Hallo Arne
anbei die reports. Habe alles Persoenliche gexxxxt oder ver*****OTL Logfile: Code:
OTL Extras logfile created on: 23.09.2010 12:27:13 - Run 2
OTL by OldTimer - Version 3.2.14.1 Folder = F:\Documents and Settings\***\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 84,00% Memory free
7,00 Gb Paging File | 7,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): E:\pagefile.sys 4092 4092 [binary data]
%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 6,84 Gb Total Space | 5,01 Gb Free Space | 73,29% Space Free | Partition Type: NTFS
Drive D: | 6,84 Gb Total Space | 3,49 Gb Free Space | 50,98% Space Free | Partition Type: NTFS
Drive E: | 59,94 Gb Total Space | 13,35 Gb Free Space | 22,28% Space Free | Partition Type: NTFS
Drive F: | 19,53 Gb Total Space | 5,93 Gb Free Space | 30,35% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 3,79 Gb Total Space | 0,02 Gb Free Space | 0,51% Space Free | Partition Type: FAT32
Computer Name: xxxxxxx
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- F:\Program Files\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "F:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "F:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "F:\Program Files\Opera\opera.exe" (Opera Software)
https [open] -- "F:\Program Files\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "F:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "F:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "F:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"6160:TCP" = 6160:TCP:*:Disabled:Seagull Driver Networking
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"F:\Program Files\Opera\opera.exe" = F:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"F:\WINDOWS\system32\usmt\migwiz.exe" = F:\WINDOWS\system32\usmt\migwiz.exe:*:Disabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)
"F:\WINDOWS\system32\javaw.exe" = F:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"F:\WINDOWS\system32\java.exe" = F:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{18E65799-76BD-46EF-9E53-972FE5A40736}" = Opera 10.62
"{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v. 1.3.1249.0
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2A033A00-FE0D-4609-B0E8-2C49CC494FC8}" = WorldShip
"{2DB165DC-DDB4-403F-B985-19F3EC7D0357}" = HP ProtectTools Security Manager
"{33035862-543C-4405-9CC6-08593CF2C25F}" = ReportServer
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 J1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{390160B4-D276-4A04-8002-8D3101A0D367}" = UPSICC
"{3912A629-0020-0005-3131-2FBA74D4DF0A}" = InterVideo WinDVD
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{4422D20B-F530-4E65-8504-31396C9BC066}" = Google SketchUp 8
"{463A57EB-89CF-4B91-AD55-E4CC8456E0E6}" = StarMoney 6.0
"{4AE3EAC8-FAD9-4ECC-A339-BBAD8C72DE71}" = UPSDB
"{4BA3DDD4-BC91-48B2-8896-7A02C34829D7}" = HP Embedded Security for ProtectTools
"{507C870C-C27E-4F53-A32A-23500AC62A46}" = Adobe GoLive CS (DEU)
"{53480370-6CA2-47EC-BC05-02B4B9271C31}" = O&O Defrag Professional Edition
"{56B59C2A-EFB8-44AC-88F5-3280171E4522}" = PolicyManager
"{5AE59A84-B2F3-42CC-A246-5AF80F6EE770}" = Reconciler
"{5D97A4A7-C274-4B63-86D9-07A33435F505}" = InterVideo DVD Check
"{60B81442-7AB5-49A2-BF90-02A2786587ED}" = USB-Flachbettscanner
"{68AF09E3-1167-4771-903C-CCCDCF7E171C}" = NRF
"{69333A04-5134-40A5-A055-9166A7AA1EC8}" =
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75ECB75A-522C-4312-8DE7-597CDA9D96A3}" = HP Mobile Data Protection System
"{7F362F06-A9A3-440F-8B19-6A01A72723C4}" = AuthenTec Fingerprint Sensor Minimum Install
"{829CD169-E692-48E8-9BDE-A3E8D8B65538}" = mSCfg
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C5BD501-AD5D-4A75-9321-076509B438FC}" = WebHelp
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95749C5B-BC37-41E3-8D39-EEF4C21A2825}" = CCC
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DA12996-EB20-40AB-8D44-BA190C8634A8}" = Printer Utility
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1" = RunAlyzer
"{A5763105-D1D5-4862-A3FE-EC058F9AA73E}" = ICCHelp
"{AA2E6BFE-4351-481C-A720-47CB3506570B}" = ACDSee 8
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AE052EF7-2640-48D7-8915-69B810D975CB}" = HP BIOS Configuration for ProtectTools 2.00 E1
"{B7F54262-AB66-44B3-88BF-9FC69941B643}" = Broadcom NetXtreme Ethernet Controller
"{BB2F9840-531D-4C8E-9F19-A101ECD9ABC0}" = UPS Thermal Printer Plugin - Version 8.10
"{BC728F95-2D3F-4D05-9E1E-F2A3CEBF3FE8}" = FormsComponent
"{BE41F3D2-FC73-4C3E-A2C2-5D2B08A5B2D0}" = Credential Manager for HP ProtectTools
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C23415D8-FE94-4F52-B5C4-0FFA2202C6D9}" = UPSVCMM
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C30E30A6-0AB5-470A-AB67-D322938F5429}" = SupportUtility
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C8645A63-4331-460A-ADD9-784985428D62}" = REFLEX Modellflugsimulator
"{C9D43B38-34AD-4EC2-B696-46F42D49D174}" = MSIChecker
"{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF2962CB-E3E7-4AA5-B6CE-EE59A600ECBE}" = UnifiedPrinting
"{D44E7219-947E-4F1B-830E-66EF11ACC543}" = NA1Messenger
"{DB2C58E0-6284-4B48-97F2-22A980B6360B}" = System
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (UPSWSDBSERVER)
"{E358CC1E-4953-4E27-ADEB-8B27D8BBC20E}" = UPSlinkHTTP
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EA9629DA-5715-48BA-B054-28169702B176}" = FOSS
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F18DB86D-BC16-4E01-BCCE-63F62B931D82}" = InterVideo Register Manager
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FFCB1B04-5B1C-4A17-AA60-CA6F00BA50F9}" = StarMoney
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Bass Audio Decoder" = Bass Audio Decoder (remove only)
"BlackBerry_{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"CANONBJ_Deinstall_CNMCP5n.DLL" = Canon i965
"CCleaner" = CCleaner
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"CleanUp!" = CleanUp!
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA_hpq0033m" = HDAUDIO Soft Data Fax Modem with SmartCP
"CutePDF Writer Installation" = CutePDF Writer 2.7
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"ERUNT_is1" = ERUNT 1.1j
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"ffdshow_is1" = ffdshow [rev 3124] [2009-11-03]
"FFMPEG Core Files" = FFMPEG Core Files (remove only)
"Free FLV Converter_is1" = Free FLV Converter V 6.7.3
"Gabest MPEG Splitter" = Gabest MPEG Splitter (remove only)
"HaaliMkx" = Haali Media Splitter
"HijackThis" = HijackThis 2.0.2
"ie8" = Windows Internet Explorer 8
"ImgBurn" = ImgBurn
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Monkey's Audio_is1" = Monkey's Audio
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"Mozilla Firefox (3.5.5)" = Mozilla Firefox (3.5.5)
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"ProInst" = Intel(R) PROSet/Wireless Software
"QuickTime" = QuickTime
"SHOUTcast Source" = SHOUTcast Source (remove only)
"Slp32V4" = Smart Label Printer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tweak UI 2.10" = Tweak UI
"UPS WorldShip" = UPS WorldShip
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"Winston_is1" = Winston Version 2010W
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZoomPlayer" = Zoom Player (remove only)
"ZoomPlayerLang" = Zoom Player deutsche Sprachdateien (entfernen)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Anwendungserkennung
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 07.09.2010 04:36:32 | Computer Name = xxxxx | Source = Application Error | ID = 1000
Description = Faulting application wmc.exe, version 1.0.0.0, faulting module wmc.exe,
version 1.0.0.0, fault address 0x00004404.
Error - 07.09.2010 13:59:29 | Computer Name =xxxxx | Source = ThreadLib | ID = 0
Description =
Error - 21.09.2010 11:15:50 | Computer Name = xxxxx | Source = Application Error | ID = 1000
Description = Faulting application flashutil10i_plugin.exe, version 10.1.82.76,
faulting module unknown, version 0.0.0.0, fault address 0x7ca145a3.
Error - 21.09.2010 12:57:51 | Computer Name = xxxxx | Source = IFXWlxEN | ID = 2687344
Description = Failed to create instance of IWlxEvent interface.
Error - 21.09.2010 13:03:02 | Computer Name = xxxxx | Source = IFXWlxEN | ID = 2687344
Description = Failed to create instance of IWlxEvent interface.
Error - 21.09.2010 13:14:09 | Computer Name = xxxxxx | Source = IFXWlxEN | ID = 2687344
Description = Failed to create instance of IWlxEvent interface.
Error - 21.09.2010 13:17:27 | Computer Name = xxxxx | Source = IFXWlxEN | ID = 2687344
Description = Failed to create instance of IWlxEvent interface.
Error - 21.09.2010 14:41:04 | Computer Name = xxxx | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module abovekegubixudum.dll, version 0.0.0.0, fault address 0x000126d7.
Error - 22.09.2010 06:42:30 | Computer Name = xxxxxx | Source = ThreadLib | ID = 0
Description =
Error - 22.09.2010 09:00:55 | Computer Name = xxxxxx | Source = IFXWlxEN | ID = 2687344
Description = Failed to create instance of IWlxEvent interface.
[ Credential Manager Events ]
Error - 07.06.2010 04:27:32 | Computer Name = xxxxx| Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@xxxxxx Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 10.06.2010 11:53:43 | Computer Name = xxxxxxxx | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: *****@xxxxxxxx Credentials:
Fingerprints Error: (0xC5161003) The requested biometrics operation could not
be successfully completed.
Error - 30.06.2010 04:39:32 | Computer Name = xxxxxxx | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: *****@xxxxxxx Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 06.07.2010 10:47:32 | Computer Name =xxxxxxx | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: *****@xxxxxxxx Credentials:
Fingerprints Error: (0xC5161001) The fingerprints provided do not match.
Error - 02.08.2010 04:36:20 | Computer Name = xxxxxxxx | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: *******@xxxxxxx Credentials:
Fingerprints Error: (0xC5161001) The fingerprints provided do not match.
Error - 02.08.2010 07:05:33 | Computer Name =xxxxxxxxx | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: *******@xxxxxxxxxx Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 03.08.2010 17:24:24 | Computer Name = xxxxxxx | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ****@xxxxxxxxxx Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 05.08.2010 10:28:28 | Computer Name = xxxxxxx | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: *****@xxxxxxxxx Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 13.08.2010 09:44:10 | Computer Name =xxxxxxxx | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ********@xxxxxxxxx Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 13.09.2010 11:11:21 | Computer Name = xxxxxxxx | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ****@xxxxxxxx Credentials:
Fingerprints Error: (0xC5161003) The requested biometrics operation could not
be successfully completed.
[ System Events ]
Error - 22.09.2010 09:32:57 | Computer Name = xxxxxxxx| Source = Service Control Manager | ID = 7034
Description = The MSSQL$UPSWSDBSERVER service terminated unexpectedly. It has done
this 1 time(s).
Error - 22.09.2010 09:32:57 | Computer Name = xxxxxxxxxx| Source = Service Control Manager | ID = 7034
Description = The NVIDIA Display Driver Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 22.09.2010 09:32:57 | Computer Name = xxxxxxxxxxxx| Source = Service Control Manager | ID = 7034
Description = The O&O Defrag service terminated unexpectedly. It has done this
1 time(s).
Error - 22.09.2010 09:32:57 | Computer Name = xxxxxxxxxx| Source = Service Control Manager | ID = 7034
Description = The Intel(R) PROSet/Wireless Registry Service service terminated unexpectedly.
It has done this 1 time(s).
Error - 22.09.2010 09:32:57 | Computer Name = xxxxxxxxxxx| Source = Service Control Manager | ID = 7034
Description = The SLPMONX service terminated unexpectedly. It has done this 1 time(s).
Error - 22.09.2010 09:32:57 | Computer Name = xxxxxxxxxxxx| Source = Service Control Manager | ID = 7034
Description = The hpqwmiex service terminated unexpectedly. It has done this 1
time(s).
Error - 22.09.2010 09:34:35 | Computer Name = xxxxxxxxxxxxx| Source = Service Control Manager | ID = 7000
Description = The USB-Flachbettscanner service failed to start due to the following
error: %%1058
Error - 22.09.2010 09:43:40 | Computer Name = xxxxxxxxxxxxxxx| Source = Service Control Manager | ID = 7000
Description = The USB-Flachbettscanner service failed to start due to the following
error: %%1058
Error - 22.09.2010 09:53:31 | Computer Name = xxxxxxxxxxxx| Source = Service Control Manager | ID = 7000
Description = The USB-Flachbettscanner service failed to start due to the following
error: %%1058
Error - 23.09.2010 05:41:41 | Computer Name = xxxxxxxxxx| Source = Service Control Manager | ID = 7000
Description = The USB-Flachbettscanner service failed to start due to the following
error: %%1058
< End of report > --- --- ---
OTL Logfile: Code:
OTL logfile created on: 23.09.2010 12:27:13 - Run 2
OTL by OldTimer - Version 3.2.14.1 Folder = F:\Documents and Settings\***\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 84,00% Memory free
7,00 Gb Paging File | 7,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): E:\pagefile.sys 4092 4092 [binary data]
%SystemDrive% = F: | %SystemRoot% = F:\WINDOWS | %ProgramFiles% = F:\Program Files
Drive C: | 6,84 Gb Total Space | 5,01 Gb Free Space | 73,29% Space Free | Partition Type: NTFS
Drive D: | 6,84 Gb Total Space | 3,49 Gb Free Space | 50,98% Space Free | Partition Type: NTFS
Drive E: | 59,94 Gb Total Space | 13,35 Gb Free Space | 22,28% Space Free | Partition Type: NTFS
Drive F: | 19,53 Gb Total Space | 5,93 Gb Free Space | 30,35% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 3,79 Gb Total Space | 0,02 Gb Free Space | 0,51% Space Free | Partition Type: FAT32
Computer Name: xxxxxxxx
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - F:\Documents and Settings\***\Desktop\OTL.exe (OldTimer Tools)
PRC - F:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - F:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - F:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - F:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - F:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - F:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - F:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - F:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - F:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
PRC - F:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe (Cognizance Corporation)
PRC - F:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe (Hewlett-Packard Development Company, L.P.)
PRC - F:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
PRC - F:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - F:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - F:\Program Files\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe (Microsoft Corporation)
PRC - F:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
PRC - F:\WINDOWS\system32\slpmonx.exe (Seiko Instruments USA, Inc.)
PRC - F:\WINDOWS\system32\slpservice.exe (ProdEx Technologies)
PRC - F:\Program Files\Medion\ScanPanel\ScnPanel.exe ()
========== Modules (SafeList) ==========
MOD - F:\Documents and Settings\***\Desktop\OTL.exe (OldTimer Tools)
MOD - F:\WINDOWS\system32\arpdump.dll ()
MOD - F:\WINDOWS\system32\msvcp60.dll (Microsoft Corporation)
MOD - F:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - F:\WINDOWS\system32\APSHook.dll (Bioscrypt Inc.)
MOD - F:\Program Files\Hewlett-Packard\IAM\Bin\ItClient.dll (Cognizance Corporation)
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- F:\WINDOWS\System32\hidserv.dll File not found
SRV - (AntiVirService) -- F:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- F:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (EvtEng) Intel(R) -- F:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (S24EventMonitor) Intel(R) -- F:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (RegSrvc) Intel(R) -- F:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (ASBroker) -- F:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Cognizance Corporation)
SRV - (IviRegMgr) -- F:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
SRV - (ASChannel) -- F:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll (Cognizance Corporation)
SRV - (IAANTMon) Intel(R) -- F:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (MSSQL$UPSWSDBSERVER) -- F:\PROGRAM FILES\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$UPSWSDBSERVER) -- F:\PROGRAM FILES\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlagent.EXE (Microsoft Corporation)
SRV - (O&O Defrag) -- F:\WINDOWS\system32\oodag.exe (O&O Software GmbH)
SRV - (SLPMONX) -- F:\WINDOWS\system32\slpservice.exe (ProdEx Technologies)
========== Driver Services (SafeList) ==========
DRV - (UIUSys) -- F:\WINDOWS\System32\DRIVERS\UIUSYS.SYS File not found
DRV - (MEMSWEEP2) -- F:\WINDOWS\System32\1.tmp File not found
DRV - (avgntflt) -- F:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (SASENUM) -- F:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- F:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- F:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (ssmdrv) -- F:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Cdralw2k) -- F:\WINDOWS\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (Cdr4_xp) -- F:\WINDOWS\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (avipbb) -- F:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- F:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (HDAudBus) -- F:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (SynTP) -- F:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (NETw4x32) Intel(R) -- F:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (ADIHdAudAddService) -- F:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- F:\WINDOWS\system32\drivers\atswpdrv.sys (AuthenTec, Inc.)
DRV - (s24trans) -- F:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (nv) -- F:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (HpqKbFiltr) -- F:\WINDOWS\system32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (tifm21) -- F:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (GTIPCI21) -- F:\WINDOWS\system32\drivers\gtipci21.sys (Texas Instruments)
DRV - (HBtnKey) -- F:\WINDOWS\system32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (HSF_DPV) -- F:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- F:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSFHWAZL) -- F:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.)
DRV - (b57w2k) -- F:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (Accelerometer) -- F:\WINDOWS\system32\drivers\Accelerometer.sys (Hewlett-Packard Corporation)
DRV - (hpdskflt) -- F:\WINDOWS\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV - (IFXTPM) -- F:\WINDOWS\system32\drivers\ifxtpm.sys (Infineon Technologies AG)
DRV - (iaStor) -- F:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (SampleScanner) -- F:\WINDOWS\system32\drivers\ArtecGT.sys ( )
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.4
FF - prefs.js..extensions.enabledItems: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:0.1
FF - prefs.js..extensions.enabledItems: {CA98C7ED-AC2C-42F4-B531-6CDEB5DB2AAE}:1.9.1
FF - HKLM\software\mozilla\Firefox\extensions\\{CA98C7ED-AC2C-42F4-B531-6CDEB5DB2AAE}: F:\Documents and Settings\***\Local Settings\Application Data\{CA98C7ED-AC2C-42F4-B531-6CDEB5DB2AAE} [2010.09.21 12:33:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Components: F:\Program Files\Mozilla Firefox\components [2010.01.18 21:49:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.5\extensions\\Plugins: F:\Program Files\Mozilla Firefox\plugins [2010.08.23 16:12:43 | 000,000,000 | ---D | M]
[2010.01.15 20:59:46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\***\Application Data\Mozilla\Extensions
[2010.09.21 18:04:46 | 000,000,000 | ---D | M] -- F:\Documents and Settings\***Application Data\Mozilla\Firefox\Profiles\mki35h49.default\extensions
[2010.08.28 12:54:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- F:\Documents and Settings\****\Application Data\Mozilla\Firefox\Profiles\mki35h49.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.25 21:26:09 | 000,000,000 | ---D | M] (Flash and Video Download) -- F:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\mki35h49.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2010.08.28 12:54:27 | 000,000,000 | ---D | M] -- F:\Documents and Settings\***\Application Data\Mozilla\Firefox\Profiles\mki35h49.default\extensions\YoutubeDownloader@PeterOlayev.com
[2010.09.21 18:04:46 | 000,000,000 | ---D | M] -- F:\Program Files\Mozilla Firefox\extensions
[2008.07.28 12:07:36 | 000,069,632 | ---- | M] (UPS) -- F:\Program Files\Mozilla Firefox\plugins\NPEltr32.dll
[2009.12.21 07:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- F:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009.11.03 04:14:39 | 000,001,392 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009.11.03 04:14:39 | 000,002,344 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2009.11.03 04:14:39 | 000,006,805 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2009.11.03 04:14:39 | 000,001,178 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2009.11.03 04:14:39 | 000,000,801 | ---- | M] () -- F:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,734 | ---- | M]) - F:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - F:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [avgnt] F:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CognizanceTS] F:\Program Files\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [IAAnotif] F:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] F:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] F:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] F:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] F:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PTHOSTTR] F:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKCU..\Run: [ISUSPM] F:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - Startup: F:\Documents and Settings\All Users\Start Menu\Programs\Startup\ScanPanel.lnk = F:\Program Files\Medion\ScanPanel\ScnPanel.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 01 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 01 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 01 00 00 00 [binary data]
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} hxxp://support.microsoft.com/mats/DiagWebControl.cab (Diagnostics ActiveX WebControl)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D6E0B119-DCF2-4CD6-8DFB-7CFF1B70F7FF} https://bis.eu.blackberry.com/html/web/client_tools/TOImport.cab (TeamOn Import Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O20 - AppInit_DLLs: (APSHook.dll) - F:\WINDOWS\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - F:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (F:\Program Files\Hewlett-Packard\IAM\bin\ocgina.dll) - F:\Program Files\Hewlett-Packard\IAM\Bin\OCGina.dll (Cognizance Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - F:\Program Files\SUPERAntiSpyware\SASWINLO.dll - F:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\IfxWlxEN: DllName - IfxWlxEN.dll - F:\WINDOWS\System32\IfxWlxEN.dll (Infineon Technologies AG)
O20 - Winlogon\Notify\OneCard: DllName - F:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll - F:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Cognizance Corporation)
O24 - Desktop WallPaper: F:\WINDOWS\Web\Wallpaper\HP Cityscape Wide.bmp
O24 - Desktop BackupWallPaper: F:\WINDOWS\Web\Wallpaper\HP Cityscape Wide.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - F:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.11 13:07:50 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - F:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: clicover - (F:\WINDOWS\system32\arpdump.dll) - F:\WINDOWS\system32\arpdump.dll ()
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.09.23 12:25:12 | 000,000,000 | RH-D | C] -- F:\Documents and Settings\***\Recent
[2010.09.23 12:06:11 | 000,575,488 | ---- | C] (OldTimer Tools) -- F:\Documents and Settings\***\Desktop\OTL.exe
[2010.09.22 18:02:49 | 000,045,056 | ---- | C] (ULTIMA ELECTRONICS CORP.) -- F:\WINDOWS\System32\RemovePlus.exe
[2010.09.22 18:02:33 | 000,000,000 | ---D | C] -- F:\Program Files\Medion
[2010.09.22 15:40:42 | 000,000,000 | ---D | C] -- F:\WINDOWS\ERDNT
[2010.09.22 15:37:14 | 000,000,000 | ---D | C] -- F:\Program Files\ERUNT
[2010.09.22 14:27:47 | 000,000,000 | ---D | C] -- F:\Program Files\Sophos
[2010.09.22 14:14:08 | 000,519,680 | ---- | C] (OldTimer Tools) -- F:\Documents and Settings\***\Desktop\OTM.exe
[2010.09.21 21:43:53 | 000,000,000 | ---D | C] -- F:\Program Files\Trend Micro
[2010.09.21 19:18:41 | 000,000,000 | ---D | C] -- F:\Program Files\Safer Networking
[2010.09.21 12:33:57 | 000,000,000 | ---D | C] -- F:\Documents and Settings\***\Local Settings\Application Data\{CA98C7ED-AC2C-42F4-B531-6CDEB5DB2AAE}
[2010.09.15 16:02:48 | 000,000,000 | ---D | C] -- F:\Documents and Settings\***\Application Data\Google
[2010.09.15 16:01:46 | 000,000,000 | ---D | C] -- F:\Documents and Settings\All Users\Application Data\Google
[2010.09.15 15:57:42 | 000,000,000 | ---D | C] -- F:\Program Files\Google
[2010.08.26 17:23:34 | 000,644,400 | ---- | C] (Microsoft Corporation) -- F:\WINDOWS\System32\mscomct2.ocx
[2010.03.29 20:57:15 | 000,018,120 | ---- | C] ( ) -- F:\WINDOWS\System32\drivers\ArtecGT.sys
[2004.08.04 14:00:00 | 000,192,512 | ---- | C] ( ) -- F:\WINDOWS\abovekegubixudum.dll
========== Files - Modified Within 30 Days ==========
[2010.09.23 12:27:50 | 000,564,800 | ---- | M] () -- F:\WINDOWS\System32\drivers\tdjzasdk.sys
[2010.09.23 12:05:46 | 000,575,488 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\***\Desktop\OTL.exe
[2010.09.23 11:46:06 | 000,535,230 | ---- | M] () -- F:\WINDOWS\System32\PerfStringBackup.INI
[2010.09.23 11:46:06 | 000,450,520 | ---- | M] () -- F:\WINDOWS\System32\perfh009.dat
[2010.09.23 11:46:06 | 000,075,330 | ---- | M] () -- F:\WINDOWS\System32\perfc009.dat
[2010.09.23 11:42:16 | 000,001,202 | ---- | M] () -- F:\WINDOWS\ScnPanel.ini
[2010.09.23 11:41:51 | 000,002,206 | ---- | M] () -- F:\WINDOWS\System32\wpa.dbl
[2010.09.23 11:41:48 | 000,077,918 | ---- | M] () -- F:\WINDOWS\System32\nvModes.001
[2010.09.23 11:41:27 | 000,000,006 | -H-- | M] () -- F:\WINDOWS\tasks\SA.DAT
[2010.09.23 11:41:24 | 000,002,048 | --S- | M] () -- F:\WINDOWS\bootstat.dat
[2010.09.23 11:41:17 | 000,122,802 | ---- | M] () -- F:\WINDOWS\System32\OODBS.lor
[2010.09.22 19:05:19 | 005,767,168 | -H-- | M] () -- F:\Documents and Settings\***\NTUSER.DAT
[2010.09.22 19:04:58 | 000,000,531 | ---- | M] () -- F:\WINDOWS\win.ini
[2010.09.22 19:04:54 | 006,520,490 | -H-- | M] () -- F:\Documents and Settings\***\Local Settings\Application Data\IconCache.db
[2010.09.22 18:56:59 | 000,011,463 | ---- | M] () -- F:\WINDOWS\Dusb3ar.ini
[2010.09.22 18:56:59 | 000,002,662 | ---- | M] () -- F:\WINDOWS\Ausba3.INI
[2010.09.22 18:10:08 | 000,000,589 | ---- | M] () -- F:\Documents and Settings\***\Desktop\My.lnk
[2010.09.22 18:03:21 | 000,030,720 | ---- | M] () -- F:\WINDOWS\EWhiteu12.dat
[2010.09.22 18:03:21 | 000,000,004 | ---- | M] () -- F:\WINDOWS\AErroru3.dat
[2010.09.22 18:03:19 | 000,030,720 | ---- | M] () -- F:\WINDOWS\EDarku12.dat
[2010.09.22 18:03:16 | 000,000,006 | ---- | M] () -- F:\WINDOWS\EExpou.dat
[2010.09.22 18:03:16 | 000,000,003 | ---- | M] () -- F:\WINDOWS\EOffsetu.dat
[2010.09.22 18:03:16 | 000,000,003 | ---- | M] () -- F:\WINDOWS\EGain6.dat
[2010.09.22 18:02:49 | 000,001,614 | ---- | M] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Startup\ScanPanel.lnk
[2010.09.22 15:37:14 | 000,000,617 | ---- | M] () -- F:\Documents and Settings\***\Desktop\NTREGOPT.lnk
[2010.09.22 15:37:14 | 000,000,598 | ---- | M] () -- F:\Documents and Settings\***\Desktop\ERUNT.lnk
[2010.09.22 14:58:29 | 000,000,681 | ---- | M] () -- F:\Documents and Settings\***\Desktop\Shortcut to Cleanup.exe.lnk
[2010.09.22 12:21:41 | 000,000,873 | ---- | M] () -- F:\Documents and Settings\***\Desktop\Shortcut to xxxxxxxx.xls.lnk
[2010.09.22 09:41:20 | 000,000,000 | ---- | M] () -- F:\WINDOWS\Ariqukaye.bin
[2010.09.22 07:51:02 | 000,293,376 | ---- | M] () -- F:\Documents and Settings\***\Desktop\52u8lxww.exe
[2010.09.21 21:43:53 | 000,001,740 | ---- | M] () -- F:\Documents and Settings\***\Desktop\HijackThis.lnk
[2010.09.21 21:41:04 | 000,519,680 | ---- | M] (OldTimer Tools) -- F:\Documents and Settings\***\Desktop\OTM.exe
[2010.09.21 19:16:29 | 000,000,178 | -HS- | M] () -- F:\Documents and Settings\***\ntuser.ini
[2010.09.21 18:51:32 | 000,020,992 | ---- | M] () -- F:\Documents and Settings\***\My Documents\Wunschzettel.doc
[2010.09.21 16:58:33 | 000,000,120 | ---- | M] () -- F:\WINDOWS\Gjimecahalevete.dat
[2010.09.21 12:25:53 | 000,050,176 | -H-- | M] () -- F:\WINDOWS\System32\arpdump.dll
[2010.09.20 20:43:13 | 000,002,181 | ---- | M] () -- F:\Documents and Settings\***\Desktop\REFLEX Modellflugsimulator.lnk
[2010.09.20 14:29:11 | 000,077,918 | ---- | M] () -- F:\WINDOWS\System32\nvModes.dat
[2010.09.20 11:40:03 | 000,112,128 | ---- | M] () -- F:\Documents and Settings\***\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.16 16:19:22 | 000,000,616 | ---- | M] () -- F:\Documents and Settings\***\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010.09.15 15:57:51 | 000,001,768 | ---- | M] () -- F:\Documents and Settings\All Users\Desktop\Google SketchUp 8.lnk
[2010.09.14 21:55:10 | 000,028,622 | ---- | M] () -- F:\Documents and Settings\***\Desktop\Re_ Vent Window Four Winns Liberator xxxxxxxxx.eml
[2010.09.14 12:37:00 | 000,083,841 | ---- | M] () -- F:\Documents and Settings\***\Desktop\Expedia Reisebestätigung - xxxxx (Reiseplan-Nr. 000000000000).eml
[2010.09.14 08:45:36 | 002,125,423 | ---- | M] () -- F:\Documents and Settings\***\Desktop\plesk8.pdf
[2010.09.12 12:02:33 | 000,000,724 | ---- | M] () -- F:\Documents and Settings\***\Desktop\Bank***.lnk
[2010.09.10 16:48:11 | 000,000,275 | ---- | M] () -- F:\Documents and Settings\***\Desktop\Shortcut to *** xxx.xls.lnk
[2010.09.10 16:48:03 | 000,000,278 | ---- | M] () -- F:\Documents and Settings\***\Desktop\Shortcut to xxxxxxxxxxx.xls.lnk
[2010.08.29 13:26:34 | 000,951,440 | ---- | M] () -- F:\Documents and Settings\***\My Documents\small-block.pdf
[2010.08.26 17:23:34 | 000,644,400 | ---- | M] (Microsoft Corporation) -- F:\WINDOWS\System32\mscomct2.ocx
========== Files Created - No Company Name ==========
[2010.09.22 18:10:08 | 000,000,589 | ---- | C] () -- F:\Documents and Settings\***\Desktop\My.lnk
[2010.09.22 18:02:49 | 000,001,614 | ---- | C] () -- F:\Documents and Settings\All Users\Start Menu\Programs\Startup\ScanPanel.lnk
[2010.09.22 18:02:49 | 000,001,202 | ---- | C] () -- F:\WINDOWS\ScnPanel.ini
[2010.09.22 18:02:49 | 000,000,766 | ---- | C] () -- F:\WINDOWS\Uninstall.ico
[2010.09.22 18:02:29 | 000,001,704 | ---- | C] () -- F:\WINDOWS\ePlus.ini
[2010.09.22 15:37:14 | 000,000,617 | ---- | C] () -- F:\Documents and Settings\***\Desktop\NTREGOPT.lnk
[2010.09.22 15:37:14 | 000,000,598 | ---- | C] () -- F:\Documents and Settings\***\Desktop\ERUNT.lnk
[2010.09.22 14:58:29 | 000,000,681 | ---- | C] () -- F:\Documents and Settings\***\Desktop\Shortcut to Cleanup.exe.lnk
[2010.09.22 14:14:03 | 000,293,376 | ---- | C] () -- F:\Documents and Settings\***\Desktop\52u8lxww.exe
[2010.09.21 22:44:20 | 000,083,841 | ---- | C] () -- F:\Documents and Settings\***\Desktop\Expedia Reisebestätigung - xxxxx- (Reiseplan-Nr. 000000).eml
[2010.09.21 21:43:53 | 000,001,740 | ---- | C] () -- F:\Documents and Settings\***\Desktop\HijackThis.lnk
[2010.09.21 18:51:32 | 000,020,992 | ---- | C] () -- F:\Documents and Settings\***\My Documents\Wunschzettel.doc
[2010.09.21 12:33:58 | 000,000,120 | ---- | C] () -- F:\WINDOWS\Gjimecahalevete.dat
[2010.09.21 12:33:58 | 000,000,000 | ---- | C] () -- F:\WINDOWS\Ariqukaye.bin
[2010.09.21 12:32:23 | 000,564,800 | ---- | C] () -- F:\WINDOWS\System32\drivers\tdjzasdk.sys
[2010.09.21 12:25:53 | 000,050,176 | -H-- | C] () -- F:\WINDOWS\System32\arpdump.dll
[2010.09.15 15:57:51 | 000,001,768 | ---- | C] () -- F:\Documents and Settings\All Users\Desktop\Google SketchUp 8.lnk
[2010.09.14 21:55:10 | 000,028,622 | ---- | C] () -- F:\Documents and Settings\***\Desktop\Re_ Vent Window Four Winns Liberator xxxxxxx.eml
[2010.09.14 08:45:36 | 002,125,423 | ---- | C] () -- F:\Documents and Settings\***\Desktop\plesk8.pdf
[2010.09.12 12:02:33 | 000,000,724 | ---- | C] () -- F:\Documents and Settings\***\Desktop\Bank***.lnk
[2010.09.10 16:48:11 | 000,000,275 | ---- | C] () -- F:\Documents and Settings\***\Desktop\Shortcut to *** XXX.xls.lnk
[2010.09.10 16:48:03 | 000,000,278 | ---- | C] () -- F:\Documents and Settings\***\Desktop\Shortcut to XXXXXX.xls.lnk
[2010.08.29 13:26:34 | 000,951,440 | ---- | C] () -- F:\Documents and Settings\***\My Documents\xxxxxx.pdf
[2010.08.25 17:41:25 | 000,000,873 | ---- | C] () -- F:\Documents and Settings\***\Desktop\Shortcut to xxxxxxx.xls.lnk
[2010.05.17 20:23:17 | 000,000,241 | ---- | C] () -- F:\WINDOWS\wstdUPSWSHIP.INI
[2010.03.29 20:57:18 | 000,200,704 | ---- | C] () -- F:\WINDOWS\Ausba3.dll
[2010.03.29 20:57:18 | 000,011,463 | ---- | C] () -- F:\WINDOWS\Dusb3ar.ini
[2010.03.29 20:57:18 | 000,002,662 | ---- | C] () -- F:\WINDOWS\Ausba3.INI
[2010.03.08 17:44:17 | 000,024,576 | R--- | C] () -- F:\WINDOWS\System32\Arsetup.dll
[2010.03.08 17:44:17 | 000,000,282 | R--- | C] () -- F:\WINDOWS\System32\Arsetup.ini
[2010.02.08 17:06:36 | 000,000,040 | ---- | C] () -- F:\WINDOWS\ed3_programmer.ini
[2010.02.07 15:49:56 | 000,000,000 | ---- | C] () -- F:\Documents and Settings\***\Local Settings\Application Data\FnF4.txt
[2010.01.15 22:52:06 | 000,112,128 | ---- | C] () -- F:\Documents and Settings\***\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.15 21:27:03 | 000,085,504 | ---- | C] () -- F:\WINDOWS\System32\ff_vfw.dll
[2010.01.15 21:27:03 | 000,000,547 | ---- | C] () -- F:\WINDOWS\System32\ff_vfw.dll.manifest
[2010.01.15 21:21:52 | 000,001,298 | ---- | C] () -- F:\WINDOWS\MultiTimer.ini
[2010.01.15 20:07:58 | 000,000,166 | ---- | C] () -- F:\WINDOWS\hbcikrnl.ini
[2010.01.14 18:12:22 | 000,006,656 | ---- | C] () -- F:\WINDOWS\System32\CNMVS5n.DLL
[2010.01.14 17:59:08 | 000,001,406 | ---- | C] () -- F:\WINDOWS\ODBC.INI
[2010.01.12 19:58:00 | 000,036,864 | ---- | C] () -- F:\WINDOWS\System32\SlpApi42.dll
[2010.01.12 19:54:30 | 000,087,552 | ---- | C] () -- F:\WINDOWS\System32\cpwmon2k.dll
[2010.01.12 15:23:20 | 000,204,800 | ---- | C] () -- F:\WINDOWS\System32\IVIresizeW7.dll
[2010.01.12 15:23:20 | 000,200,704 | ---- | C] () -- F:\WINDOWS\System32\IVIresizeA6.dll
[2010.01.12 15:23:20 | 000,192,512 | ---- | C] () -- F:\WINDOWS\System32\IVIresizeP6.dll
[2010.01.12 15:23:20 | 000,192,512 | ---- | C] () -- F:\WINDOWS\System32\IVIresizeM6.dll
[2010.01.12 15:23:20 | 000,188,416 | ---- | C] () -- F:\WINDOWS\System32\IVIresizePX.dll
[2010.01.12 15:23:19 | 000,020,480 | ---- | C] () -- F:\WINDOWS\System32\IVIresize.dll
[2007.08.09 03:18:00 | 001,703,936 | ---- | C] () -- F:\WINDOWS\System32\nvwdmcpl.dll
[2007.08.09 03:18:00 | 001,474,560 | ---- | C] () -- F:\WINDOWS\System32\nview.dll
[2007.08.09 03:18:00 | 001,019,904 | ---- | C] () -- F:\WINDOWS\System32\nvwimg.dll
[2007.08.09 03:18:00 | 000,466,944 | ---- | C] () -- F:\WINDOWS\System32\nvshell.dll
[2007.03.16 14:13:44 | 000,012,547 | ---- | C] () -- F:\WINDOWS\System32\argomon.dll
[2003.04.08 13:41:20 | 000,180,224 | ---- | C] () -- F:\WINDOWS\System32\nssckbi.dll
[2002.03.21 16:39:02 | 000,073,728 | ---- | C] () -- F:\WINDOWS\System32\UNACEV2.DLL
[1998.05.07 03:10:00 | 000,069,632 | R--- | C] () -- F:\WINDOWS\System32\ODMA32.dll
[1980.01.04 02:17:16 | 000,000,000 | ---- | C] () -- F:\Documents and Settings\***\Local Settings\Application Data\QSwitch.txt
[1980.01.04 02:17:16 | 000,000,000 | ---- | C] () -- F:\Documents and Settings\***\Local Settings\Application Data\DSwitch.txt
[1980.01.04 02:17:16 | 000,000,000 | ---- | C] () -- F:\Documents and Settings\***\Local Settings\Application Data\AtStart.txt
[1980.01.04 02:00:13 | 000,039,859 | ---- | C] () -- F:\Documents and Settings\***\Local Settings\Application Data\FASTWiz.log
< End of report > --- --- ---
Danke sehr ....
Gruss Andreas |