[jaffacake]

Hi,
I'm posting this for my mom's computer, so this doesn't have anything to do with my other post (just to avoid confusion).
She has been complaining for a while that her computer is acting weird, but could not say anything specific except it's slow. I noticed that she can't run any Adobe software - removing and re-installing doesn't help either. As soon as she tries to run an .exe file connected to Adobe there's a window that says she doesn't have the rights to run this, even though she's doing it with administrator rights. Unfortunately she has an ebook reader that requires Adobe Digital Editions, so it would be great if somebody could help me with this.
I also noticed something else. When I tried to help her, we could not get Windows Remote Control to work, and when we tried to use TeamViewer her computer would not do anything at all: she first downloaded TeamViewer Quick Support, but could not run the file, then she downloaded the setup file for the full version and could not run it either. I finally made her save TeamViewer Portable on her USB memory stick and even though her antivirus software (Avira) complained while extracting the zip file, she could run TeamViewer and I got this OTL file from her computer:

OTL logfile created on: 23.01.2012 21:22:46 - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Anwender\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

767,15 Mb Total Physical Memory | 81,95 Mb Available Physical Memory | 10,68% Memory free
1,83 Gb Paging File | 0,81 Gb Available in Paging File | 44,09% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 117,33 Gb Free Space | 78,72% Space Free | Partition Type: NTFS
Drive J: | 958,83 Mb Total Space | 369,34 Mb Free Space | 38,52% Space Free | Partition Type: FAT32

Computer Name: ANWENDER-PC | User Name: Anwender | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.01.23 21:02:09 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Anwender\Desktop\OTL.exe
PRC - [2012.01.19 12:47:22 | 002,698,624 | ---- | M] (TeamViewer GmbH) -- j:\TeamViewerPortable\TeamViewer_Desktop.exe
PRC - [2012.01.19 12:47:20 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- J:\TeamViewerPortable\TeamViewer.exe
PRC - [2012.01.19 12:26:20 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- J:\TeamViewerPortable\tv_w32.exe
PRC - [2011.07.07 08:08:30 | 000,216,064 | ---- | M] (Geek Software GmbH) -- C:\Programme\PDF24\pdf24.exe
PRC - [2011.06.30 19:48:58 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.04.27 08:56:21 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.14 17:40:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.03.21 19:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.03.04 14:36:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.03 16:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2010.01.21 01:52:14 | 000,167,528 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2010.01.21 01:52:12 | 000,370,792 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008.06.03 11:25:38 | 000,110,647 | ---- | M] (Hauppauge Computer Works) -- C:\Programme\WinTV\Ir.exe
PRC - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) -- C:\Programme\WinTV\EPG Services\System\EPGService.exe
PRC - [2008.05.15 15:30:36 | 000,688,128 | ---- | M] (Hauppauge Inc.) -- C:\Programme\WinTV\EPG Services\System\EPGClient.exe
PRC - [2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.31 16:29:06 | 000,196,608 | R--- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\Brmfcmon\BrMfcMon.exe


========== Modules (No Company Name) ==========

MOD - [2011.06.06 11:55:32 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2011.05.18 10:53:44 | 001,496,576 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
MOD - [2011.05.18 10:53:44 | 000,343,552 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff4.dll
MOD - [2011.05.01 08:15:16 | 006,053,536 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011.04.14 17:40:02 | 001,874,904 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2011.03.21 19:57:34 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.03.21 19:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.03.02 12:40:51 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2010.06.17 14:27:02 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010.01.21 01:52:14 | 000,167,528 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
MOD - [2010.01.21 01:52:12 | 000,370,792 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
MOD - [2010.01.21 01:52:06 | 000,565,864 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
MOD - [2010.01.21 01:51:28 | 000,062,568 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
MOD - [2009.09.30 04:33:08 | 000,024,576 | R--- | M] () -- C:\WINDOWS\system32\AsIO.dll
MOD - [2009.03.25 16:53:14 | 000,053,248 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
MOD - [2009.03.19 22:35:52 | 000,208,896 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\AiNap.dll
MOD - [2009.01.15 14:55:10 | 000,565,248 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\pngio.dll
MOD - [2008.04.22 14:53:50 | 000,163,840 | ---- | M] () -- C:\WINDOWS\system32\hcwChDB.dll
MOD - [2008.04.14 13:00:00 | 000,148,992 | ---- | M] () -- C:\WINDOWS\system32\mpg2splt.ax
MOD - [2008.04.14 13:00:00 | 000,118,272 | ---- | M] () -- C:\WINDOWS\system32\mpeg2data.ax
MOD - [2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 07:53:08 | 000,056,832 | ---- | M] () -- C:\WINDOWS\system32\MSDvbNP.ax
MOD - [2008.04.14 07:53:08 | 000,033,280 | ---- | M] () -- C:\WINDOWS\system32\PsisRndr.ax
MOD - [2008.04.14 07:52:24 | 000,363,520 | ---- | M] () -- C:\WINDOWS\system32\PsisDecd.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.06.30 19:48:58 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.27 08:56:21 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.01.21 01:52:14 | 000,167,528 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010.01.21 01:52:12 | 000,370,792 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008.06.02 15:55:26 | 000,823,296 | ---- | M] (Hauppauge Computer Works) [On_Demand | Stopped] -- C:\Programme\WinTV\HCWTVServer.exe -- (HauppaugeTVServer)
SRV - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Programme\WinTV\EPG Services\System\EPGService.exe -- (EPGService)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2011.06.30 19:49:09 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.30 19:49:08 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.06.17 14:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.17 14:26:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010.05.15 12:11:40 | 002,136,224 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2010.04.08 19:30:10 | 000,168,040 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2010.03.04 11:02:10 | 000,013,824 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2010.03.04 11:02:08 | 000,070,912 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2009.10.22 12:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\39126302.sys -- (39126302)
DRV - [2009.10.09 22:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\3912630.sys -- (setup_9.0.0.722_26.06.2011_13-03drv)
DRV - [2009.09.25 16:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\39126301.sys -- (39126301)
DRV - [2009.08.04 03:28:18 | 000,011,296 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2008.04.17 16:59:02 | 000,015,616 | R--- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hcw95rc.sys -- (hcw95rc)
DRV - [2008.04.17 16:58:00 | 000,560,640 | R--- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hcw95bda.sys -- (hcw95bda)
DRV - [2008.04.14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2005.03.15 16:25:44 | 000,127,574 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MR97310c.sys -- (MR97310_USB_DUAL_CAMERA)
DRV - [2004.08.13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.7
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {91aa5abe-9de4-4347-b7b5-322c38dd9271}:3.1.4
FF - prefs.js..extensions.enabledItems: {71C54606-83ED-4ea6-9315-1AAB29466D33}:3.1
FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a67}:0.5
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: {220249CE-F888-11DD-B868-4CB456D89593}:0.0.4
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:2.1.1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\3.0.50106.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Programme\Virtual Earth 3D\ [2011.05.04 23:29:12 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\html5video [2011.04.12 21:34:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Programme\DivX\DivX Plus Web Player\firefox\wpa [2011.04.12 21:34:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.05.03 22:27:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.01.05 11:12:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Programme\Mozilla Firefox 9\components [2012.01.23 21:24:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox 9\plugins

[2011.03.19 15:45:35 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Extensions
[2012.01.08 19:21:29 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions
[2011.03.22 11:27:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.16 20:21:06 | 000,000,000 | ---D | M] (OpenDownload (fixed)) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{220249CE-F888-11DD-B868-4CB456D89593}
[2011.08.13 15:31:55 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011.05.12 21:34:01 | 000,000,000 | ---D | M] (Veehd Plugin) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}
[2011.04.16 20:21:07 | 000,000,000 | ---D | M] (Favicon Picker 3) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a67}
[2011.04.16 20:21:07 | 000,000,000 | ---D | M] ("CuteMenus2") -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{71C54606-83ED-4ea6-9315-1AAB29466D33}
[2012.01.08 19:21:29 | 000,000,000 | ---D | M] (Nightly Tester Tools) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29}
[2011.09.22 11:51:10 | 000,000,000 | ---D | M] (Clippings) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{91aa5abe-9de4-4347-b7b5-322c38dd9271}
[2011.04.16 20:14:37 | 000,004,855 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\searchplugins\google-images.xml
[2011.04.16 20:14:57 | 000,005,551 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\searchplugins\google-maps.xml
[2011.04.16 20:14:10 | 000,004,140 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\searchplugins\youtube.xml
[2012.01.04 22:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.10.31 23:58:56 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.04.16 20:23:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.05.01 15:39:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.18 15:12:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012.01.04 22:29:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ANWENDER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\E1SU56GW.DEFAULT\EXTENSIONS\{1280606B-2510-4FE0-97EF-9B5A22EAFE30}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ANWENDER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\E1SU56GW.DEFAULT\EXTENSIONS\{6E84150A-D526-41F1-A480-A67D3FED910D}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ANWENDER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\E1SU56GW.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ANWENDER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\E1SU56GW.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ANWENDER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\E1SU56GW.DEFAULT\EXTENSIONS\[email protected]
[2011.05.01 15:39:41 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.04.14 17:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.08 20:08:24 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Programme\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2010.01.01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2010.01.01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2008.04.14 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EPGServiceTool] C:\Programme\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [Six Engine] C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [PureSync] "C:\Programme\PureSync\PureSyncTray.exe" File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutoStart IR.lnk = C:\Programme\WinTV\Ir.exe (Hauppauge Computer Works)
O4 - Startup: C:\Dokumente und Einstellungen\Anwender\Startmenü\Programme\Autostart\setup_9.0.0.722_26.06.2011_13-03.lnk = C:\Dokumente und Einstellungen\Anwender\Desktop\Virus Removal Tool\setup_9.0.0.722_26.06.2011_13-03\startup.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{625FFD71-962A-4DC6-BDEC-3D48468CC930}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.03.18 14:18:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012.01.23 20:50:14 | 000,000,000 | ---- | M] () - J:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.01.23 21:24:28 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox 9
[2012.01.23 21:18:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anwender\Desktop\Easy2Sync für Dateien B
[2012.01.23 21:18:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anwender\Desktop\Easy2Sync für Dateien A
[2012.01.23 21:18:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Easy2Sync für Dateien
[2012.01.23 21:13:33 | 015,134,848 | ---- | C] (Mozilla) -- C:\Dokumente und Einstellungen\Anwender\Desktop\Firefox Setup 9.0.1.exe
[2012.01.23 21:08:11 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.01.23 21:02:08 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Anwender\Desktop\OTL.exe
[2012.01.11 09:13:16 | 005,669,632 | ---- | C] (IT-Services Thomas Holz ) -- C:\Dokumente und Einstellungen\Anwender\Desktop\Easy2SyncD_Business.exe
[2012.01.11 00:05:43 | 004,049,968 | ---- | C] (TeamViewer GmbH) -- C:\Dokumente und Einstellungen\Anwender\Desktop\TeamViewer_Setup_de.exe
[2012.01.10 00:03:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012.01.09 22:17:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anwender\Desktop\Margaret Weis & Tracy Hickman - Dragonlance - Chronik der Drachenlanze - Band 1 - Drachenzwielicht
[2012.01.08 01:23:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Avira
[2012.01.05 20:32:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anwender\Eigene Dateien\Filme
[2012.01.05 01:49:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anwender\Local Settings
[2012.01.04 23:27:49 | 024,849,109 | ---- | C] (InterAction studios) -- C:\Dokumente und Einstellungen\Anwender\Desktop\Piggly.exe
[2012.01.04 23:19:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anwender\Desktop\Thinstall
[2012.01.04 22:52:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Itsth
[2012.01.04 22:29:37 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.01.04 22:29:12 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2012.01.04 22:29:12 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2012.01.04 22:29:12 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2011.03.18 14:26:38 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\Audio3D.dll
[2011.03.18 14:26:38 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\A3D.dll

========== Files - Modified Within 30 Days ==========

[2012.01.23 21:18:11 | 000,000,666 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Easy2Sync für Dateien.lnk
[2012.01.23 21:17:00 | 000,000,252 | -H-- | M] () -- C:\WINDOWS\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2012.01.23 21:14:12 | 015,134,848 | ---- | M] (Mozilla) -- C:\Dokumente und Einstellungen\Anwender\Desktop\Firefox Setup 9.0.1.exe
[2012.01.23 21:13:02 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.23 21:02:09 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Anwender\Desktop\OTL.exe
[2012.01.23 20:35:29 | 004,049,968 | ---- | M] (TeamViewer GmbH) -- C:\Dokumente und Einstellungen\Anwender\Desktop\TeamViewer_Setup_de.exe
[2012.01.23 11:13:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.23 10:40:02 | 000,007,225 | ---- | M] () -- C:\WINDOWS\HCWPNP.INI
[2012.01.23 10:19:41 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2012.01.23 10:19:38 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.01.23 10:19:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.01.20 08:42:10 | 000,452,736 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.01.20 08:42:10 | 000,435,832 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.01.20 08:42:10 | 000,081,568 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.01.20 08:42:10 | 000,068,728 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.01.19 13:18:38 | 000,139,143 | -H-- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\PP11Thumbs.ptn
[2012.01.19 13:18:38 | 000,000,906 | -H-- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\maxdesk.ini2
[2012.01.19 13:18:38 | 000,000,053 | -H-- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\PP11Thumbs.ptn2
[2012.01.19 13:18:33 | 000,176,722 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\überwesung.pdf
[2012.01.19 10:45:42 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\Microsoft Office Outlook 2003.lnk
[2012.01.19 10:44:11 | 000,037,338 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\doktor <removed last name>.pdf
[2012.01.12 19:44:05 | 000,002,537 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\Microsoft Office Excel 2003.lnk
[2012.01.12 01:06:27 | 000,008,192 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.11 16:06:48 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.01.11 09:13:17 | 005,669,632 | ---- | M] (IT-Services Thomas Holz ) -- C:\Dokumente und Einstellungen\Anwender\Desktop\Easy2SyncD_Business.exe
[2012.01.10 00:08:04 | 000,000,097 | ---- | M] () -- C:\WINDOWS\marscam.ini
[2012.01.09 23:39:52 | 001,314,176 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\zug493g_avaxhome.ws.part1.rar
[2012.01.09 21:58:02 | 100,663,045 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\mz58jjt_www.avaxhome.ws.part6.rar
[2012.01.09 21:22:42 | 106,954,752 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\mz58jjt_www.avaxhome.ws.part5.rar
[2012.01.06 01:52:25 | 106,954,752 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\mz58jjt_www.avaxhome.ws.part4.rar
[2012.01.06 01:18:24 | 106,954,752 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\mz58jjt_www.avaxhome.ws.part3.rar
[2012.01.06 00:46:00 | 106,954,752 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\mz58jjt_www.avaxhome.ws.part2.rar
[2012.01.05 23:54:27 | 106,954,752 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\mz58jjt_www.avaxhome.ws.part1.rar
[2012.01.05 02:01:55 | 000,302,592 | ---- | M] () -- C:\3pmchys0.exe
[2012.01.04 22:45:07 | 000,000,401 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\Verknüpfung mit Tara.lnk

========== Files Created - No Company Name ==========

[2012.01.23 21:18:11 | 000,000,666 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Easy2Sync für Dateien.lnk
[2012.01.19 13:18:32 | 000,176,722 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\überwesung.pdf
[2012.01.19 10:44:10 | 000,037,338 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\doktor <removed last name>.pdf
[2012.01.09 23:39:46 | 001,314,176 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\zug493g_avaxhome.ws.part1.rar
[2012.01.09 21:49:35 | 100,663,045 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\mz58jjt_www.avaxhome.ws.part6.rar
[2012.01.09 21:14:54 | 106,954,752 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\mz58jjt_www.avaxhome.ws.part5.rar
[2012.01.06 01:43:32 | 106,954,752 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\mz58jjt_www.avaxhome.ws.part4.rar
[2012.01.06 01:09:30 | 106,954,752 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\mz58jjt_www.avaxhome.ws.part3.rar
[2012.01.06 00:19:23 | 106,954,752 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\mz58jjt_www.avaxhome.ws.part2.rar
[2012.01.05 23:11:41 | 106,954,752 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\mz58jjt_www.avaxhome.ws.part1.rar
[2012.01.05 02:01:54 | 000,302,592 | ---- | C] () -- C:\3pmchys0.exe
[2012.01.04 22:45:07 | 000,000,401 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\Verknüpfung mit Tara.lnk
[2011.06.22 18:31:22 | 021,022,914 | ---- | C] () -- C:\Programme\vlc-1.1.10-win32.exe
[2011.06.19 10:03:14 | 000,000,097 | ---- | C] () -- C:\WINDOWS\marscam.ini
[2011.06.19 09:52:09 | 000,015,164 | ---- | C] () -- C:\WINDOWS\mr310twc.ini
[2011.06.19 09:37:07 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\mr310exv.dll
[2011.06.19 09:37:07 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\mr310exd.dll
[2011.05.06 19:45:50 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.05.06 19:45:50 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.05.06 19:45:50 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.05.06 19:45:50 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.05.06 19:45:50 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.05.05 16:19:10 | 000,000,221 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2011.05.05 16:19:10 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2011.05.05 16:19:02 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08b.dat
[2011.05.05 16:18:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2011.05.05 16:14:40 | 000,031,664 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2011.03.22 09:25:05 | 000,008,192 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.21 23:17:05 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011.03.21 23:17:05 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2011.03.19 22:12:49 | 000,000,399 | ---- | C] () -- C:\WINDOWS\vtplus32.ini
[2011.03.19 22:12:47 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI
[2011.03.19 22:12:46 | 000,149,504 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE
[2011.03.19 22:12:23 | 000,032,297 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2011.03.19 22:12:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2011.03.19 22:12:00 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll
[2011.03.19 22:11:26 | 000,007,225 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2011.03.19 22:04:56 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011.03.19 15:45:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.03.19 14:34:12 | 000,000,507 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.03.18 14:36:05 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2011.03.18 14:36:05 | 000,011,296 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2011.03.18 14:36:03 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2011.03.18 14:36:03 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2011.03.18 14:27:26 | 000,010,084 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011.03.18 14:25:54 | 000,035,264 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2011.03.18 14:23:50 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2011.03.18 14:23:46 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2011.03.18 14:23:42 | 000,026,638 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2011.03.18 14:23:42 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011.03.18 14:20:03 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.03.18 14:16:56 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.03.18 14:08:59 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.03.18 14:08:06 | 000,212,880 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.03.15 16:52:00 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2008.04.14 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008.04.14 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.04.14 13:00:00 | 000,452,736 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2008.04.14 13:00:00 | 000,435,832 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.04.14 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.04.14 13:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2008.04.14 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.04.14 13:00:00 | 000,081,568 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2008.04.14 13:00:00 | 000,068,728 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.04.14 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.04.14 13:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2008.04.14 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.04.14 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.04.14 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008.04.14 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.04.14 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.10.14 10:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 10:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 10:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 10:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 10:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 10:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 10:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 10:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 10:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 10:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.10.14 10:56:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

< End of report >

Edited by myrti, 08 February 2012 - 06:38 AM.
removed personal info

[Advertisements]

Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report

• Please download OTL from one of the following mirrors:
  • This is THE Mirror
• Save it to your desktop.
• Double click on the icon on your desktop.
• Click the "Scan All Users" checkbox.
• In the custom scan box paste the following:
  

  msconfig
  safebootminimal
  activex
  drivers32
  netsvcs
  %SYSTEMDRIVE%\*.exe
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\drivers\*.sys /90

• Push the button.
• A report will open, copy and paste it in a reply here:
  • OTL.txt <-- Will be opened

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

[myrti]

Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report

• Please download OTL from one of the following mirrors:
  • This is THE Mirror
• Save it to your desktop.
• Double click on the icon on your desktop.
• Click the "Scan All Users" checkbox.
• In the custom scan box paste the following:
  

  msconfig
  safebootminimal
  activex
  drivers32
  netsvcs
  %SYSTEMDRIVE%\*.exe
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job /lockedfiles
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\drivers\*.sys /90

• Push the button.
• A report will open, copy and paste it in a reply here:
  • OTL.txt <-- Will be opened

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

[jaffacake]

Hi,
thanks for your help! I'll try to do this as soon as possible, but as I said it's only my mom's computer and I only have access to it every now and then.

[jaffacake]

Here's the new log file:

OTL logfile created on: 07.02.2012 18:25:57 - Run 5
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Anwender\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

767,15 Mb Total Physical Memory | 500,43 Mb Available Physical Memory | 65,23% Memory free
1,83 Gb Paging File | 1,28 Gb Available in Paging File | 69,70% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 121,74 Gb Free Space | 81,68% Space Free | Partition Type: NTFS
Drive J: | 958,83 Mb Total Space | 491,61 Mb Free Space | 51,27% Space Free | Partition Type: FAT32

Computer Name: ANWENDER-PC | User Name: Anwender | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.01.23 21:02:09 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Anwender\Desktop\OTL.exe
PRC - [2012.01.19 12:47:22 | 002,698,624 | ---- | M] (TeamViewer GmbH) -- j:\TeamViewerPortable\TeamViewer_Desktop.exe
PRC - [2012.01.19 12:47:20 | 011,171,712 | ---- | M] (TeamViewer GmbH) -- J:\TeamViewerPortable\TeamViewer.exe
PRC - [2012.01.19 12:26:20 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- J:\TeamViewerPortable\tv_w32.exe
PRC - [2011.07.07 08:08:30 | 000,216,064 | ---- | M] (Geek Software GmbH) -- C:\Programme\PDF24\pdf24.exe
PRC - [2011.06.30 19:48:58 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.09 13:06:06 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.04.27 08:56:21 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.21 19:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.03.04 14:36:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.03 16:17:18 | 005,756,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2010.01.21 01:52:14 | 000,167,528 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2010.01.21 01:52:12 | 000,370,792 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008.06.03 11:25:38 | 000,110,647 | ---- | M] (Hauppauge Computer Works) -- C:\Programme\WinTV\Ir.exe
PRC - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) -- C:\Programme\WinTV\EPG Services\System\EPGService.exe
PRC - [2008.05.15 15:30:36 | 000,688,128 | ---- | M] (Hauppauge Inc.) -- C:\Programme\WinTV\EPG Services\System\EPGClient.exe
PRC - [2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.31 16:29:06 | 000,196,608 | R--- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\Brmfcmon\BrMfcMon.exe


========== Modules (No Company Name) ==========

MOD - [2011.06.06 11:55:32 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2011.03.21 19:57:34 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.03.21 19:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.03.02 12:40:51 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2010.06.17 14:27:02 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010.01.21 01:52:14 | 000,167,528 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
MOD - [2010.01.21 01:52:12 | 000,370,792 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
MOD - [2010.01.21 01:52:06 | 000,565,864 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
MOD - [2010.01.21 01:51:28 | 000,062,568 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
MOD - [2009.09.30 04:33:08 | 000,024,576 | R--- | M] () -- C:\WINDOWS\system32\AsIO.dll
MOD - [2009.03.25 16:53:14 | 000,053,248 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
MOD - [2009.03.19 22:35:52 | 000,208,896 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\AiNap.dll
MOD - [2009.01.15 14:55:10 | 000,565,248 | ---- | M] () -- C:\Programme\ASUS\EPU-4 Engine\pngio.dll
MOD - [2008.04.22 14:53:50 | 000,163,840 | ---- | M] () -- C:\WINDOWS\system32\hcwChDB.dll
MOD - [2008.04.14 13:00:00 | 000,148,992 | ---- | M] () -- C:\WINDOWS\system32\mpg2splt.ax
MOD - [2008.04.14 13:00:00 | 000,118,272 | ---- | M] () -- C:\WINDOWS\system32\mpeg2data.ax
MOD - [2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.04.14 07:53:08 | 000,056,832 | ---- | M] () -- C:\WINDOWS\system32\MSDvbNP.ax
MOD - [2008.04.14 07:53:08 | 000,033,280 | ---- | M] () -- C:\WINDOWS\system32\PsisRndr.ax
MOD - [2008.04.14 07:52:24 | 000,363,520 | ---- | M] () -- C:\WINDOWS\system32\PsisDecd.dll
MOD - [2003.07.14 22:44:34 | 000,102,968 | ---- | M] () -- C:\Programme\Microsoft Office\OFFICE11\OUTLCTL.DLL


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011.06.30 19:48:58 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.27 08:56:21 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.01.21 01:52:14 | 000,167,528 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010.01.21 01:52:12 | 000,370,792 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008.06.02 15:55:26 | 000,823,296 | ---- | M] (Hauppauge Computer Works) [On_Demand | Stopped] -- C:\Programme\WinTV\HCWTVServer.exe -- (HauppaugeTVServer)
SRV - [2008.05.30 11:07:20 | 000,437,248 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Programme\WinTV\EPG Services\System\EPGService.exe -- (EPGService)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)


========== Driver Services (SafeList) ==========

DRV - [2011.06.30 19:49:09 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.30 19:49:08 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.06.17 14:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.17 14:26:52 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2010.05.15 12:11:40 | 002,136,224 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2010.04.08 19:30:10 | 000,168,040 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvgts.sys -- (nvgts)
DRV - [2010.03.04 11:02:10 | 000,013,824 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2010.03.04 11:02:08 | 000,070,912 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2009.10.22 12:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\39126302.sys -- (39126302)
DRV - [2009.10.09 22:31:10 | 000,315,408 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\3912630.sys -- (setup_9.0.0.722_26.06.2011_13-03drv)
DRV - [2009.09.25 16:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\39126301.sys -- (39126301)
DRV - [2009.08.04 03:28:18 | 000,011,296 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2008.04.17 16:59:02 | 000,015,616 | R--- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hcw95rc.sys -- (hcw95rc)
DRV - [2008.04.17 16:58:00 | 000,560,640 | R--- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hcw95bda.sys -- (hcw95bda)
DRV - [2008.04.14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2005.03.15 16:25:44 | 000,127,574 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MR97310c.sys -- (MR97310_USB_DUAL_CAMERA)
DRV - [2004.08.13 03:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1935655697-1972579041-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.7
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {91aa5abe-9de4-4347-b7b5-322c38dd9271}:3.1.4
FF - prefs.js..extensions.enabledItems: {71C54606-83ED-4ea6-9315-1AAB29466D33}:3.1
FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a67}:0.5
FF - prefs.js..extensions.enabledItems: {6e84150a-d526-41f1-a480-a67d3fed910d}:1.4.5.1
FF - prefs.js..extensions.enabledItems: {220249CE-F888-11DD-B868-4CB456D89593}:0.0.4
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: [email protected]:2.1.1

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\3.0.50106.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Programme\Virtual Earth 3D\ [2011.05.04 23:29:12 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\html5video [2011.04.12 21:34:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Programme\DivX\DivX Plus Web Player\firefox\wpa [2011.04.12 21:34:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.05.03 22:27:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.01.05 11:12:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Programme\Mozilla Firefox 9\components [2012.01.23 21:24:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox 9\plugins

[2011.03.19 15:45:35 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Extensions
[2012.02.02 06:19:56 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions
[2011.03.22 11:27:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.16 20:21:06 | 000,000,000 | ---D | M] (OpenDownload (fixed)) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{220249CE-F888-11DD-B868-4CB456D89593}
[2011.08.13 15:31:55 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011.05.12 21:34:01 | 000,000,000 | ---D | M] (Veehd Plugin) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{3DB5ABE1-407D-458F-AD5D-8D89BD625CCC}
[2011.04.16 20:21:07 | 000,000,000 | ---D | M] (Favicon Picker 3) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a67}
[2011.04.16 20:21:07 | 000,000,000 | ---D | M] ("CuteMenus2") -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{71C54606-83ED-4ea6-9315-1AAB29466D33}
[2012.01.08 19:21:29 | 000,000,000 | ---D | M] (Nightly Tester Tools) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29}
[2011.09.22 11:51:10 | 000,000,000 | ---D | M] (Clippings) -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\extensions\{91aa5abe-9de4-4347-b7b5-322c38dd9271}
[2011.04.16 20:14:37 | 000,004,855 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\searchplugins\google-images.xml
[2011.04.16 20:14:57 | 000,005,551 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\searchplugins\google-maps.xml
[2011.04.16 20:14:10 | 000,004,140 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Anwendungsdaten\Mozilla\Firefox\Profiles\e1su56gw.default\searchplugins\youtube.xml
[2012.01.04 22:29:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.10.31 23:58:56 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.04.16 20:23:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.05.01 15:39:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.18 15:12:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012.01.04 22:29:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ANWENDER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\E1SU56GW.DEFAULT\EXTENSIONS\{1280606B-2510-4FE0-97EF-9B5A22EAFE30}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ANWENDER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\E1SU56GW.DEFAULT\EXTENSIONS\{6E84150A-D526-41F1-A480-A67D3FED910D}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ANWENDER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\E1SU56GW.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ANWENDER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\E1SU56GW.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\ANWENDER\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\E1SU56GW.DEFAULT\EXTENSIONS\[email protected]
[2011.04.14 17:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.08 20:08:24 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Programme\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2010.01.01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2010.01.01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2008.04.14 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EPGServiceTool] C:\Programme\WinTV\EPG Services\System\EPGClient.exe (Hauppauge Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [Six Engine] C:\Programme\ASUS\EPU-4 Engine\FourEngine.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-1935655697-1972579041-682003330-1004..\Run: [PureSync] "C:\Programme\PureSync\PureSyncTray.exe" File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutoStart IR.lnk = C:\Programme\WinTV\Ir.exe (Hauppauge Computer Works)
O4 - Startup: C:\Dokumente und Einstellungen\Anwender\Startmenü\Programme\Autostart\setup_9.0.0.722_26.06.2011_13-03.lnk = C:\Dokumente und Einstellungen\Anwender\Desktop\Virus Removal Tool\setup_9.0.0.722_26.06.2011_13-03\startup.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1935655697-1972579041-682003330-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1935655697-1972579041-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1935655697-1972579041-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1935655697-1972579041-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{625FFD71-962A-4DC6-BDEC-3D48468CC930}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.03.18 14:18:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Programme\Messenger\msmsgs.exe (Microsoft Corporation)

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.dmb1 - m3jpeg32.dll File not found
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.MJPG - m3jpeg32.dll File not found
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2012.01.23 21:24:28 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox 9
[2012.01.23 21:18:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anwender\Desktop\Easy2Sync für Dateien B
[2012.01.23 21:18:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anwender\Desktop\Easy2Sync für Dateien A
[2012.01.23 21:18:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Easy2Sync für Dateien
[2012.01.23 21:08:11 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.01.23 21:02:08 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Anwender\Desktop\OTL.exe
[2012.01.10 00:03:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2011.03.18 14:26:38 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\Audio3D.dll
[2011.03.18 14:26:38 | 000,254,000 | R--- | C] ( ) -- C:\WINDOWS\System32\A3D.dll

========== Files - Modified Within 30 Days ==========

[2012.02.07 18:18:02 | 000,001,094 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.07 18:17:00 | 000,000,252 | -H-- | M] () -- C:\WINDOWS\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2012.02.07 08:04:12 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.07 08:04:05 | 000,276,202 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2012.02.07 08:03:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.02.06 21:41:43 | 000,007,258 | ---- | M] () -- C:\WINDOWS\HCWPNP.INI
[2012.02.06 21:07:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.02.02 07:11:19 | 000,185,432 | -H-- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\PP11Thumbs.ptn
[2012.02.02 07:11:19 | 000,000,522 | -H-- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\maxdesk.ini2
[2012.02.02 07:11:19 | 000,000,074 | -H-- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\PP11Thumbs.ptn2
[2012.02.02 07:11:06 | 000,135,113 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\joanascheiß.pdf
[2012.02.02 07:02:35 | 000,000,097 | ---- | M] () -- C:\WINDOWS\marscam.ini
[2012.01.25 17:45:04 | 000,043,609 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Eigene Dateien\10111.DAT
[2012.01.25 13:13:14 | 000,435,832 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.01.25 13:13:14 | 000,068,728 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.01.25 13:13:13 | 000,452,736 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.01.25 13:13:13 | 000,081,568 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.01.23 21:18:11 | 000,000,666 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Easy2Sync für Dateien.lnk
[2012.01.23 21:02:09 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Anwender\Desktop\OTL.exe
[2012.01.19 13:18:33 | 000,176,722 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\überwesung.pdf
[2012.01.19 10:45:42 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\Microsoft Office Outlook 2003.lnk
[2012.01.19 10:44:11 | 000,037,338 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\doktor <removedlastname>.pdf
[2012.01.12 19:44:05 | 000,002,537 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\Microsoft Office Excel 2003.lnk
[2012.01.12 01:06:27 | 000,008,192 | ---- | M] () -- C:\Dokumente und Einstellungen\Anwender\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Files Created - No Company Name ==========

[2012.02.02 07:11:05 | 000,135,113 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\joanascheiß.pdf
[2012.01.25 17:45:04 | 000,043,609 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Eigene Dateien\10111.DAT
[2012.01.23 21:18:11 | 000,000,666 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Easy2Sync für Dateien.lnk
[2012.01.19 13:18:32 | 000,176,722 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\überwesung.pdf
[2012.01.19 10:44:10 | 000,037,338 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Desktop\doktor <removedlastname>.pdf
[2011.06.22 18:31:22 | 021,022,914 | ---- | C] () -- C:\Programme\vlc-1.1.10-win32.exe
[2011.06.19 10:03:14 | 000,000,097 | ---- | C] () -- C:\WINDOWS\marscam.ini
[2011.06.19 09:52:09 | 000,015,164 | ---- | C] () -- C:\WINDOWS\mr310twc.ini
[2011.06.19 09:37:07 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\mr310exv.dll
[2011.06.19 09:37:07 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\mr310exd.dll
[2011.05.06 19:45:50 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.05.06 19:45:50 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.05.06 19:45:50 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.05.06 19:45:50 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.05.06 19:45:50 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.05.05 16:19:10 | 000,000,221 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2011.05.05 16:19:10 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2011.05.05 16:19:02 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08b.dat
[2011.05.05 16:18:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2011.05.05 16:14:40 | 000,031,664 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2011.03.22 09:25:05 | 000,008,192 | ---- | C] () -- C:\Dokumente und Einstellungen\Anwender\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.21 23:17:05 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011.03.21 23:17:05 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2011.03.19 22:12:49 | 000,000,399 | ---- | C] () -- C:\WINDOWS\vtplus32.ini
[2011.03.19 22:12:47 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI
[2011.03.19 22:12:46 | 000,149,504 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE
[2011.03.19 22:12:23 | 000,032,297 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2011.03.19 22:12:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dmcrypto.dll
[2011.03.19 22:12:00 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\hcwChDB.dll
[2011.03.19 22:11:26 | 000,007,258 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2011.03.19 22:04:56 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011.03.19 15:45:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.03.19 14:34:12 | 000,000,507 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011.03.18 14:36:05 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2011.03.18 14:36:05 | 000,011,296 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2011.03.18 14:36:03 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2011.03.18 14:36:03 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2011.03.18 14:27:26 | 000,010,084 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2011.03.18 14:25:54 | 000,035,264 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2011.03.18 14:23:50 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2011.03.18 14:23:46 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2011.03.18 14:23:42 | 000,026,638 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2011.03.18 14:23:42 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2011.03.18 14:20:03 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.03.18 14:16:56 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.03.18 14:08:59 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.03.18 14:08:06 | 000,212,880 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.03.15 16:52:00 | 002,183,470 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2008.04.14 13:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008.04.14 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.04.14 13:00:00 | 000,452,736 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2008.04.14 13:00:00 | 000,435,832 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.04.14 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.04.14 13:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2008.04.14 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.04.14 13:00:00 | 000,081,568 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2008.04.14 13:00:00 | 000,068,728 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.04.14 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.04.14 13:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2008.04.14 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.04.14 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.04.14 13:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008.04.14 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.04.14 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.10.14 10:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 10:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 10:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 10:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 10:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 10:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 10:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 10:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 10:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 10:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.10.14 10:56:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2012.01.05 02:01:55 | 000,302,592 | ---- | M] () -- C:\3pmchys0.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011.03.18 15:07:28 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.03.18 15:07:28 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.03.18 15:07:28 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >

< End of report >

[myrti]

Hi,


was your mother infected recently? Have you tried resetting or uninstalling/reinstalling Avira to fix the issue?

Please give me the exact message you get when trying to launch Adobe.

regards myrti

[myrti]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.