Hallo Leo,
Danke dass Du noch einen Versucht mit mir startest, hier sind die beiden Dateien:
Extras:OTL Logfile: Code:
OTL Extras logfile created on: 12.12.2013 18:33:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Jörg\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,25 Gb Total Physical Memory | 0,44 Gb Available Physical Memory | 34,89% Memory free
2,35 Gb Paging File | 1,54 Gb Available in Paging File | 65,58% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 43,64 Gb Total Space | 7,91 Gb Free Space | 18,13% Space Free | Partition Type: FAT32
Drive D: | 29,02 Gb Total Space | 17,08 Gb Free Space | 58,86% Space Free | Partition Type: NTFS
Computer Name: LAEMM | User Name: Jörg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Asus\ASUS Live Update\LiveUpdt.exe" = C:\Programme\Asus\ASUS Live Update\LiveUpdt.exe:*:Enabled:LiveUpdt
"C:\Programme\TeamViewer\Version4\TeamViewer.exe" = C:\Programme\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application -- (TeamViewer GmbH)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Computer, Inc.)
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Programme\VideoConverter_Setup.exe" = C:\Programme\VideoConverter_Setup.exe:*:Enabled:Video Converter
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{167F938F-5AD3-40e2-B05D-2B7C6F0FDE48}" = HP Deskjet D1500 Printer Driver 10.0 Rel .3
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{305468A6-DE2D-43ba-A168-2F45A97A89DA}" = DJ_SF_03_D1500_Software_Min
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35B7368A-F721-46E6-B258-EA3CC11A6924}" = EXAM
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41564952-412D-5637-00A7-A758B70C0600}" = Avira SearchFree Toolbar
"{4462AD13-F2AA-4CBD-9F95-293C38EED870}" = Power4 Gear
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}" = SweetPacks bundle uninstaller
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C268B5E1-A5DA-11DF-A289-005056C00008}" = Paragon Backup & Recovery™ 2012 Free
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EBB7C1C1-D439-4D9B-9FDC-954C10F266B0}" = Adobe Photoshop Elements 4.0
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"5555 Meisterwerke" = 5555 Meisterwerke
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.1.4 Professional
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop Elements 4" = Adobe Photoshop Elements 4.0
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Asus ChkMail" = Asus ChkMail
"Avira AntiVir Desktop" = Avira Free Antivirus
"BeClean_is1" = BeClean
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_PCI_VEN_1039&DEV_7013&SUBSYS_C0131631" = Soft Data Fax Modem with SmartCP
"ESET Online Scanner" = ESET Online Scanner v3
"Google Chrome" = Google Chrome
"HControl" = ATK0100 ACPI UTILITY
"ie8" = Windows Internet Explorer 8
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"OpenIt Open It!" = Open It!
"PriceGong" = PriceGong 2.6.8
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 4" = TeamViewer 4
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Download Accelerator Packages" = Download Accelerator Packages
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.12.2013 02:59:50 | Computer Name = LAEMM | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung avwebgrd.exe, Version 14.0.0.383, fehlgeschlagenes
Modul avwebgrd.exe, Version 14.0.0.383, Fehleradresse 0x0008a4dd.
Error - 09.12.2013 03:10:33 | Computer Name = LAEMM | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung avwebgrd.exe, Version 14.0.0.383, fehlgeschlagenes
Modul avwebgrd.exe, Version 14.0.0.383, Fehleradresse 0x0008a4dd.
Error - 09.12.2013 04:51:53 | Computer Name = LAEMM | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 09.12.2013 04:53:06 | Computer Name = LAEMM | Source = Application Error | ID = 1004
Description = Fehlgeschlagene Anwendung avwebgrd.exe, Version 14.0.0.383, fehlgeschlagenes
Modul avwebgrd.exe, Version 14.0.0.383, Fehleradresse 0x0008a4dd.
Error - 09.12.2013 13:09:16 | Computer Name = LAEMM | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 09.12.2013 13:09:22 | Computer Name = LAEMM | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 09.12.2013 13:09:23 | Computer Name = LAEMM | Source = Microsoft Office 11 | ID = 2001
Description = Rejected Safe Mode action : Microsoft Office Outlook.
Error - 10.12.2013 02:24:41 | Computer Name = LAEMM | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 11.12.2013 11:51:47 | Computer Name = LAEMM | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 12.12.2013 13:30:12 | Computer Name = LAEMM | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung avwebgrd.exe, Version 14.0.0.383, fehlgeschlagenes
Modul avwebgrd.exe, Version 14.0.0.383, Fehleradresse 0x0008a4dd.
[ System Events ]
Error - 12.12.2013 04:17:00 | Computer Name = LAEMM | Source = Schedule | ID = 7901
Description = Der Befehl "At2.job" konnte aufgrund folgenden Fehlers nicht ausgeführt
werden: %%2147942403
Error - 12.12.2013 05:16:00 | Computer Name = LAEMM | Source = Schedule | ID = 7901
Description = Der Befehl "At1.job" konnte aufgrund folgenden Fehlers nicht ausgeführt
werden: %%2147942403
Error - 12.12.2013 05:17:00 | Computer Name = LAEMM | Source = Schedule | ID = 7901
Description = Der Befehl "At2.job" konnte aufgrund folgenden Fehlers nicht ausgeführt
werden: %%2147942403
Error - 12.12.2013 06:16:00 | Computer Name = LAEMM | Source = Schedule | ID = 7901
Description = Der Befehl "At1.job" konnte aufgrund folgenden Fehlers nicht ausgeführt
werden: %%2147942403
Error - 12.12.2013 06:17:00 | Computer Name = LAEMM | Source = Schedule | ID = 7901
Description = Der Befehl "At2.job" konnte aufgrund folgenden Fehlers nicht ausgeführt
werden: %%2147942403
Error - 12.12.2013 07:16:00 | Computer Name = LAEMM | Source = Schedule | ID = 7901
Description = Der Befehl "At1.job" konnte aufgrund folgenden Fehlers nicht ausgeführt
werden: %%2147942403
Error - 12.12.2013 07:17:00 | Computer Name = LAEMM | Source = Schedule | ID = 7901
Description = Der Befehl "At2.job" konnte aufgrund folgenden Fehlers nicht ausgeführt
werden: %%2147942403
Error - 12.12.2013 13:25:57 | Computer Name = LAEMM | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Gatewaydienst
auf Anwendungsebene.
Error - 12.12.2013 13:26:30 | Computer Name = LAEMM | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Gatewaydienst auf Anwendungsebene" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 12.12.2013 13:32:27 | Computer Name = LAEMM | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Avira Browser-Schutz" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden
durchgeführt: Starten Sie den Dienst neu..
< End of report >
--- --- ---
OT:OTL Logfile: Code:
OTL logfile created on: 12.12.2013 18:33:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Jörg\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,25 Gb Total Physical Memory | 0,44 Gb Available Physical Memory | 34,89% Memory free
2,35 Gb Paging File | 1,54 Gb Available in Paging File | 65,58% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 43,64 Gb Total Space | 7,91 Gb Free Space | 18,13% Space Free | Partition Type: FAT32
Drive D: | 29,02 Gb Total Space | 17,08 Gb Free Space | 58,86% Space Free | Partition Type: NTFS
Computer Name: LAEMM | User Name: Jörg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.12.12 18:31:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Jörg\Desktop\OTL.exe
PRC - [2013.11.22 12:01:20 | 000,933,944 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\update.exe
PRC - [2013.11.22 12:01:20 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.11.22 12:01:20 | 000,399,416 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\updrgui.exe
PRC - [2013.11.22 12:01:16 | 001,164,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2013.11.22 12:01:16 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.11.22 12:01:16 | 000,431,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.11.22 12:01:14 | 000,683,576 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.11.03 22:05:36 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2013.10.23 20:52:10 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Programme\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013.10.23 20:52:02 | 001,673,680 | ---- | M] (APN) -- C:\Programme\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013.10.23 20:52:02 | 000,264,144 | ---- | M] (APN LLC.) -- C:\Programme\AskPartnerNetwork\Toolbar\Toolbar.exe
PRC - [2013.10.23 20:52:02 | 000,115,664 | ---- | M] (APN LLC.) -- C:\Programme\AskPartnerNetwork\Toolbar\ServiceLocator.exe
PRC - [2013.07.02 09:16:26 | 000,254,336 | ---- | M] (Oracle Corporation) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2013.03.21 15:19:46 | 001,341,664 | ---- | M] (ESET) -- C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2008.04.14 04:22:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.09.09 03:24:30 | 000,102,400 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
PRC - [2005.09.09 01:18:10 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Photoshop Elements 4.0\apdproxy.exe
PRC - [2005.04.20 05:27:44 | 000,118,784 | ---- | M] () -- C:\Programme\Asus\NB Probe\SPM\spmgr.exe
PRC - [2005.04.13 19:12:38 | 001,611,264 | ---- | M] (ASUSTeK COMPUTER INC.) -- C:\Programme\Asus\WLAN Card Utilities\Center.exe
PRC - [2005.03.23 10:20:28 | 000,765,952 | ---- | M] () -- C:\Programme\Asus\NB Probe\NBProbe.exe
PRC - [2005.02.01 04:00:10 | 000,098,304 | ---- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
PRC - [2005.01.31 03:25:52 | 001,748,992 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
PRC - [2005.01.20 07:04:00 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004.12.22 01:23:00 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004.09.21 16:55:40 | 000,081,920 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\Asus\Power4 Gear\BatteryLife.exe
PRC - [2004.05.06 12:21:04 | 000,496,640 | ---- | M] () -- C:\WINDOWS\system32\ASWLSVC.exe
========== Modules (No Company Name) ==========
MOD - [2013.11.22 12:01:20 | 000,394,808 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2009.02.27 16:41:26 | 000,311,296 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU
MOD - [2007.05.11 02:51:00 | 001,388,544 | ---- | M] () -- C:\Programme\Adobe\Acrobat 8.0\PDFMaker\Common\AdobePDFMakerX.DEU
MOD - [2007.05.11 01:31:34 | 000,921,600 | ---- | M] () -- C:\Programme\Adobe\Acrobat 8.0\Acrobat\AdistRes.DEU
MOD - [2007.05.10 22:25:20 | 002,469,888 | ---- | M] () -- C:\Programme\Adobe\Acrobat 8.0\PDFMaker\Common\AdobePDFMakerX.dll
MOD - [2005.09.09 03:24:30 | 000,102,400 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
MOD - [2005.04.20 05:27:44 | 000,118,784 | ---- | M] () -- C:\Programme\Asus\NB Probe\SPM\spmgr.exe
MOD - [2005.04.07 19:25:46 | 000,077,824 | ---- | M] () -- C:\Programme\Asus\NB Probe\SPM\spmemory.dll
MOD - [2005.03.29 22:23:20 | 000,049,152 | ---- | M] () -- C:\Programme\Asus\NB Probe\SPM\ghadmi.dll
MOD - [2005.03.23 10:20:28 | 000,765,952 | ---- | M] () -- C:\Programme\Asus\NB Probe\NBProbe.exe
MOD - [2005.03.21 14:41:58 | 000,081,920 | ---- | M] () -- C:\Programme\Asus\NB Probe\SPM\spnbacpi.dll
MOD - [2005.03.17 10:40:50 | 000,163,840 | ---- | M] () -- C:\Programme\Asus\WLAN Card Utilities\AsAuthen.dll
MOD - [2005.03.06 20:10:12 | 000,049,152 | ---- | M] () -- C:\Programme\Asus\NB Probe\SPM\DiscMan.dll
MOD - [2005.02.28 23:35:58 | 000,114,688 | ---- | M] () -- C:\Programme\Asus\NB Probe\SPM\SPDisk.dll
MOD - [2005.02.01 04:00:10 | 000,098,304 | ---- | M] () -- C:\WINDOWS\ATK0100\HControl.exe
MOD - [2005.01.31 03:25:52 | 001,748,992 | ---- | M] () -- C:\WINDOWS\ATK0100\ATKOSD.exe
MOD - [2004.11.01 09:15:40 | 000,147,456 | ---- | M] () -- C:\WINDOWS\ATK0100\ASUSNet.dll
MOD - [2004.05.27 22:13:10 | 000,057,344 | ---- | M] () -- C:\WINDOWS\ATK0100\CMSSC.dll
MOD - [2004.05.06 12:21:04 | 000,496,640 | ---- | M] () -- C:\WINDOWS\system32\ASWLSVC.exe
MOD - [2004.02.24 01:47:36 | 000,040,960 | ---- | M] () -- C:\Programme\Asus\NB Probe\3dpie.ocx
MOD - [2003.11.28 02:11:04 | 000,135,168 | ---- | M] () -- C:\Programme\Asus\NB Probe\SPM\spos.dll
MOD - [2003.09.09 16:08:00 | 000,049,152 | ---- | M] () -- C:\Programme\Asus\NB Probe\SPM\spdmi.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.12.11 09:38:38 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.11.22 12:01:20 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.11.22 12:01:16 | 001,164,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013.11.22 12:01:16 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.11.03 22:05:36 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.10.23 20:52:10 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Programme\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013.03.21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2009.07.25 13:30:04 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2005.09.09 03:24:30 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor4.0)
SRV - [2005.04.20 05:27:44 | 000,118,784 | ---- | M] () [Auto | Running] -- C:\Programme\Asus\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2004.05.06 12:21:04 | 000,496,640 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ASWLSVC.exe -- (ASWLSVC)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\JÖRG\LOKALE~1\Temp\catchme.sys -- (catchme)
DRV - [2013.12.06 18:19:20 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.11.22 12:01:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2013.11.22 12:01:16 | 000,137,208 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.11.22 12:01:16 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.01.10 09:25:22 | 000,105,784 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2013.01.10 09:25:20 | 000,161,368 | ---- | M] (ESET) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2013.01.10 09:25:20 | 000,122,240 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2005.06.22 14:50:50 | 001,034,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.06.22 14:50:12 | 000,216,320 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWSIS.sys -- (HSFHWSIS)
DRV - [2005.06.22 14:50:04 | 000,716,416 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.05.27 07:10:46 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X)
DRV - [2005.01.31 03:25:14 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2005.01.28 04:48:00 | 002,310,272 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2004.10.15 03:29:00 | 000,057,088 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\R592.sys -- (R592)
DRV - [2004.10.15 03:29:00 | 000,027,264 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\risdpntk.sys -- (risdpntk)
DRV - [2004.08.09 02:27:18 | 000,070,144 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004.03.22 19:16:26 | 000,338,176 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2003.08.19 23:28:00 | 000,014,220 | ---- | M] () [Kernel | Auto | Running] -- C:\Programme\Asus\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2002.09.09 19:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
DRV - [2001.08.17 13:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [2000.03.29 14:17:42 | 000,005,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS -- (Asushwio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://i.search.metacrawler.com/?f=1&a=ironmc2&cd=2XzuyEtN2Y1L1QzutDtDtCtC0Dzz0FtBtAyEzyyBtC0D0EtCtN0D0Tzu0CyCzyyBtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu&cr=1225086785&ir=
IE - HKLM\..\SearchScopes,DefaultScope = {16594E28-6AA6-E23F-B9E6-69A04E66C78C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{16594E28-6AA6-E23F-B9E6-69A04E66C78C}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lauritz.com/de/auktionen/aeltere-gemaelde/c177/?ISz=0&PSz=100&PSzG=30&FLId=4&FCId=5&LLan=False&sl=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\..\SearchScopes,DefaultScope = {16594E28-6AA6-E23F-B9E6-69A04E66C78C}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{16594E28-6AA6-E23F-B9E6-69A04E66C78C}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7NDKB_deDE536
IE - HKCU\..\SearchScopes\{3C486EBF-82FD-4B60-A1D2-22DE2BD4B135}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=c520d432-f6fd-43c1-bacd-59444a4d15fa&apn_sauid=7490A2E1-A8AB-4021-A234-7703FACC7B81
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3284350&CUI=UN18075554982422326
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\npctrl.1.0.30716.0.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Programme\PriceGong\2.6.8\FF
[2013.12.06 18:19:44 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\mozilla\firefox\Profiles\{DefaultProfilesFolder}\extensions
[2013.10.23 20:52:52 | 001,048,572 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\mozilla\firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
========== Chrome ==========
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627
CHR - default_search_provider: suggest_url = ,
CHR - plugin: Erster Nutzer (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Babylon Translator = C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.9_0\
CHR - Extension: Ashampoo DE = C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.20.1.508_0\
CHR - Extension: Chrome In-App Payments service = C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.6.8\PriceGongIE.dll File not found
O2 - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Programme\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Programme\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Programme\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnTBMon] C:\Programme\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Control Center] C:\Programme\Asus\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [mobilegeni daemon] C:\Programme\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [NB Probe] C:\Programme\Asus\NB Probe\NBProbe.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Power_Gear] C:\Programme\ASUS\Power4 Gear\BatteryLife.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Zshutdown] c:\sysprep\patch\sysprep.cmd File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\System: DisabelTaskMgr = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7DFAE88F-BDA6-413B-8F8D-EF5CF7F5A639}: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.05.27 06:53:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.12.12 18:54:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2013.12.12 18:31:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Jörg\Desktop\OTL.exe
[2013.12.11 21:52:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Opera
[2013.12.11 16:48:28 | 000,000,000 | -HSD | C] -- C:\FOUND.070
[2013.12.09 09:04:03 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Jörg\Recent
[2013.12.08 14:36:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jörg\Eigene Dateien\Updater
[2013.12.08 14:36:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\espionServerData
[2013.12.08 14:34:57 | 000,000,000 | ---D | C] -- C:\Programme\CONEXANT
[2013.12.08 14:22:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2013.12.08 14:21:42 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll
[2013.12.08 14:21:42 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2013.12.08 14:21:42 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2013.12.08 14:21:42 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2013.12.08 14:21:42 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2013.12.08 14:21:42 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2013.12.08 14:21:42 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2013.12.08 14:21:42 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll
[2013.12.08 14:21:42 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2013.12.08 14:21:42 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2013.12.08 14:21:42 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2013.12.08 14:21:42 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2013.12.08 14:21:42 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2013.12.08 14:21:42 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2013.12.08 14:21:42 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2013.12.08 14:21:42 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2013.12.08 14:21:42 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2013.12.08 14:21:42 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2013.12.08 14:21:42 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2013.12.08 14:21:42 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksolay.ax
[2013.12.08 14:21:42 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2013.12.08 14:21:42 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2013.12.08 14:21:42 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2013.12.08 14:21:42 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2013.12.08 14:21:42 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2013.12.08 14:21:41 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll
[2013.12.08 14:21:41 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qdv.dll
[2013.12.08 14:21:41 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qcap.dll
[2013.12.08 14:21:41 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll
[2013.12.08 14:21:41 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qasf.dll
[2013.12.08 14:21:41 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\devenum.dll
[2013.12.08 14:21:41 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll
[2013.12.08 14:21:41 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll
[2013.12.08 14:21:41 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll
[2013.12.08 14:21:41 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll
[2013.12.08 14:21:41 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll
[2013.12.08 14:21:41 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll
[2013.12.08 14:21:41 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll
[2013.12.08 14:21:41 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll
[2013.12.08 14:21:40 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll
[2013.12.08 14:21:40 | 001,201,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8.dll
[2013.12.08 14:21:40 | 001,189,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll
[2013.12.08 14:21:40 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2013.12.08 14:21:40 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3dim700.dll
[2013.12.08 14:21:40 | 000,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll
[2013.12.08 14:21:40 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll
[2013.12.08 14:21:40 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll
[2013.12.08 14:21:40 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound.dll
[2013.12.08 14:21:40 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll
[2013.12.08 14:21:40 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddraw.dll
[2013.12.08 14:21:40 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll
[2013.12.08 14:21:40 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl
[2013.12.08 14:21:40 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll
[2013.12.08 14:21:40 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll
[2013.12.08 14:21:40 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2013.12.08 14:21:40 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll
[2013.12.08 14:21:40 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll
[2013.12.08 14:21:40 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhupnp.dll
[2013.12.08 14:21:40 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdllreg.exe
[2013.12.08 14:21:40 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll
[2013.12.08 14:21:40 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll
[2013.12.08 14:21:40 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2013.12.08 14:21:40 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddrawex.dll
[2013.12.08 14:21:40 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll
[2013.12.08 14:21:40 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2013.12.08 14:21:40 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\d3d8thk.dll
[2013.12.08 14:21:40 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll
[2013.12.08 14:21:40 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll
[2013.12.08 14:19:15 | 001,191,936 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2013.12.08 14:19:15 | 000,434,176 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2013.12.08 14:19:15 | 000,405,504 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2013.12.08 14:19:15 | 000,339,968 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2013.12.08 14:19:15 | 000,172,032 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2013.12.08 14:19:15 | 000,109,568 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe
[2013.12.08 14:19:15 | 000,108,544 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe
[2013.12.08 14:19:15 | 000,061,440 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2013.12.08 14:19:15 | 000,056,832 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2013.12.08 14:19:15 | 000,056,320 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2013.12.08 14:19:15 | 000,028,672 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2013.12.06 23:30:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\AskPartnerNetwork
[2013.12.06 23:24:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\Avira
[2013.12.06 18:19:19 | 000,000,000 | ---D | C] -- C:\Programme\AskPartnerNetwork
[2013.12.06 18:19:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AskPartnerNetwork
[2013.12.06 18:18:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\APN
[2013.12.06 18:16:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2013.12.06 18:15:52 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2013.12.06 18:15:47 | 000,137,208 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.12.06 18:15:47 | 000,090,400 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.12.06 18:15:47 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2013.12.06 18:15:45 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2013.12.05 15:56:50 | 002,799,296 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Programme\procexp.exe
[2013.12.05 15:55:57 | 000,000,000 | ---D | C] -- C:\Programme\ProcessExplorer
[2013.12.04 07:56:06 | 000,000,000 | -HSD | C] -- C:\Recycled
[2013.11.29 19:16:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia
[2013.11.29 19:16:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe
[2013.11.28 22:49:08 | 000,000,000 | -HSD | C] -- C:\FOUND.069
[2013.11.28 16:34:23 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.11.27 20:47:13 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.11.27 20:45:19 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.11.27 20:45:19 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.11.27 20:45:19 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.11.27 20:45:19 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.11.27 20:45:15 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013.11.27 20:45:12 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.11.27 20:38:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.11.27 19:59:45 | 000,000,000 | ---D | C] -- C:\FRST
[2013.11.27 19:23:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jörg\Eigene Dateien\PC Speed Maximizer
[2013.11.27 19:23:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2013.11.27 19:21:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\cache
[2013.11.27 19:21:03 | 000,000,000 | ---D | C] -- C:\Programme\Optimizer Pro
[2013.11.27 19:20:50 | 000,000,000 | ---D | C] -- C:\Users
[2013.11.27 19:20:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\Mobogenie
[2013.11.27 19:20:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jörg\Eigene Dateien\Mobogenie
[2013.11.27 19:17:21 | 000,000,000 | ---D | C] -- C:\Programme\Mobogenie
[2013.11.27 19:17:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\MetaCrawler
[2013.11.27 19:16:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Open It!
[2013.11.27 19:16:30 | 000,000,000 | ---D | C] -- C:\Programme\OpenIt
[2013.11.27 19:16:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\DigitalSite
[2013.11.23 09:57:14 | 000,000,000 | -HSD | C] -- C:\FOUND.068
[2013.11.16 18:36:16 | 000,000,000 | -HSD | C] -- C:\FOUND.067
[2013.11.15 08:20:08 | 000,000,000 | -HSD | C] -- C:\FOUND.066
[2010.07.18 22:15:18 | 000,822,296 | ---- | C] (RealNetworks, Inc.) -- C:\Programme\RealPlayerSPGold_de.exe
[2010.07.18 22:13:48 | 000,822,296 | ---- | C] (RealNetworks, Inc.) -- C:\Programme\RealPlayerSP115_de.exe
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.12.12 18:45:08 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.12.12 18:38:36 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.12.12 18:31:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Jörg\Desktop\OTL.exe
[2013.12.12 18:22:06 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.12.12 18:22:04 | 000,021,876 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2013.12.12 18:21:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.12.12 18:21:50 | 1341,575,168 | -HS- | M] () -- C:\hiberfil.sys
[2013.12.12 12:17:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2013.12.12 12:16:00 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2013.12.12 10:54:06 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{4FCE70FD-4A79-4536-8E01-40B09B039EF5}.job
[2013.12.11 17:22:38 | 000,050,309 | ---- | M] () -- C:\Dokumente und Einstellungen\Jörg\Eigene Dateien\CHS-Vase-br.def..jpg
[2013.12.11 09:38:36 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.12.11 09:38:36 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.12.11 09:20:16 | 000,000,156 | ---- | M] () -- C:\WINDOWS\Twunk001.MTX
[2013.12.11 09:20:16 | 000,000,003 | ---- | M] () -- C:\WINDOWS\Twain001.Mtx
[2013.12.08 14:28:06 | 001,647,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.12.08 14:20:44 | 000,000,734 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Photoshop Elements 4.0.lnk
[2013.12.08 14:18:42 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013.12.08 14:13:16 | 001,191,936 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxsfs.dll
[2013.12.08 14:13:16 | 000,434,176 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxdrv.dll
[2013.12.08 14:13:16 | 000,405,504 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\px.dll
[2013.12.08 14:13:16 | 000,339,968 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxwave.dll
[2013.12.08 14:13:16 | 000,172,032 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxmas.dll
[2013.12.08 14:13:16 | 000,109,568 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe
[2013.12.08 14:13:16 | 000,108,544 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe
[2013.12.08 14:13:16 | 000,061,440 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxhpinst.exe
[2013.12.08 14:13:16 | 000,056,832 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpya64.exe
[2013.12.08 14:13:16 | 000,056,320 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsa64.exe
[2013.12.08 14:13:16 | 000,028,672 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\vxblock.dll
[2013.12.06 18:19:20 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.12.06 18:16:18 | 000,001,581 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2013.12.06 08:47:32 | 000,001,679 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2013.12.05 15:55:40 | 001,191,834 | ---- | M] () -- C:\Programme\ProcessExplorer.zip
[2013.12.04 06:53:24 | 127,944,880 | ---- | M] () -- C:\Programme\avira_free1402_antivirus_de.exe
[2013.11.27 20:47:18 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013.11.27 19:19:54 | 000,000,645 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Open It!.lnk
[2013.11.24 23:23:44 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.11.22 12:01:20 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2013.11.22 12:01:16 | 000,137,208 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.11.22 12:01:16 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2013.11.15 08:12:28 | 000,032,768 | RH-- | M] () -- C:\Dokumente und Einstellungen\Jörg\Recent.004
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.12.11 17:22:37 | 000,050,309 | ---- | C] () -- C:\Dokumente und Einstellungen\Jörg\Eigene Dateien\CHS-Vase-br.def..jpg
[2013.12.08 14:24:24 | 000,001,634 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Help Center.lnk
[2013.12.08 14:21:42 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2013.12.08 14:21:42 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2013.12.08 14:21:42 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2013.12.08 14:21:42 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2013.12.08 14:21:42 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2013.12.08 14:21:42 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2013.12.08 14:21:41 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2013.12.08 14:21:41 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2013.12.08 14:21:41 | 000,034,304 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2013.12.08 14:21:41 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdmo.dll
[2013.12.08 14:20:42 | 000,000,740 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Photoshop Elements 4.0.lnk
[2013.12.08 14:20:42 | 000,000,734 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Photoshop Elements 4.0.lnk
[2013.12.06 18:16:16 | 000,001,581 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2013.12.05 15:56:50 | 000,072,154 | ---- | C] () -- C:\Programme\procexp.chm
[2013.12.05 15:55:35 | 001,191,834 | ---- | C] () -- C:\Programme\ProcessExplorer.zip
[2013.12.04 06:53:22 | 127,944,880 | ---- | C] () -- C:\Programme\avira_free1402_antivirus_de.exe
[2013.11.28 19:16:01 | 000,000,095 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\WB.CFG
[2013.11.28 19:16:01 | 000,000,006 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\WBPU-TTL.DAT
[2013.11.27 21:49:39 | 1341,575,168 | -HS- | C] () -- C:\hiberfil.sys
[2013.11.27 20:47:16 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013.11.27 20:47:15 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2013.11.27 20:45:19 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.11.27 20:45:19 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.11.27 20:45:19 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.11.27 20:45:19 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.11.27 20:45:19 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.11.27 19:17:19 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At2.job
[2013.11.27 19:16:34 | 000,000,645 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Open It!.lnk
[2013.11.27 19:16:30 | 000,000,416 | ---- | C] () -- C:\WINDOWS\tasks\At1.job
[2013.11.15 08:12:27 | 000,032,768 | RH-- | C] () -- C:\Dokumente und Einstellungen\Jörg\Recent.004
[2013.11.01 15:02:25 | 000,032,768 | RH-- | C] () -- C:\Dokumente und Einstellungen\Jörg\Recent.003
[2013.09.21 14:33:21 | 000,032,768 | RH-- | C] () -- C:\Dokumente und Einstellungen\Jörg\Recent.002
[2013.08.08 11:28:16 | 000,103,832 | ---- | C] () -- C:\Dokumente und Einstellungen\Jörg\GoToAssistDownloadHelper.exe
[2013.07.01 22:05:22 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Jörg\Anwendungsdaten\settings.ini
[2013.05.27 14:10:33 | 000,032,768 | RH-- | C] () -- C:\Dokumente und Einstellungen\Jörg\Recent.001
[2013.05.21 05:55:26 | 000,032,768 | RH-- | C] () -- C:\Dokumente und Einstellungen\Jörg\Recent.000
[2013.04.10 14:08:00 | 000,147,640 | ---- | C] () -- C:\Programme\IrfanView.exe
[2013.03.02 09:25:18 | 107,285,712 | ---- | C] () -- C:\Programme\avira_antivirus_premium_de.exe
[2012.11.27 01:40:26 | 116,212,736 | ---- | C] () -- C:\Programme\br_free_2012g.msi
[2012.11.02 10:35:17 | 000,000,248 | ---- | C] () -- C:\WINDOWS\phedit.ini
[2012.10.20 12:08:06 | 000,716,806 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2198275102-889203651-2322829713-1005-0.dat
[2012.10.19 18:35:30 | 000,317,482 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.10.19 17:52:35 | 008,954,632 | ---- | C] () -- C:\Programme\Photoshop_albumSE_de_de_320.exe
[2012.10.18 18:43:24 | 002,563,424 | ---- | C] () -- C:\Programme\AdobeDownloadAssistant.exe
[2012.09.21 10:03:31 | 000,008,704 | ---- | C] () -- C:\Dokumente und Einstellungen\Jörg\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.25 13:11:16 | 000,000,062 | ---- | C] () -- C:\WINDOWS\pcvcdbr.INI
[2012.05.25 13:11:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcvcdvw.INI
[2012.05.16 19:04:05 | 001,978,992 | ---- | C] () -- C:\Programme\avira_antivirus_premium.exe
[2012.03.06 20:09:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2012.02.15 08:30:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.02.09 19:14:11 | 001,894,678 | ---- | C] () -- C:\Programme\tor-0.2.2.35-win32.exe
[2012.02.09 19:05:45 | 009,269,233 | ---- | C] () -- C:\Programme\vidalia-bundle-0.2.2.35-0.2.15.exe
[2009.12.22 20:13:36 | 005,664,096 | ---- | C] () -- C:\Programme\IE8-eBay-Settings-Silverlight-WindowsXP-x86-DE.exe
[2009.07.22 11:59:11 | 018,699,392 | ---- | C] () -- C:\Programme\setupDE.exe
========== ZeroAccess Check ==========
[2013.10.17 20:39:46 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:26 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
--- --- ---
Grüßé |
