| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windowssystem blockiert 50,- EUROWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
22.01.2012, 14:29
| #1 |
| |  Windowssystem blockiert 50,- EURO Hallo ihr lieben, ich reihe mich zu den Pornoseitenbesuchern ein  ich nutze zwar gerade den Gastaccount aber vom selbem PC. Die Meldeung erscheint nur bei meinem Admin-Account ... ich habe bereits das OTL Programm durchlaufen lassen ... ich hoffe ihr könnt mir schnell helfen. Ich habe Angst um meine Dateien OTL EXTRAS Logfile:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 22.01.2012 14:18:42 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Gast\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1023,11 Mb Total Physical Memory | 592,01 Mb Available Physical Memory | 57,86% Memory free
2,40 Gb Paging File | 2,08 Gb Available in Paging File | 86,68% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 39,06 Gb Total Space | 7,31 Gb Free Space | 18,70% Space Free | Partition Type: NTFS
Drive D: | 37,62 Gb Total Space | 36,89 Gb Free Space | 98,05% Space Free | Partition Type: NTFS
Drive I: | 1,88 Gb Total Space | 1,85 Gb Free Space | 98,58% Space Free | Partition Type: FAT
Computer Name: PC-ALEX | User Name: Gast | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1"
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\ICQ6\ICQ.exe" = C:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Programme\eMule\emule.exe" = C:\Programme\eMule\emule.exe:*:Disabled:eMule
"C:\Programme\BearShare\BearShare.exe" = C:\Programme\BearShare\BearShare.exe:*:Enabled:BearShare
"D:\Alex\Eigene Dateien\LimeWire\LimeWire.exe" = D:\Alex\Eigene Dateien\LimeWire\LimeWire.exe:*:Disabled:LimeWire
"C:\Programme\LimeWire\LimeWire.exe" = C:\Programme\LimeWire\LimeWire.exe:*:Disabled:LimeWire -- (Lime Wire, LLC)
"D:\Alex\Eigene Dateien\Spiele\Cs 1.6\hl.exe" = D:\Alex\Eigene Dateien\Spiele\Cs 1.6\hl.exe:*:Disabled:Half-Life Launcher
"E:\TTN.EXE" = E:\TTN.EXE:*:Disabled:TTN
"D:\Alex\Eigene Dateien\Spiele\UT2004\System\UT2004.exe" = D:\Alex\Eigene Dateien\Spiele\UT2004\System\UT2004.exe:*:Enabled:UT2004
"C:\Programme\Counter-Strike Source\hl2.exe" = C:\Programme\Counter-Strike Source\hl2.exe:*:Disabled:hl2
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
"C:\Eigene Dateien\Spiele\Cs 1.6\hl.exe" = C:\Eigene Dateien\Spiele\Cs 1.6\hl.exe:*:Enabled:Half-Life Launcher
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6
"C:\Eigene Dateien\Spiele\UT2004\System\UT2004.exe" = C:\Eigene Dateien\Spiele\UT2004\System\UT2004.exe:*:Enabled:UT2004
"C:\Programme\KONAMI\Pro Evolution Soccer 2009\pes2009.exe" = C:\Programme\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009
"C:\Programme\TrackMania Sunrise\TmSunrise.exe" = C:\Programme\TrackMania Sunrise\TmSunrise.exe:*:Disabled:TmSunrise
"C:\Programme\BitTorrent\bittorrent.exe" = C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Programme\ICQ7.2\ICQ.exe" = C:\Programme\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Programme\ICQ7.2\aolload.exe" = C:\Programme\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Eigene Dateien\ungeordnet\Spiele\Cs 1.6\hl.exe" = C:\Eigene Dateien\ungeordnet\Spiele\Cs 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{088B7BF8-AC95-4348-B77B-619AEB3A74A5}" = PC Camera
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6DE13770-01B7-4366-8DA6-48237793F445}" = VoiceOver Kit
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch
"{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CCD90636-D97D-4130-A44A-3AD4E63B9220}" = OpenOffice.org 2.4
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D4D9F101-9C35-477E-88FC-935415CD9916}" = Norton Security Scan
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Acrobat 5.0" = Adobe Acrobat 4.0, 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Antares Autotune DX v4.12" = Antares Autotune DX v4.12
"Ashampoo Burning Studio 6" = Ashampoo Burning Studio 6
"Ask Toolbar_is1" = Ask Toolbar
"Audacity_is1" = Audacity 1.2.6
"BitTorrent" = BitTorrent
"BroadCam" = BroadCam Video Streaming Server
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine
"Cool Edit Pro 2.1" = Cool Edit Pro 2.1
"DivX Setup.divx.com" = DivX-Setup
"ExpressBurn" = Express Burn
"Free Studio_is1" = Free Studio version 5.0.9
"Free YouTube Download_is1" = Free YouTube Download 2.9
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"ICQToolbar" = ICQ Toolbar
"InstallShield_{088B7BF8-AC95-4348-B77B-619AEB3A74A5}" = PC Camera
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.25)" = Mozilla Firefox (3.6.25)
"MSNINST" = MSN
"NCH_DE Toolbar" = NCH DE Toolbar
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Prism" = Prism Videodatei-Konverter
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"RealPlayer 6.0" = RealPlayer
"Switch" = Switch
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"ToolBox" = NCH Toolbox
"Uninstall_is1" = Uninstall 1.0.0.1
"VideoPad" = VideoPad Videobearbeitungs-Software
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VideoLAN VLC media player 0.8.6c
"WIC" = Windows Imaging Component
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinRAR archiver" = WinRAR
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
========== Last 10 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
--- --- ---OTL Logfile: Code:
ATTFilter OTL logfile created on: 22.01.2012 14:18:42 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Gast\Eigene Dateien\Downloads Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1023,11 Mb Total Physical Memory | 592,01 Mb Available Physical Memory | 57,86% Memory free 2,40 Gb Paging File | 2,08 Gb Available in Paging File | 86,68% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 39,06 Gb Total Space | 7,31 Gb Free Space | 18,70% Space Free | Partition Type: NTFS Drive D: | 37,62 Gb Total Space | 36,89 Gb Free Space | 98,05% Space Free | Partition Type: NTFS Drive I: | 1,88 Gb Total Space | 1,85 Gb Free Space | 98,58% Space Free | Partition Type: FAT Computer Name: PC-ALEX | User Name: Gast | NOT logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Gast\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Programme\OpenOffice.org 2.4\program\soffice.bin (OpenOffice.org) PRC - C:\Programme\OpenOffice.org 2.4\program\soffice.exe (OpenOffice.org) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Programme\Mozilla Firefox\js3250.dll () MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe () MOD - C:\Programme\QuickTime\QTSystem\QTCF.dll () MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll () MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\objc.dll () MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\ASL.dll () MOD - C:\Programme\OpenOffice.org 2.4\program\libxml2.dll () ========== Win32 Services (SafeList) ========== ========== Driver Services (SafeList) ========== ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Programme\Picasa2\npPicasa2.dll File not found FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2910: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.12.25 09:50:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.12.21 12:41:01 | 000,000,000 | ---D | M] [2009.01.10 11:35:29 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Gast\Anwendungsdaten\Mozilla\Extensions [2012.01.07 21:38:43 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Gast\Anwendungsdaten\Mozilla\Firefox\Profiles\ohmc3387.default\extensions [2010.09.27 19:08:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Gast\Anwendungsdaten\Mozilla\Firefox\Profiles\ohmc3387.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.01.21 12:58:25 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2009.03.12 18:17:58 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.12.21 10:11:03 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.10.16 17:29:05 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.09.24 18:49:40 | 000,002,227 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml [2010.10.16 17:29:05 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2010.10.16 17:29:05 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2010.10.16 17:29:05 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2010.10.16 17:29:05 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google () CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} CHR - Extension: AT_JamesWhite = C:\Dokumente und Einstellungen\Gast\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3\ O1 HOSTS File: ([2004.08.04 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Programme\ICQToolbar\toolbaru.dll (IE Toolbar) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com) O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG8\avgssie.dll File not found O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (NCH DE Toolbar) - {b106b661-3e1b-4015-af5c-195e909f35c6} - C:\Programme\NCH_DE\prxtbNCH_.dll (Conduit Ltd.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll File not found O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (NCH DE Toolbar) - {b106b661-3e1b-4015-af5c-195e909f35c6} - C:\Programme\NCH_DE\prxtbNCH_.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com) O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKCU\..\Toolbar\WebBrowser: (NCH DE Toolbar) - {B106B661-3E1B-4015-AF5C-195E909F35C6} - C:\Programme\NCH_DE\prxtbNCH_.dll (Conduit Ltd.) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SVCHOST] C:\WINDOWS\MDM.EXE File not found O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [SVCHOST] C:\WINDOWS\MDM.EXE File not found O4 - Startup: C:\Dokumente und Einstellungen\Gast\Startmenü\Programme\Autostart\OpenOffice.org 2.4.lnk = C:\Programme\OpenOffice.org 2.4\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92C9A5AF-E71C-40B0-A401-A33DDB7C0C2B}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.08.06 10:27:35 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.01.07 21:44:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Gast\Lokale Einstellungen\Anwendungsdaten\NCH_DE [2011.12.23 19:30:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner [2011.12.23 19:30:42 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [11 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.01.22 14:12:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.01.21 12:48:06 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.01.19 20:36:59 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.12.23 19:30:43 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] [11 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.12.23 19:30:43 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2010.12.23 21:13:48 | 000,000,020 | ---- | C] () -- C:\WINDOWS\popcinfot.dat [2010.12.23 21:13:48 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat [2010.12.21 12:57:09 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.10.15 19:05:01 | 000,000,122 | ---- | C] () -- C:\WINDOWS\odbc_merge.INI [2010.05.24 16:41:35 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2009.09.12 19:40:31 | 000,000,048 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009.05.30 10:36:47 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2009.05.30 10:36:47 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2009.05.30 10:36:47 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2008.10.31 19:20:56 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2008.09.21 16:24:50 | 000,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini [2008.08.16 15:33:32 | 000,000,101 | ---- | C] () -- C:\WINDOWS\VSWizard.ini [2008.08.07 09:44:20 | 000,005,632 | ---- | C] () -- C:\Dokumente und Einstellungen\Gast\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.07.22 09:23:45 | 000,016,492 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2008.07.12 13:51:28 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\FXStudioDLL.dll [2008.07.12 13:51:26 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\RapBoxDSP.dll [2008.07.12 13:51:25 | 000,235,532 | ---- | C] () -- C:\WINDOWS\System32\loadimage.dll [2008.07.12 13:51:25 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System32\NewWaveAnzeige.dll [2008.07.12 13:51:25 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\eJ_Tool.dll [2008.07.12 13:51:25 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\fader.dll [2008.07.12 13:51:23 | 000,307,200 | ---- | C] () -- C:\WINDOWS\System32\fxstudio.dll [2008.07.12 13:51:23 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\WndRgn.dll [2008.07.12 13:51:22 | 000,075,976 | ---- | C] () -- C:\WINDOWS\System32\Bassdec.dll [2008.07.12 13:51:21 | 000,360,448 | ---- | C] () -- C:\WINDOWS\System32\pxd32d5.dll [2008.07.12 13:51:21 | 000,029,696 | ---- | C] () -- C:\WINDOWS\System32\pthread.dll [2008.07.12 13:51:20 | 000,796,672 | ---- | C] () -- C:\WINDOWS\System32\LTRTN13n.DLL [2008.07.12 13:51:20 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\lttls13n.dll [2008.07.12 13:51:12 | 000,708,608 | ---- | C] () -- C:\WINDOWS\System32\ltcry13n.dll [2008.07.12 13:51:10 | 000,031,744 | ---- | C] () -- C:\WINDOWS\System32\lfvec13n.dll [2008.07.12 13:51:09 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll [2008.07.12 13:51:08 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll [2008.06.11 21:21:49 | 000,000,642 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2008.05.29 19:07:43 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2008.03.19 12:01:06 | 000,000,043 | -HS- | C] () -- C:\WINDOWS\SVCHOST.INI [2007.12.27 19:35:17 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TTN.INI [2007.12.05 22:01:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI [2007.11.11 15:28:20 | 000,001,043 | ---- | C] () -- C:\WINDOWS\eReg.dat [2007.11.02 15:21:42 | 000,001,405 | ---- | C] () -- C:\WINDOWS\mozver.dat [2007.10.23 10:25:46 | 000,020,247 | ---- | C] () -- C:\WINDOWS\msettings.ini [2007.09.25 17:02:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2007.08.06 11:09:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2007.08.06 11:08:16 | 000,116,560 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2007.08.06 10:44:24 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2007.08.06 10:40:54 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2007.08.06 10:40:53 | 000,008,789 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2007.08.06 10:40:39 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2007.08.06 10:29:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2007.08.06 10:24:53 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2007.03.22 09:50:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007.03.22 09:50:00 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2007.03.22 09:50:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007.03.22 09:50:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2007.03.22 09:50:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007.03.22 09:50:00 | 000,928,096 | ---- | C] () -- C:\WINDOWS\System32\nvucode.bin [2007.03.22 09:50:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007.03.22 09:50:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2007.03.22 09:50:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2007.03.22 09:50:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2004.08.04 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2004.08.04 13:00:00 | 000,448,800 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2004.08.04 13:00:00 | 000,432,492 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2004.08.04 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2004.08.04 13:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2004.08.04 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2004.08.04 13:00:00 | 000,080,108 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2004.08.04 13:00:00 | 000,067,448 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2004.08.04 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2004.08.04 13:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2004.08.04 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2004.08.04 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2004.08.04 13:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2004.08.04 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2004.03.24 08:22:26 | 000,138,396 | ---- | C] () -- C:\WINDOWS\System32\drivers\PFC027.SYS [2004.01.08 09:30:22 | 000,011,170 | ---- | C] () -- C:\WINDOWS\System32\PA207USD.DLL [2001.09.04 14:12:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2001.09.04 14:10:20 | 000,004,518 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat ========== Alternate Data Streams ========== @Alternate Data Stream - 110 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:888AFB86 @Alternate Data Stream - 106 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 < End of report > Geändert von grillekater (22.01.2012 um 14:48 Uhr) |
| Themen zu Windowssystem blockiert 50,- EURO |
| .dll, 0x00000001, alternate, askbar, audacity, avg, bho, blockiert, bonjour, browser, counter-strike source, desktop, disabletaskmgr, einstellungen, error, euro, explorer, firefox, format, helper, home, homepage, logfile, microsoft office word, mozilla, picasa, plug-in, programm, realtek, registry, scan, software, studio, svchost, temp, torrent.exe, version=1.0 |
Baum-Darstellung