Hallo,
Danke für die Antwort! Hier die Logs:OTL Logfile: Code:
OTL Extras logfile created on: 06.11.2010 10:16:07 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Besitzer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 29,37 Gb Free Space | 31,85% Space Free | Partition Type: NTFS
Drive D: | 197,09 Gb Total Space | 173,48 Gb Free Space | 88,02% Space Free | Partition Type: NTFS
Computer Name: JONATHAN | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "C:\Program Files\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B9251B8-E961-4F5A-96AA-D2B9F126FD2C}" = lport=138 | protocol=17 | dir=in | app=system |
"{108C0BBD-3DDC-46F2-8C2A-6446F761B5C6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1303D149-E10C-47CE-9720-F7A91A941A39}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{145891A8-E45B-478A-930C-5D9C615EF893}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3505FE7D-4A25-4551-BE85-7956F5462F5A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{449AC094-14F8-4972-AF77-B536984E7245}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4CB06D9F-53A1-4CEE-9A27-98198596888F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{506B4BBA-F08A-47BB-ADE0-5D937C9EE670}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{53CBC31B-F307-4F37-906D-13A748E31CBD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5471D7DE-39AB-431F-B677-651AC686C0C5}" = rport=445 | protocol=6 | dir=out | app=system |
"{61996DC3-726E-41AD-9711-4FCB04AD912F}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{6D072839-F20A-4C0B-BE12-CA1002B531F0}" = lport=1100 | protocol=6 | dir=in | name=tor |
"{83093325-D95C-4745-BB71-6DBFAC773A5C}" = lport=139 | protocol=6 | dir=in | app=system |
"{84170CA2-5882-4A08-AE6C-5709F6603698}" = rport=137 | protocol=17 | dir=out | app=system |
"{84E08DBA-CFE9-4F79-8936-20CC855C2B48}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{96E3C529-3134-40AD-B202-A069DB9F2354}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{AFC7DCA9-F04A-4BD4-B51E-E13D3A96A687}" = rport=139 | protocol=6 | dir=out | app=system |
"{BEE4E7AD-ED39-4576-A93D-9BB0C43AEFAC}" = lport=137 | protocol=17 | dir=in | app=system |
"{D24EFB16-A9A5-427F-8303-02E7E390F568}" = lport=445 | protocol=6 | dir=in | app=system |
"{D9AE5C64-3035-4300-9B68-CC6F09620AA8}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{DC5DFB7F-FEB5-4BC9-A89E-9E6C0E538606}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF886EAE-0DDF-4241-AC04-BDC9978E1927}" = rport=138 | protocol=17 | dir=out | app=system |
"{FA6E1445-8B9E-41BE-BE63-BBBEE5CBF82A}" = lport=1100 | protocol=17 | dir=in | name=tor udp |
"{FF73E513-3DB9-4F3C-952C-5872A30CC2E5}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F5ECA54-88FE-4B3B-849F-F54471D61969}" = protocol=17 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe |
"{1BA840F9-D2B6-4FF4-B286-654A9B656CB0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{1C9C2D86-B5BD-4C2D-B4EF-F62D7230C00E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1EB3BBD3-8782-483F-84AE-2A382BA8DBD7}" = protocol=17 | dir=in | app=c:\program files\sports interactive\football manager 2008\fm.exe |
"{3400A4FB-0E1E-4844-B5D9-372435A4CB15}" = protocol=6 | dir=in | app=c:\users\besitzer\appdata\roaming\dropbox\bin\dropbox.exe |
"{52D8087B-7F7B-4B74-B73B-EE1370B3A037}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{60F79FF3-2991-4D6E-8478-2C0E725021B7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{698FFB3A-FAB6-44BF-8353-9EBDEA8F704F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7CD74BC8-B01F-4BC9-93EF-0C34866A8D4B}" = protocol=17 | dir=in | app=c:\users\besitzer\appdata\roaming\dropbox\bin\dropbox.exe |
"{91881304-1D07-4FA6-8078-3A3650CE87AB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A9F8AACE-3EE8-4D64-B0AF-3ED5E148C1C4}" = protocol=6 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe |
"{B19E6360-1B25-4D34-86A9-5EBA9A8596F0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B777F5BC-4661-4A30-A12E-F1B82AEBA2A5}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{BC4FFE35-835D-4BF7-BEB3-671969F79C5F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C75178D2-4833-4A44-9496-B03EBCB9E544}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E66F7070-2117-484B-A7D0-7914D338C5A3}" = protocol=6 | dir=in | app=c:\program files\sports interactive\football manager 2008\fm.exe |
"TCP Query User{016BF2C6-EA92-4148-B865-F48BF807F333}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{0D863F7C-974C-4496-85F8-55CFC83B9A05}C:\program files\ibm\lotus\symphony\framework\rcp\eclipse\plugins\com.ibm.rcp.base_6.2.0.20090505-1200\win32\x86\symphony.exe" = protocol=6 | dir=in | app=c:\program files\ibm\lotus\symphony\framework\rcp\eclipse\plugins\com.ibm.rcp.base_6.2.0.20090505-1200\win32\x86\symphony.exe |
"TCP Query User{4CCA00AC-96D4-472D-A582-72589A815DA1}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{574FBCB0-4F0A-4C01-A738-8A6B31FDF239}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe |
"TCP Query User{6FDBB36F-F238-4AC7-98A4-520C66CAA928}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe |
"TCP Query User{E229D3B8-31E8-4975-972E-1CBDED0EE5F8}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{E9F31EC8-0294-4805-A8B0-8F21D580BF08}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{EE7280DF-E6D9-42BE-BFAE-49D355BB20A8}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{42CF017A-8471-43AF-9711-BCEF6E132AF9}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe |
"UDP Query User{571ABE52-9AD7-4186-AD42-6BDB400B7435}C:\program files\ibm\lotus\symphony\framework\rcp\eclipse\plugins\com.ibm.rcp.base_6.2.0.20090505-1200\win32\x86\symphony.exe" = protocol=17 | dir=in | app=c:\program files\ibm\lotus\symphony\framework\rcp\eclipse\plugins\com.ibm.rcp.base_6.2.0.20090505-1200\win32\x86\symphony.exe |
"UDP Query User{7C9E4F21-C342-4AD2-928C-EA3FFDB55337}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{9D03603D-01F9-46C6-9726-F5870158E4E3}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe |
"UDP Query User{A2D9C7B8-3CAD-4FBE-AA72-10F4DC1AC305}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{AB8AE4C5-9885-42F1-AAC9-E864058052B8}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{E3C0B46E-2514-4F1D-A5AB-C2AA6DD15BBE}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{F6C86C06-EC87-46E5-AD68-B28C53C5C652}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Symbolleiste
"{13702021-43FB-480C-912F-D9B74A538288}" = OpenProj
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 17
"{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}" = SystemDiagnostics
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58BAA8D0-404E-4585-9FD3-ED1BB72AC2EE}" = Adobe Flash Player 9 ActiveX
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{757debef-635e-4076-b82b-dac22feb3c9c}" = IBM Lotus Symphony
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{854C47D1-C2A0-4492-8655-C3F8D49C1031}" = Nero 8 Essentials
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}" = FSCLounge
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AFC454ED-A26F-4816-826B-C35129D82E1F}" = Fujitsu Siemens Computers Recovery
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{F0312AC6-988B-11DA-9C49-000476F770CC}" = CIB pdf brewer 2.5.26
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Arena 2.0.1_is1" = Arena 2.0.1
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"CCleaner" = CCleaner
"Core FTP LE 2.1" = Core FTP LE 2.1
"Debut" = Debut Video Capture Software
"dm-Fotowelt" = dm-Fotowelt
"ECDeject" = ECDeject
"ElsterFormular 11.5.0.4546" = ElsterFormular
"FileZilla Client" = FileZilla Client 3.2.5
"FlashGet" = FlashGet 1.9.6.1073
"Football Manager 2008" = Football Manager 2008
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"JAP" = JAP
"JDownloader" = JDownloader
"Lexmark X74-X75" = Lexmark X74-X75
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mobile Partner" = Mobile Partner
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"pdfsam" = pdfsam
"Pixillion" = Pixillion Image Converter
"PROSet" = Intel(R) Network Connections Drivers
"SopCast" = SopCast 3.2.9
"Videoload Manager" = Videoload Manager 2.0.2171
"VLC media player" = VLC media player 1.0.3
"WinGimp-2.0_is1" = GIMP 2.6.6
"WinRAR archiver" = WinRAR archiver
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26.10.2010 14:00:24 | Computer Name = jonathan | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung gimp-2.6.exe, Version 0.0.0.0, Zeitstempel 0x49c4317f,
fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18005, Zeitstempel 0x49e03821, Ausnahmecode
0xc0000005, Fehleroffset 0x00066796, Prozess-ID 0x150, Anwendungsstartzeit 01cb7536fe733148.
Error - 26.10.2010 15:06:26 | Computer Name = jonathan | Source = WinMgmt | ID = 10
Description =
Error - 27.10.2010 02:54:07 | Computer Name = jonathan | Source = WinMgmt | ID = 10
Description =
Error - 29.10.2010 03:27:59 | Computer Name = jonathan | Source = WinMgmt | ID = 10
Description =
Error - 29.10.2010 15:13:55 | Computer Name = jonathan | Source = WinMgmt | ID = 10
Description =
Error - 29.10.2010 16:46:34 | Computer Name = jonathan | Source = WinMgmt | ID = 10
Description =
Error - 30.10.2010 03:40:03 | Computer Name = jonathan | Source = WinMgmt | ID = 10
Description =
Error - 31.10.2010 06:09:23 | Computer Name = jonathan | Source = WinMgmt | ID = 10
Description =
Error - 31.10.2010 07:46:47 | Computer Name = jonathan | Source = WinMgmt | ID = 10
Description =
Error - 01.11.2010 14:30:30 | Computer Name = jonathan | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 22.09.2010 14:36:11 | Computer Name = jonathan | Source = DCOM | ID = 10010
Description =
Error - 24.09.2010 02:10:44 | Computer Name = jonathan | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 23.09.2010 um 22:31:20 unerwartet heruntergefahren.
Error - 29.09.2010 16:30:22 | Computer Name = jonathan | Source = DCOM | ID = 10010
Description =
Error - 01.10.2010 02:10:49 | Computer Name = jonathan | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.50 für die Netzwerkkarte mit der Netzwerkadresse
00215D1D14EE wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 03.10.2010 13:12:58 | Computer Name = jonathan | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.51 für die Netzwerkkarte mit der Netzwerkadresse
00215D1D14EE wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 15.10.2010 07:18:36 | Computer Name = jonathan | Source = Service Control Manager | ID = 7011
Description =
Error - 17.10.2010 15:29:44 | Computer Name = jonathan | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.50 für die Netzwerkkarte mit der Netzwerkadresse
00215D1D14EE wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 20.10.2010 16:18:45 | Computer Name = jonathan | Source = Microsoft-Windows-ResourcePublication | ID = 1002
Description =
Error - 04.11.2010 16:29:06 | Computer Name = jonathan | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Error - 04.11.2010 16:29:06 | Computer Name = jonathan | Source = atapi | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
< End of report > --- --- ---
--------------------------------------------------------------------------
OTL Logfile: Code:
OTL logfile created on: 06.11.2010 10:16:07 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Besitzer\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 29,37 Gb Free Space | 31,85% Space Free | Partition Type: NTFS
Drive D: | 197,09 Gb Total Space | 173,48 Gb Free Space | 88,02% Space Free | Partition Type: NTFS
Computer Name: JONATHAN | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Besitzer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\IBM\Lotus\Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0.20090605-2002\soffice.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\Besitzer\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TestHandler) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (FSCLBaseUpdaterService) -- C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe ()
========== Driver Services (SafeList) ==========
DRV - (RimUsb) -- C:\Windows\System32\Drivers\RimUsb.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (GpdKbFilter) -- C:\Windows\System32\kbfiltr.sys File not found
DRV - (GpdDevDPort) -- C:\Windows\System32\directport.sys File not found
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ECDejectPortIO) -- C:\Programme\ECDeject\ECDejectIo.sys (Dritek System Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (e1yexpress) Intel(R) -- C:\Windows\System32\drivers\e1y6032.sys (Intel Corporation)
DRV - (JRAID) -- C:\Windows\system32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (ahcix86s) -- C:\Windows\system32\drivers\ahcix86s.sys (AMD Technologies Inc.)
DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.boston.com/bigpicture/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 49
FF - prefs.js..extensions.enabledItems: asf@mangaheart.org:1.0.1
FF - prefs.js..extensions.enabledItems: twitternotifier@naan.net:1.9.7.1
FF - prefs.js..extensions.enabledItems: tabscope@xuldev.org:0.3.7
FF - prefs.js..extensions.enabledItems: {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.2
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..network.proxy.socks_version: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.12 15:24:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.04 10:49:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.04.16 11:51:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.09.04 10:49:44 | 000,000,000 | ---D | M]
[2009.05.07 16:12:22 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\mozilla\Extensions
[2010.11.06 10:00:45 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\vresh7pc.default\extensions
[2009.11.16 11:36:56 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\vresh7pc.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009.12.16 13:28:57 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\vresh7pc.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2010.02.16 22:42:33 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\vresh7pc.default\extensions\asf@mangaheart.org
[2010.11.02 21:11:27 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\vresh7pc.default\extensions\firefox@tvunetworks.com
[2010.10.03 19:01:14 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\vresh7pc.default\extensions\tabscope@xuldev.org
[2010.11.01 21:14:03 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\vresh7pc.default\extensions\twitternotifier@naan.net
[2010.06.22 11:14:11 | 000,001,330 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\FireFox\Profiles\vresh7pc.default\searchplugins\wikipedia-en.xml
[2009.12.01 18:38:22 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2007.03.02 14:17:24 | 000,095,200 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPAPIX.dll
[2007.01.17 12:18:04 | 000,095,200 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPFluxBrowserHelper.dll
[2007.09.07 15:25:50 | 000,103,064 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPMPDRM.dll
[2007.09.07 14:46:48 | 000,098,968 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPWMDRMWrapper.dll
[2007.03.10 00:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Mozilla Firefox\plugins\npyaxmpb.dll
[2010.03.12 15:24:23 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.12 15:24:23 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.12 15:24:23 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.12 15:24:23 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.12 15:24:23 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Programme\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programme\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FSCRecovery] c:\Programme\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe (Fujitsu Siemens Computers GmbH)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Compecab] C:\Users\Besitzer\AppData\Local\Temp\clipress.DLL File not found
O4 - HKCU..\Run: [SODCPreLoad] C:\Program Files\IBM\Lotus\Symphony\framework\shared\eclipse\plugins\com.ibm.productivity.tools.base.app.win32_3.5.0.20090605-2002\preload.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Alles mit FlashGet laden - C:\Programme\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Mit FlashGet laden - C:\Programme\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O24 - Desktop BackupWallPaper: C:\Users\Besitzer\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{18a87633-ef1e-11de-a6b8-001644fc88b0}\Shell - "" = AutoRun
O33 - MountPoints2\{18a87633-ef1e-11de-a6b8-001644fc88b0}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{18a87661-ef1e-11de-a6b8-001644fc88b0}\Shell - "" = AutoRun
O33 - MountPoints2\{18a87661-ef1e-11de-a6b8-001644fc88b0}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{1d17e319-3b18-11de-9b22-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{1d17e319-3b18-11de-9b22-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{1d17e374-3b18-11de-9b22-00215d1d14ee}\Shell - "" = AutoRun
O33 - MountPoints2\{1d17e374-3b18-11de-9b22-00215d1d14ee}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{81395676-3ca8-11de-b889-00215d1d14ee}\Shell - "" = AutoRun
O33 - MountPoints2\{81395676-3ca8-11de-b889-00215d1d14ee}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O33 - MountPoints2\{8cc789ba-e5fb-11de-889d-001644fc88b0}\Shell - "" = AutoRun
O33 - MountPoints2\{8cc789ba-e5fb-11de-889d-001644fc88b0}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{bd6bf1c5-3f0a-11de-9269-00030da23311}\Shell - "" = AutoRun
O33 - MountPoints2\{bd6bf1c5-3f0a-11de-9269-00030da23311}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{cded0c8d-42cb-11de-bc37-00215d1d14ee}\Shell - "" = AutoRun
O33 - MountPoints2\{cded0c8d-42cb-11de-bc37-00215d1d14ee}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{cded0c9e-42cb-11de-bc37-00215d1d14ee}\Shell - "" = AutoRun
O33 - MountPoints2\{cded0c9e-42cb-11de-bc37-00215d1d14ee}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{ddedaf20-3fa0-11de-80fc-00215d1d14ee}\Shell - "" = AutoRun
O33 - MountPoints2\{ddedaf20-3fa0-11de-80fc-00215d1d14ee}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.11.06 10:15:24 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
[2010.11.04 19:09:46 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Malwarebytes
[2010.11.04 19:08:06 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.04 19:08:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.04 19:08:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.04 19:08:00 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.11.02 21:24:37 | 000,000,000 | ---D | C] -- C:\Programme\SopCast
[2010.11.02 21:11:57 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\TVU Networks
[2010.11.02 21:11:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
[2010.11.02 21:11:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\TVUAx
[2010.10.27 08:00:31 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.10.27 08:00:30 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.10.27 08:00:29 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.10.14 09:18:51 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.14 09:18:32 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.10.14 09:18:20 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.14 09:18:18 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.14 09:18:17 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.14 09:18:15 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.10.14 09:18:13 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.14 09:18:11 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.10.14 09:18:03 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.14 09:17:59 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.14 09:17:59 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.14 09:17:59 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010.10.14 09:17:58 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[1 C:\Users\Besitzer\Documents\*.tmp files -> C:\Users\Besitzer\Documents\*.tmp -> ]
[1 C:\Users\Besitzer\Desktop\*.tmp files -> C:\Users\Besitzer\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.11.06 10:20:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{549B8BBE-57D0-471E-BE5B-9CFCEC148D79}.job
[2010.11.06 10:15:27 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
[2010.11.06 10:09:41 | 000,007,804 | ---- | M] () -- C:\Users\Besitzer\Desktop\Antrag.pdf
[2010.11.06 10:02:35 | 000,007,256 | ---- | M] () -- C:\Users\Besitzer\Desktop\Download.pdf
[2010.11.06 09:55:19 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.06 09:55:19 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.06 09:55:19 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.06 09:55:19 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.06 09:49:48 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.06 09:49:47 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.06 09:49:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.06 09:49:17 | 3180,208,128 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.05 09:31:44 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.11.01 21:46:18 | 000,007,256 | ---- | M] () -- C:\Users\Besitzer\Desktop\-snm-0177507461-1287475163-005300001e-0000005235-1288642600-enm-Download.pdf
[2010.11.01 21:46:11 | 000,260,190 | ---- | M] () -- C:\Users\Besitzer\Desktop\-snm-0177507461-1287475163-005300001e-0000005235-1288644021-enm-Download.pdf
[2010.11.01 21:46:04 | 000,024,707 | ---- | M] () -- C:\Users\Besitzer\Desktop\-snm-0177507461-1287475163-005300001e-0000005235-1288644050-enm-Antrag.pdf
[2010.10.31 18:58:00 | 000,001,472 | ---- | M] () -- C:\Users\Besitzer\.recently-used.xbel
[2010.10.20 22:26:54 | 000,051,712 | ---- | M] () -- C:\Users\Besitzer\Desktop\clipress.dll
[2010.10.19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.10.15 08:19:00 | 000,304,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.10.14 10:53:22 | 000,005,681 | ---- | M] () -- C:\Users\Besitzer\Documents\Rechnung 10-05 (Müller Dragan Auslagen).pdf
[1 C:\Users\Besitzer\Documents\*.tmp files -> C:\Users\Besitzer\Documents\*.tmp -> ]
[1 C:\Users\Besitzer\Desktop\*.tmp files -> C:\Users\Besitzer\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.11.06 10:09:40 | 000,007,804 | ---- | C] () -- C:\Users\Besitzer\Desktop\Antrag.pdf
[2010.11.06 10:02:34 | 000,007,256 | ---- | C] () -- C:\Users\Besitzer\Desktop\Download.pdf
[2010.11.01 21:46:18 | 000,007,256 | ---- | C] () -- C:\Users\Besitzer\Desktop\-snm-0177507461-1287475163-005300001e-0000005235-1288642600-enm-Download.pdf
[2010.11.01 21:46:11 | 000,260,190 | ---- | C] () -- C:\Users\Besitzer\Desktop\-snm-0177507461-1287475163-005300001e-0000005235-1288644021-enm-Download.pdf
[2010.11.01 21:46:04 | 000,024,707 | ---- | C] () -- C:\Users\Besitzer\Desktop\-snm-0177507461-1287475163-005300001e-0000005235-1288644050-enm-Antrag.pdf
[2010.10.31 18:58:00 | 000,001,472 | ---- | C] () -- C:\Users\Besitzer\.recently-used.xbel
[2010.10.20 22:26:54 | 000,051,712 | ---- | C] () -- C:\Users\Besitzer\Desktop\clipress.dll
[2010.10.14 10:53:21 | 000,005,681 | ---- | C] () -- C:\Users\Besitzer\Documents\Rechnung 10-05 (Müller Dragan Auslagen).pdf
[2010.09.04 00:08:03 | 000,000,016 | ---- | C] () -- C:\Users\Besitzer\AppData\Roaming\hngmfc.dat
[2010.08.14 09:40:05 | 000,000,801 | ---- | C] () -- C:\Users\Besitzer\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
[2010.06.09 10:52:36 | 000,000,000 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\rx_image.Cache
[2010.01.11 16:44:36 | 000,013,906 | ---- | C] () -- C:\Windows\hplj1010.ini
[2009.10.21 10:02:18 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.29 18:31:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.05.09 15:47:57 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.05.06 15:51:52 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.05.06 15:51:35 | 000,058,368 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.05.06 14:07:42 | 000,000,342 | ---- | C] () -- C:\Windows\{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}_WiseFW.ini
[2008.07.30 05:34:52 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1473.dll
[2008.04.25 13:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2002.10.14 15:39:18 | 000,000,184 | ---- | C] () -- C:\Windows\System32\lxbbcoin.ini
[2001.07.31 11:17:12 | 000,094,274 | ---- | C] () -- C:\Windows\System32\HPBHEALR.DLL
< End of report > --- --- --- |