheine Radisson Blu Park Hotel Dresden Radebeul.pdf
[2013.02.03 19:22:45 | 000,471,642 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Testbericht Dell Inspiron 17R-SE-7720 Notebook.pdf
[2013.02.03 19:14:36 | 000,544,345 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Testbericht Dell Inspiron 17R SE.pdf
[2013.02.02 17:02:09 | 001,073,848 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Cortal Consors Daten Heike.pdf
[2013.02.01 12:21:48 | 000,001,824 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\CyberLink PhotoDirector 3.lnk
[2013.01.31 21:12:45 | 000,001,676 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Zoner Photo Studio 14.lnk
[2013.01.30 21:05:11 | 001,086,569 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Cortal Consors Daten Michael.pdf
[2013.01.29 21:05:07 | 000,269,776 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Hotelgutschein Dresden Hoffmann.pdf
[2013.01.29 21:03:58 | 000,269,771 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop\Hotelgutschein Dresden Stellbrink.pdf
[2013.01.09 22:02:09 | 000,010,639 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Heike_elster_2048.pfx
[2013.01.09 21:56:56 | 000,010,639 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Michael_elster_2048.pfx
[2013.01.09 21:47:57 | 000,010,639 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Dennis_elster_2048.pfx
[2012.12.31 17:01:02 | 011,632,640 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Sandra.mdb
[2012.12.31 16:53:47 | 000,000,849 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\smallwindows.cfg
[2012.12.24 17:41:07 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\UTSCSI.EXE
[2012.12.07 14:01:15 | 000,795,136 | ---- | C] () -- C:\WINDOWS\System32\MoveIt.exe
[2012.12.07 14:01:15 | 000,054,272 | ---- | C] () -- C:\WINDOWS\System32\Watch.dll
[2012.12.07 14:01:15 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\mctudll.dll
[2012.12.07 14:01:15 | 000,000,216 | ---- | C] () -- C:\WINDOWS\System32\Himax.ini
[2012.12.07 14:01:14 | 000,430,080 | ---- | C] () -- C:\WINDOWS\System32\UDLL.dll
[2012.10.20 16:05:08 | 000,000,240 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2012.10.20 16:05:08 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2012.10.20 16:04:15 | 000,000,091 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2012.10.20 16:04:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2012.10.20 15:58:54 | 000,002,944 | ---- | C] () -- C:\WINDOWS\BRPARAM.INI
[2012.10.20 15:57:41 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2012.10.20 15:57:34 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2012.10.14 13:50:12 | 000,003,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.30 21:42:12 | 000,000,018 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\SYS386LT.DAT
[2012.07.30 21:19:20 | 000,000,005 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\LZ1CPROT
[2012.06.07 12:49:18 | 000,000,399 | ---- | C] () -- C:\WINDOWS\vtplus32.ini
[2012.06.07 12:49:12 | 000,149,504 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE
[2012.06.07 12:48:25 | 000,032,825 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2012.06.07 12:48:10 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2012.06.07 12:46:21 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll
[2012.06.07 12:45:30 | 000,006,263 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2012.06.07 12:44:10 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2012.05.05 17:02:45 | 000,000,001 | R--- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\serverport
[2012.02.14 19:54:26 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.12 13:07:31 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt
[2012.02.12 13:06:31 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011.09.25 20:45:20 | 000,000,751 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\log.xml
[2011.09.25 20:45:20 | 000,000,008 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\log-suffix.xml
[2011.09.25 20:45:20 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\log.xml.lock
[2011.09.08 18:30:41 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011.04.17 20:12:12 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2011.03.27 17:43:12 | 000,000,119 | ---- | C] () -- C:\WINDOWS\Podcasts.INI
[2011.02.07 01:30:50 | 000,000,149 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
========== ZeroAccess Check ==========
[2011.02.07 01:30:06 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 03:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
--- --- ---
[/CODE] OTL Extras Logfile: Code:
OTL Extras logfile created on: 27.02.2013 19:09:48 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Michael Hoffmann\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,99 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 69,43% Memory free
3,84 Gb Paging File | 3,38 Gb Available in Paging File | 87,90% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 110,23 Gb Total Space | 51,67 Gb Free Space | 46,87% Space Free | Partition Type: NTFS
Drive G: | 1,55 Gb Total Space | 1,31 Gb Free Space | 84,37% Space Free | Partition Type: NTFS
Computer Name: HOFFMANN | User Name: Michael Hoffmann | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-776561741-1343024091-682003330-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Programme\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Programme\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Programme\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"5985:TCP" = 5985:TCP:*:Disabled:Windows-Remoteverwaltung
"54925:UDP" = 54925:UDP:*:Enabled:BrotherNetwork Scanner
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- ()
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE" = C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Temp\jivexviewer\jre\bin\JiveX[dv] light" = C:\Dokumente und Einstellungen\Michael Hoffmann\Lokale Einstellungen\Temp\jivexviewer\jre\bin\JiveX[dv] light:*:Enabled:Java(TM) Platform SE binary
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour" -- (Apple Inc.)
"C:\Programme\IEPro\MiniDM.exe" = C:\Programme\IEPro\MiniDM.exe:*:Enabled:MiniDM -- (IE7Pro.com)
"C:\Programme\Brother\Brmfl11b\FAXRX.exe" = C:\Programme\Brother\Brmfl11b\FAXRX.exe:*:Enabled:FAXRX.EXE -- (Brother Industries Ltd.)
"C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\Michael Hoffmann\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\RpcAgentSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\WNt500x86\RpcSandraSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0289B18A-F99F-423F-B79F-1150D0F85492}" = HP Wireless Assistant
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15
"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DB165DC-DDB4-403F-B985-19F3EC7D0357}" = HP ProtectTools Security Manager
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}" = PDF Architect
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 B2
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{3912A629-0020-0005-3131-2FBA74D4DF0A}" = InterVideo WinDVD
"{39337565-330E-4ab6-A9AE-AC81E0720B10}" = CyberLink PhotoDirector 3
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}" = Microsoft Image Composite Editor
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = ST Wiederherstellungs- & Sicherungsprogramme
"{437C19B3-7E20-4E39-B868-CA6BAA820E1C}" = Microsoft Rechner-Plus
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{521F72F4-FFE4-4959-AA88-EED06125211F}" = HP Notebook Accessories Product Tour
"{528145C0-462A-11E1-B8B4-B8AC6F97B88E}" = Google Earth
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5B5F2D4C-3B63-4EEF-A881-CFD39E8D9C47}" = MAGIX Screenshare
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{5FF02438-DDE5-4D8E-8291-577CC1A2C014}" = AkkuLine Batterie-Tool
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12
"{6C996505-A5F5-4F8D-B4FE-CC7F4AE78F7C}" = USB Projector 10.02.0203.2502
"{6D1FAE3E-7A6F-4045-BBF5-55DB4C5FB5FD}" = MAGIX Online Druck Service
"{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}" = PaperPort Image Printer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A21C722-F259-4976-B7AA-6658E5FDEDAF}" = Google Drive
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CA4EF4B-DB5A-4E2F-81CC-6EE33FC9EF1E}" = HP User Guides 0084
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{830F55B6-4398-4B72-A0D8-66397B902C0E}" = Brother MFL-Pro Suite MFC-J5910DW
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = HP Integrated Module with Bluetooth wireless technology
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{B7607FC8-72AD-486D-B6B7-A402D5876309}" = PerfectDisk 11 Professional
"{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1" = CheckDrive
"{BC35397E-6A05-4E93-8418-1BA7CD2B7AAB}" = BIOS Configuration for HP ProtectTools
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2012.SP4c
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3E3F224-704C-4873-BA3E-0B8D3D4C59E8}" = Samsung PC Studio 3
"{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe 1.6.43.1
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{DFAA3D2B-7087-464E-823B-738A23C29C27}" = Microsoft Visual J# 2.0 Redistributable Package - SE
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Windows-Treiberpaket - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Windows-Treiberpaket - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Alf-BanCo5_is1" = ALF-BanCo 5
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Ashampoo Burning Studio 2012 CBE_is1" = Ashampoo Burning Studio 2012 CBE v.11.0.4
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"DesktopOK" = DesktopOK
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Studio_is1" = Free Studio version 5.3.4
"FreeDoko" = FreeDoko 0.7.11
"Greenshot_is1" = Greenshot
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IE7Pro" = IE7Pro
"ie8" = Windows Internet Explorer 8
"InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}" = CyberLink PhotoDirector 3
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"IrfanView" = IrfanView (remove only)
"LastPass" = LastPass (nur deinstallieren)
"LuPO_is1" = LuPO 1.0.2.45
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MediaMonkey_is1" = MediaMonkey 4.0
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Visual J# 2.0 Redistributable Package - SE" = Microsoft Visual J# 2.0 Redistributable Package - SE
"Mozilla Firefox 19.0 (x86 de)" = Mozilla Firefox 19.0 (x86 de)
"Mozilla Thunderbird 16.0.2 (x86 de)" = Mozilla Thunderbird 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Simple Sudoku_is1" = Simple Sudoku 4.2
"Sudoku-Drucker" = Sudoku-Drucker 1.4.1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Vista Start Menu_is1" = Vista Start Menu 3.85
"VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German)
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZonerPhotoStudio14_DE_is1" = Zoner Photo Studio 14
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-776561741-1343024091-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 27.02.2013 14:12:54 | Computer Name = HOFFMANN | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/02/27 19:12:54.953]: [00000788]: GetDeviceIpAddress:
GetAddressByName [BRW0080927E1A3B] Error
Error - 27.02.2013 14:13:29 | Computer Name = HOFFMANN | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/02/27 19:13:29.453]: [00000788]: GetDeviceIpAddress:
GetAddressByName [BRW0080927E1A3B] Error
Error - 27.02.2013 14:14:03 | Computer Name = HOFFMANN | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/02/27 19:14:03.968]: [00000788]: GetDeviceIpAddress:
GetAddressByName [BRW0080927E1A3B] Error
Error - 27.02.2013 14:14:38 | Computer Name = HOFFMANN | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/02/27 19:14:38.468]: [00000788]: GetDeviceIpAddress:
GetAddressByName [BRW0080927E1A3B] Error
Error - 27.02.2013 14:15:12 | Computer Name = HOFFMANN | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/02/27 19:15:12.968]: [00000788]: GetDeviceIpAddress:
GetAddressByName [BRW0080927E1A3B] Error
Error - 27.02.2013 14:15:47 | Computer Name = HOFFMANN | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/02/27 19:15:47.468]: [00000788]: GetDeviceIpAddress:
GetAddressByName [BRW0080927E1A3B] Error
Error - 27.02.2013 14:16:21 | Computer Name = HOFFMANN | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/02/27 19:16:21.968]: [00000788]: GetDeviceIpAddress:
GetAddressByName [BRW0080927E1A3B] Error
Error - 27.02.2013 14:16:56 | Computer Name = HOFFMANN | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/02/27 19:16:56.468]: [00000788]: GetDeviceIpAddress:
GetAddressByName [BRW0080927E1A3B] Error
Error - 27.02.2013 14:17:30 | Computer Name = HOFFMANN | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/02/27 19:17:30.968]: [00000788]: GetDeviceIpAddress:
GetAddressByName [BRW0080927E1A3B] Error
Error - 27.02.2013 14:18:05 | Computer Name = HOFFMANN | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/02/27 19:18:05.468]: [00000788]: GetDeviceIpAddress:
GetAddressByName [BRW0080927E1A3B] Error
[ System Events ]
Error - 07.02.2013 13:31:49 | Computer Name = HOFFMANN | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst IMAPI-CD-Brenn-COM-Dienste.
Error - 07.02.2013 13:31:49 | Computer Name = HOFFMANN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IMAPI-CD-Brenn-COM-Dienste" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 17.02.2013 09:25:32 | Computer Name = HOFFMANN | Source = DCOM | ID = 10010
Description = Der Server "{1F87137D-0E7C-44D5-8C73-4EFFB68962F2}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 24.02.2013 10:04:44 | Computer Name = HOFFMANN | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Soda
PDF 5 Service.
Error - 24.02.2013 10:04:44 | Computer Name = HOFFMANN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Soda PDF 5 Service" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 24.02.2013 10:33:55 | Computer Name = HOFFMANN | Source = System Error | ID = 1003
Description = Fehlercode 1000008e, 1. Parameter 80000004, 2. Parameter 8072bae1,
3. Parameter a1fac6c4, 4. Parameter 00000000.
Error - 24.02.2013 10:40:50 | Computer Name = HOFFMANN | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Windows-Bilderfassung
(WIA).
Error - 24.02.2013 10:40:50 | Computer Name = HOFFMANN | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows-Bilderfassung (WIA)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 24.02.2013 14:52:06 | Computer Name = HOFFMANN | Source = System Error | ID = 1003
Description = Fehlercode 1000008e, 1. Parameter 80000004, 2. Parameter 8072bae1,
3. Parameter 9daf45ac, 4. Parameter 00000000.
Error - 26.02.2013 14:25:01 | Computer Name = HOFFMANN | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
für die Netzwerkkarte mit der Netzwerkadresse 001F3C837BF3 zugeteilt werden. Der
folgende Fehler ist aufgetreten: %%1223. Es wird weiterhin im Hintergrund versucht,
eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
[ TuneUp Events ]
Error - 21.09.2012 17:58:08 | Computer Name = HOFFMANN | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-09-21 23:58:08', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbamgui.exe','1332',0)
Error - 13.12.2012 15:15:20 | Computer Name = HOFFMANN | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-12-13 20:15:20', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbam.exe','996',0)
Error - 13.12.2012 15:16:07 | Computer Name = HOFFMANN | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-12-13 20:16:07', '\device\harddiskvolume2\dokumente
und einstellungen\all users\anwendungsdaten\malwarebytes\malwarebytes' anti-malware\mbam-setup.exe','5176',0)
Error - 13.12.2012 15:17:02 | Computer Name = HOFFMANN | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-12-13 20:17:02', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbam.exe','4548',0)
Error - 13.12.2012 15:17:37 | Computer Name = HOFFMANN | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-12-13 20:17:37', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbam.exe','2096',0)
Error - 13.12.2012 16:42:42 | Computer Name = HOFFMANN | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2012-12-13 21:42:42', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbamgui.exe','204',0)
Error - 24.02.2013 10:56:46 | Computer Name = HOFFMANN | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2013-02-24 15:56:46', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbam.exe','4724',0)
Error - 24.02.2013 10:57:21 | Computer Name = HOFFMANN | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2013-02-24 15:57:21', '\device\harddiskvolume2\dokumente
und einstellungen\all users\anwendungsdaten\malwarebytes\malwarebytes' anti-malware\mbam-setup.exe','6044',0)
Error - 24.02.2013 10:57:56 | Computer Name = HOFFMANN | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2013-02-24 15:57:56', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbam.exe','4112',0)
Error - 24.02.2013 10:58:31 | Computer Name = HOFFMANN | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2013-02-24 15:58:31', '\device\harddiskvolume2\programme\malwarebytes'
anti-malware\mbam.exe','4856',0)
< End of report >
--- --- ---
[/CODE]
Ich hoffe, alles ist so wie erwartet.
Vielen Dank :dankeschoen: bis hierher und viele Grüße
Michael |
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
aswMBR.exe und speichere die Datei auf deinem Desktop.
TDSSKiller.exe und speichere diese Datei auf dem Desktop
AdwCleaner auf deinen Desktop.
WARNUNG an die MITLESER: 
