| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Befall von Metropolitan British Police, WinXP, SP2, uralt-LaptopWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.09.2013, 08:54
| #31 | ||
 |  Befall von Metropolitan British Police, WinXP, SP2, uralt-Laptop Hallo @Schrauber, schönen guten Tag. Zitat:
 Zitat:
Code:
ATTFilter OTL logfile created on: 21.09.2013 09:06:36 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\-\Desktop Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 503,37 Mb Total Physical Memory | 157,10 Mb Available Physical Memory | 31,21% Memory free 1,20 Gb Paging File | 0,49 Gb Available in Paging File | 41,23% Paging File free Paging file location(s): C:\pagefile.sys 756 1512 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 27,87 Gb Total Space | 7,09 Gb Free Space | 25,45% Space Free | Partition Type: NTFS Computer Name: WCSAG-NB04 | User Name: - | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.09.21 08:07:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\-\Desktop\OTL.exe PRC - [2013.08.28 15:28:10 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Anti_Viren_Programme\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Anti_Viren_Programme\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Anti_Viren_Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.12.17 21:45:23 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe PRC - [2012.12.12 11:28:14 | 000,163,000 | ---- | M] (Geek Software GmbH) -- C:\Programme\pdf24\pdf24.exe PRC - [2012.07.03 10:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2011.10.21 16:34:48 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2011.10.21 16:34:43 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2010.11.04 20:16:33 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2009.08.23 11:32:41 | 000,520,024 | ---- | M] (Lavasoft) -- C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2009.08.23 11:32:40 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe PRC - [2009.04.01 11:34:46 | 000,988,872 | ---- | M] (PGWARE LLC) -- C:\Programme\PGWARE\SuperRam\SuperRamTray.exe PRC - [2009.04.01 11:34:44 | 000,977,600 | ---- | M] (PGWARE LLC) -- C:\Programme\PGWARE\SuperRam\SuperRamService.exe PRC - [2007.06.13 15:21:45 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2004.09.07 16:12:32 | 000,225,353 | ---- | M] (Intel® Corporation) -- C:\Programme\Intel\Wireless\Bin\WLKEEPER.exe PRC - [2004.09.07 16:08:02 | 000,389,120 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe PRC - [2004.09.07 16:03:40 | 000,245,760 | ---- | M] (Intel) -- C:\Programme\Intel\Wireless\Bin\1XConfig.exe PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE PRC - [2003.05.08 11:00:58 | 000,049,152 | ---- | M] (ScanSoft, Inc.) -- C:\Programme\ScanSoft\OmniPageSE2.0\opwareSE2.exe ========== Modules (No Company Name) ========== MOD - [2013.08.28 15:28:06 | 003,551,640 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2010.03.15 12:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2010.01.28 13:57:53 | 000,355,688 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll MOD - [2009.08.23 11:33:06 | 000,084,832 | ---- | M] () -- C:\Programme\Lavasoft\Ad-Aware\ShellExt.dll MOD - [2009.08.23 11:32:50 | 001,630,560 | ---- | M] () -- C:\Programme\Lavasoft\Ad-Aware\Resources.dll MOD - [2009.08.23 11:32:49 | 000,246,128 | ---- | M] () -- C:\Programme\Lavasoft\Ad-Aware\RPAPI.dll MOD - [2009.01.06 17:02:01 | 000,168,960 | ---- | M] () -- C:\Programme\Lavasoft\Ad-Aware\unrar.dll MOD - [2004.09.07 16:03:46 | 000,073,728 | ---- | M] () -- C:\Programme\Intel\Wireless\Bin\D8021Xps.DLL ========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\DOKUME~1\ALLUSE~1\ANWEND~1\al3il6j.plz -- (winmgmt) SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2013.08.28 15:28:06 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Anti_Viren_Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Anti_Viren_Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.12.17 21:45:23 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2011.10.21 16:34:48 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.10.21 16:34:43 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.08.23 11:32:40 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2009.04.01 11:34:44 | 000,977,600 | ---- | M] (PGWARE LLC) [Auto | Running] -- C:\Programme\PGWARE\SuperRam\SuperRamService.exe -- (SuperRam) SRV - [2004.09.07 16:12:32 | 000,225,353 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programme\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\slabbus.sys -- (slabbus) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750obex.sys -- (k750obex) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mgmt.sys -- (k750mgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mdm.sys -- (k750mdm) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750mdfl.sys -- (k750mdfl) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750bus.sys -- (k750bus) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSF_DP.sys -- (HSF_DP) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011.10.21 16:34:49 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2011.10.21 16:34:49 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.08.23 11:32:48 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd) DRV - [2009.05.21 17:04:58 | 000,058,880 | ---- | M] (Ross-Tech LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RT-USB.SYS -- (RT-USB) DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.02.13 11:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008.12.04 03:30:20 | 000,060,544 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\silabser.sys -- (silabser) DRV - [2007.10.29 11:32:44 | 000,017,920 | ---- | M] (Silicon Laboratories, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\silabenm.sys -- (silabenm) DRV - [2007.04.23 15:54:50 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mgmt.sys -- (s115mgmt) DRV - [2007.04.23 15:54:50 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115obex.sys -- (s115obex) DRV - [2007.04.23 15:54:48 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdm.sys -- (s115mdm) DRV - [2007.04.23 15:54:48 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdfl.sys -- (s115mdfl) DRV - [2007.04.23 15:54:46 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115bus.sys -- (s115bus) DRV - [2006.08.04 10:55:30 | 000,088,960 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2006.07.27 18:18:11 | 000,033,952 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32) DRV - [2006.07.05 19:34:17 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) DRV - [2005.05.03 15:09:28 | 001,033,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS -- (HSF_DPV) DRV - [2005.05.03 15:08:50 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH) DRV - [2005.05.03 15:08:44 | 000,705,408 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf) DRV - [2005.03.10 16:56:06 | 000,273,168 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97) DRV - [2005.01.17 13:13:28 | 000,098,304 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd) DRV - [2005.01.08 18:15:40 | 000,051,582 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte) DRV - [2005.01.07 06:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds) DRV - [2004.12.22 04:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2004.12.16 10:30:14 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd) DRV - [2004.11.16 15:51:54 | 000,050,048 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid) DRV - [2004.11.16 10:03:52 | 000,108,791 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService) DRV - [2004.10.21 15:56:04 | 003,210,496 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) DRV - [2004.10.05 03:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2004.08.31 08:53:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans) DRV - [2004.08.18 14:53:54 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV) DRV - [2004.08.12 08:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA) DRV - [2004.07.09 10:07:34 | 000,036,531 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp) DRV - [2004.05.26 15:18:18 | 000,044,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2002.10.17 06:55:48 | 000,002,851 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt) DRV - [2001.08.22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (OMCI) DRV - [1999.08.11 16:22:46 | 000,011,296 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\marxdev2.sys -- (MarxDev2) DRV - [1999.08.11 16:22:46 | 000,011,296 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\marxdev1.sys -- (MarxDev1) DRV - [1999.08.11 16:22:44 | 000,011,296 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\marxdev3.sys -- (MarxDev3) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.orf.at/ IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "hxxp://kaernten.orf.at/" FF - prefs.js..extensions.enabledItems: de-AT@dictionaries.addons.mozilla.org:2.0.1 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:1.9.9.81 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Programme\DivX\DivX Content Uploader\npUpload.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.08.28 15:26:58 | 000,000,000 | ---D | M] [2009.12.01 23:26:18 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Mozilla\Extensions [2013.09.13 08:52:00 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Mozilla\Firefox\Profiles\2gemabfy.Testprofil\extensions [2010.06.01 14:16:35 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Mozilla\Firefox\Profiles\j2zu4vlu.default\extensions [2010.05.29 09:05:45 | 000,000,000 | ---D | M] (NoScript) -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Mozilla\Firefox\Profiles\j2zu4vlu.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010.02.13 10:51:21 | 000,000,000 | ---D | M] (German Dictionary, extended for Austria) -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Mozilla\Firefox\Profiles\j2zu4vlu.default\extensions\de-AT@dictionaries.addons.mozilla.org [2013.07.31 19:37:04 | 000,824,302 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Mozilla\Firefox\Profiles\2gemabfy.Testprofil\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.08.28 15:26:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.08.28 15:26:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2013.08.28 15:28:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.08.28 15:28:15 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2009.08.30 10:34:23 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF File not found (No name found) -- C:\PROGRAMME\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} File not found (No name found) -- C:\PROGRAMME\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2009.08.09 00:08:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION O1 HOSTS File: ([2009.08.22 11:41:28 | 000,324,323 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 11100 more lines... O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Reg Error: Value error.) - {FAF32E7B-AC64-4211-9303-291999E53F39} - C:\WINDOWS\system32\awtqq.dll File not found O4 - HKLM..\Run: [Ad-Watch] C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) O4 - HKLM..\Run: [OpwareSE2] C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [PDFPrint] C:\Programme\pdf24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKLM..\Run: [SuperRam] C:\Programme\PGWARE\SuperRam\SuperRamTray.exe (PGWARE LLC) O4 - HKCU..\Run: [updateMgr] C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe (Adobe Systems Incorporated) O4 - Startup: C:\Dokumente und Einstellungen\-\Startmenü\Programme\Autostart\Ross-Tech VCDS DRV Updater.lnk = C:\PCI-Tuning\VCDS-PCI\VCDS.exe (Ross-Tech, LLC) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 File not found O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2E2DDB22-51D6-49B2-AE8E-3F997B96539D}: NameServer = 10.31.104.2 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{932BEAB6-17BB-40B9-A992-590A403F100A}: DhcpNameServer = 10.0.0.138 O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\awtqq: DllName - (C:\WINDOWS\system32\awtqq.dll) - File not found O20 - Winlogon\Notify\IntelWireless: DllName - (C:\Programme\Intel\Wireless\Bin\LgNotify.dll) - C:\Programme\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation) O20 - Winlogon\Notify\winzlo32: DllName - (winzlo32.dll) - File not found O24 - Desktop Components:0 () - file:///D:/details/' + theImage + ' O24 - Desktop Components:1 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.05.26 14:06:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2014.09.13 17:43:26 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe [2014.09.13 17:43:26 | 000,000,000 | ---D | C] -- C:\_OTL [2013.09.21 08:07:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\-\Desktop\OTL.exe [2013.09.20 23:26:19 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\-\Recent [2013.09.18 09:04:51 | 001,083,437 | ---- | C] (Farbar) -- C:\Dokumente und Einstellungen\-\Desktop\FRST.exe [2013.09.17 17:22:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\Vast Studios [2013.09.13 21:59:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PlayPond [2013.09.12 09:47:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Malwarebytes [2013.09.12 09:46:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2013.09.12 09:46:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2013.09.12 09:45:52 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013.09.11 21:40:05 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2013.09.11 21:25:24 | 000,000,000 | ---D | C] -- C:\FRST [2013.09.11 21:22:15 | 000,000,000 | ---D | C] -- C:\Programme\Anti_Viren_Programme [2013.09.09 20:58:54 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC [2013.08.28 15:26:20 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2011.05.20 07:19:36 | 012,362,480 | ---- | C] (Mozilla) -- C:\Programme\Firefox Setup 4.0.1.exe [2010.10.21 14:15:55 | 000,937,616 | ---- | C] (Mathias Gerlach [aborange.de] ) -- C:\Programme\vertipp.exe [2010.06.03 10:45:13 | 000,460,016 | ---- | C] (Participatory Culture Foundation) -- C:\Programme\Miro_Installer.exe [2010.06.03 08:49:48 | 008,188,856 | ---- | C] (Mozilla) -- C:\Programme\Firefox Setup 3.6.3.exe [2010.04.19 07:30:19 | 010,737,904 | ---- | C] (Celeritas Software Company) -- C:\Programme\WinMaximizer.exe [2010.04.07 10:05:37 | 010,369,544 | ---- | C] (PCI Diagnosetechnik) -- C:\Programme\VCDS-PCI-9082-Installer-20100327.exe [2010.03.03 10:56:27 | 017,135,606 | ---- | C] (Friedemann Schmidt ) -- C:\Programme\geosetter_setup.exe [2010.01.04 20:22:23 | 010,053,112 | ---- | C] (Google Inc.) -- C:\Programme\picasa3-setup.exe [2009.12.17 09:08:59 | 001,517,488 | ---- | C] (PGWARE LLC ) -- C:\Programme\superram_5.exe [2009.08.30 10:30:03 | 000,714,528 | ---- | C] (Sun Microsystems, Inc.) -- C:\Programme\jxpiinstall.exe [2009.08.20 11:00:47 | 000,570,008 | ---- | C] (Google Inc.) -- C:\Programme\GoogleEarthSetup.exe [2009.08.20 10:50:23 | 000,570,032 | ---- | C] (Google Inc.) -- C:\Programme\GoogleEarthPluginSetup.exe [2009.08.18 08:06:57 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Programme\spybotsd162.exe [2009.08.18 07:26:02 | 026,171,928 | ---- | C] (PC Tools ) -- C:\Programme\sdsetup.exe [2009.08.07 09:14:18 | 009,623,516 | ---- | C] (geek Software GmbH ) -- C:\Programme\pdf24.exe [2009.08.04 10:59:57 | 007,456,768 | ---- | C] (Irfan Skiljan) -- C:\Programme\irfanview_plugins_setup.exe [2009.08.04 10:59:41 | 001,626,624 | ---- | C] (Irfan Skiljan) -- C:\Programme\iview425g_setup.exe [2008.07.29 13:30:57 | 000,875,288 | ---- | C] (EasyFactuur.com ) -- C:\Programme\JawbreakerSetup.exe [2008.04.22 07:51:24 | 000,425,984 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\ShellLC.dll [2008.04.22 07:51:20 | 000,425,984 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\ShellHC.dll [2008.04.22 07:50:28 | 000,065,536 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\ResumeRecovery.dll [2008.04.22 07:50:20 | 000,339,968 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\mxupdate.dll [2008.04.22 07:48:46 | 000,086,016 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\LanguageProp.dll [2008.04.22 07:47:56 | 000,331,776 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\General.dll [2008.04.22 07:45:56 | 000,315,392 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\Formatted.dll [2008.04.22 07:43:58 | 000,311,296 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\Deleted.dll [2008.04.21 20:58:02 | 000,118,784 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\ZipRepair.dll [2008.04.21 20:57:24 | 000,094,208 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\ZipEngine.dll [2008.04.21 20:55:46 | 000,057,344 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\viewer.dll [2008.04.21 20:42:32 | 000,077,824 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\RemoteDataRecovery.dll [2008.04.21 20:39:00 | 000,069,632 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\ProductNews.dll [2008.04.21 20:30:00 | 000,114,688 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\RTFCtrl.dll [2008.04.21 20:28:02 | 000,077,824 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\InlabDataRecovery.dll [2008.04.21 20:18:42 | 000,073,728 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\ExclusiveOffers.dll [2008.04.21 20:16:06 | 000,102,400 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\ERDisk.dll [2008.04.21 20:11:28 | 000,077,824 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\CrisisInformation.dll [2008.04.21 20:06:34 | 000,245,760 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\engine.dll [2008.04.21 20:06:16 | 000,102,400 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\MXPM.dll [2008.04.21 20:04:36 | 000,172,032 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\CreateZip.dll [2008.04.21 20:02:06 | 000,057,344 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\OleEngine.dll [2008.04.21 20:01:52 | 000,102,400 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\MXExHand.dll [2008.04.21 20:00:44 | 000,098,304 | ---- | C] (Ontrack Data Recovery Inc.) -- C:\Programme\mxdlgsup.dll [2008.04.13 12:59:11 | 016,402,520 | ---- | C] (ashampoo GmbH & Co. KG ) -- C:\Programme\ashampoo_photo_commander_5_540_idf_de.exe [2007.10.05 09:39:56 | 000,229,376 | ---- | C] (Kroll Ontrack Inc.) -- C:\Programme\FILW.dll [2007.07.18 08:38:52 | 003,666,752 | ---- | C] (Tor Lillqvist ) -- C:\Programme\gtk2_6_10.exe [2007.07.18 08:38:41 | 005,825,656 | ---- | C] (Tor Lillqvist ) -- C:\Programme\gtk+-2.10.11-setup.exe [2007.04.11 23:12:13 | 000,928,274 | ---- | C] (LegalSoft.de.vu ) -- C:\Programme\xleaner_v1.7.exe [2007.04.05 10:50:42 | 000,065,622 | ---- | C] (Stellent, Inc.) -- C:\Programme\wvcore.dll [2007.04.05 10:50:42 | 000,036,947 | ---- | C] (Stellent, Inc.) -- C:\Programme\vszip.dll [2007.04.05 10:50:42 | 000,036,945 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsxy.dll [2007.04.05 10:50:42 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsyim.dll [2007.04.05 10:50:40 | 000,057,427 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswpw.dll [2007.04.05 10:50:40 | 000,036,945 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsws.dll [2007.04.05 10:50:40 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsws2.dll [2007.04.05 10:50:38 | 000,049,235 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswpg.dll [2007.04.05 10:50:38 | 000,036,947 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswpl.dll [2007.04.05 10:50:38 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswpf.dll [2007.04.05 10:50:36 | 000,114,773 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswk6.dll [2007.04.05 10:50:36 | 000,086,101 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswk4.dll [2007.04.05 10:50:36 | 000,057,427 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswml.dll [2007.04.05 10:50:36 | 000,045,141 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswks.dll [2007.04.05 10:50:36 | 000,032,849 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswm.dll [2007.04.05 10:50:34 | 000,143,447 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsviso.dll [2007.04.05 10:50:34 | 000,045,139 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswg2.dll [2007.04.05 10:50:34 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsvw3.dll [2007.04.05 10:50:34 | 000,028,757 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswbmp.dll [2007.04.05 10:50:32 | 000,065,621 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsvcrd.dll [2007.04.05 10:50:32 | 000,036,947 | ---- | C] (Stellent, Inc.) -- C:\Programme\vstxt.dll [2007.04.05 10:50:32 | 000,036,947 | ---- | C] (Stellent, Inc.) -- C:\Programme\vstaz.dll [2007.04.05 10:50:32 | 000,036,945 | ---- | C] (Stellent, Inc.) -- C:\Programme\vstw.dll [2007.04.05 10:50:32 | 000,028,757 | ---- | C] (Stellent, Inc.) -- C:\Programme\vstga.dll [2007.04.05 10:50:30 | 000,168,023 | ---- | C] (Stellent, Inc.) -- C:\Programme\vssoi6.dll [2007.04.05 10:50:30 | 000,036,949 | ---- | C] (Stellent, Inc.) -- C:\Programme\vssoi.dll [2007.04.05 10:50:30 | 000,036,945 | ---- | C] (Stellent, Inc.) -- C:\Programme\vssoc.dll [2007.04.05 10:50:30 | 000,032,853 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsswf.dll [2007.04.05 10:50:30 | 000,032,853 | ---- | C] (Stellent, Inc.) -- C:\Programme\vssnap.dll [2007.04.05 10:50:30 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsspt.dll [2007.04.05 10:50:30 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vssow.dll [2007.04.05 10:50:28 | 000,041,047 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsshw3.dll [2007.04.05 10:50:28 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vssmt.dll [2007.04.05 10:50:28 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vssms.dll [2007.04.05 10:50:28 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vssdw.dll [2007.04.05 10:50:28 | 000,028,755 | ---- | C] (Stellent, Inc.) -- C:\Programme\vssmd.dll [2007.04.05 10:50:26 | 000,036,949 | ---- | C] (Stellent, Inc.) -- C:\Programme\vssc5.dll [2007.04.05 10:50:26 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vssam.dll [2007.04.05 10:50:26 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsrfx.dll [2007.04.05 10:50:26 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsrft.dll [2007.04.05 10:50:26 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsrbs.dll [2007.04.05 10:50:24 | 000,069,717 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspst.dll [2007.04.05 10:50:24 | 000,049,235 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsqp6.dll [2007.04.05 10:50:24 | 000,036,951 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspstf.dll [2007.04.05 10:50:24 | 000,036,947 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsqad.dll [2007.04.05 10:50:24 | 000,032,849 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsqa.dll [2007.04.05 10:50:24 | 000,028,755 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsras.dll [2007.04.05 10:50:22 | 000,159,836 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspsp6.dll [2007.04.05 10:50:22 | 000,036,947 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsppl.dll [2007.04.05 10:50:20 | 000,057,427 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspgl.dll [2007.04.05 10:50:20 | 000,041,043 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspfs.dll [2007.04.05 10:50:20 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspdx.dll [2007.04.05 10:50:20 | 000,028,757 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspntg.dll [2007.04.05 10:50:20 | 000,028,755 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspic.dll [2007.04.05 10:50:18 | 000,045,141 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmwp2.dll [2007.04.05 10:50:18 | 000,036,949 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmwpf.dll [2007.04.05 10:50:18 | 000,032,853 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspcx.dll [2007.04.05 10:50:18 | 000,032,853 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmwrk.dll [2007.04.05 10:50:18 | 000,028,755 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspcl.dll [2007.04.05 10:50:18 | 000,028,755 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspbm.dll [2007.04.05 10:50:18 | 000,028,753 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsow.dll [2007.04.05 10:50:16 | 000,127,061 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmpp.dll [2007.04.05 10:50:16 | 000,045,141 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmsw.dll [2007.04.05 10:50:16 | 000,036,947 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmm4.dll [2007.04.05 10:50:16 | 000,032,853 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmmfn.dll [2007.04.05 10:50:16 | 000,032,849 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmp.dll [2007.04.05 10:50:14 | 000,041,043 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmcw.dll [2007.04.05 10:50:14 | 000,036,945 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmm.dll [2007.04.05 10:50:12 | 000,041,045 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmanu.dll [2007.04.05 10:50:12 | 000,041,043 | ---- | C] (Stellent, Inc.) -- C:\Programme\vslzh.dll [2007.04.05 10:50:12 | 000,036,947 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsleg.dll [2007.04.05 10:50:12 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsm11.dll [2007.04.05 10:50:12 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsiwp.dll [2007.04.05 10:50:12 | 000,032,849 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsjw.dll [2007.04.05 10:50:10 | 000,077,911 | ---- | C] (Stellent, Inc.) -- C:\Programme\vshwp2.dll [2007.04.05 10:50:10 | 000,057,429 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsich6.dll [2007.04.05 10:50:10 | 000,049,235 | ---- | C] (Stellent, Inc.) -- C:\Programme\vshgs.dll [2007.04.05 10:50:10 | 000,028,755 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsimg.dll [2007.04.05 10:50:08 | 000,110,677 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsflw.dll [2007.04.05 10:50:08 | 000,041,043 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsfwk.dll [2007.04.05 10:50:08 | 000,036,951 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsgzip.dll [2007.04.05 10:50:08 | 000,032,853 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsgif.dll [2007.04.05 10:50:06 | 000,049,237 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsexe2.dll [2007.04.05 10:50:06 | 000,036,949 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsfcs.dll [2007.04.05 10:50:06 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsfft.dll [2007.04.05 10:50:06 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsfcd.dll [2007.04.05 10:50:04 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsenw.dll [2007.04.05 10:50:04 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsens.dll [2007.04.05 10:50:04 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsen4.dll [2007.04.05 10:50:04 | 000,032,849 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsdx.dll [2007.04.05 10:50:02 | 000,049,235 | ---- | C] (Stellent, Inc.) -- C:\Programme\vscgm.dll [2007.04.05 10:50:02 | 000,036,947 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsdrw.dll [2007.04.05 10:50:02 | 000,032,851 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsdez.dll [2007.04.05 10:50:02 | 000,028,755 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsdif.dll [2007.04.05 10:50:02 | 000,028,755 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsdbs.dll [2007.04.05 10:50:00 | 001,429,591 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsacad.dll [2007.04.05 10:50:00 | 000,069,715 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsami.dll [2007.04.05 10:50:00 | 000,041,043 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsacs.dll [2007.04.05 10:50:00 | 000,028,755 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsbdr.dll [2007.04.05 10:49:58 | 000,053,334 | ---- | C] (Stellent, Inc.) -- C:\Programme\sccfmt.dll [2007.04.05 10:49:58 | 000,028,757 | ---- | C] (Stellent, Inc.) -- C:\Programme\sccta.dll [2007.04.05 10:49:58 | 000,024,659 | ---- | C] (Stellent, Inc.) -- C:\Programme\sccra.dll [2007.04.05 10:49:56 | 000,045,143 | ---- | C] (Stellent, Inc.) -- C:\Programme\sccanno.dll [2007.04.05 10:49:56 | 000,032,853 | ---- | C] (Stellent, Inc.) -- C:\Programme\sccca.dll [2007.04.05 10:49:54 | 001,159,252 | ---- | C] (Stellent, Inc.) -- C:\Programme\isgdi32.dll [2007.04.05 10:49:54 | 000,159,828 | ---- | C] (Stellent, Inc.) -- C:\Programme\iphgw2.flt [2007.04.05 10:49:54 | 000,105,472 | ---- | C] (Lotus Development Corporation) -- C:\Programme\LTSCSN10.DLL [2007.04.05 10:49:54 | 000,098,388 | ---- | C] (Stellent, Inc.) -- C:\Programme\imps_2.flt [2007.04.05 10:49:54 | 000,036,948 | ---- | C] (Stellent, Inc.) -- C:\Programme\imrnd2.flt [2007.04.05 10:49:54 | 000,032,852 | ---- | C] (Stellent, Inc.) -- C:\Programme\impsz2.flt [2007.04.05 10:49:52 | 000,102,484 | ---- | C] (Stellent, Inc.) -- C:\Programme\imdsf2.flt [2007.04.05 10:49:52 | 000,098,388 | ---- | C] (Stellent, Inc.) -- C:\Programme\imcm72.flt [2007.04.05 10:49:52 | 000,094,292 | ---- | C] (Stellent, Inc.) -- C:\Programme\immet2.flt [2007.04.05 10:49:52 | 000,094,292 | ---- | C] (Stellent, Inc.) -- C:\Programme\imigs2.flt [2007.04.05 10:49:52 | 000,061,524 | ---- | C] (Stellent, Inc.) -- C:\Programme\imgdf2.flt [2007.04.05 10:49:52 | 000,061,524 | ---- | C] (Stellent, Inc.) -- C:\Programme\imfmv2.flt [2007.04.05 10:49:52 | 000,057,428 | ---- | C] (Stellent, Inc.) -- C:\Programme\impif2.flt [2007.04.05 10:49:52 | 000,053,332 | ---- | C] (Stellent, Inc.) -- C:\Programme\imcm52.flt [2007.04.05 10:49:52 | 000,045,140 | ---- | C] (Stellent, Inc.) -- C:\Programme\imgem2.flt [2007.04.05 10:49:52 | 000,032,852 | ---- | C] (Stellent, Inc.) -- C:\Programme\imcmx2.flt [2007.04.05 10:49:50 | 000,192,596 | ---- | C] (Stellent, Inc.) -- C:\Programme\imcd82.flt [2007.04.05 10:49:50 | 000,192,596 | ---- | C] (Stellent, Inc.) -- C:\Programme\imcd72.flt [2007.04.05 10:49:50 | 000,184,405 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsxl5.dll [2007.04.05 10:49:50 | 000,151,639 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsxl12.dll [2007.04.05 10:49:50 | 000,127,060 | ---- | C] (Stellent, Inc.) -- C:\Programme\imcd62.flt [2007.04.05 10:49:50 | 000,127,060 | ---- | C] (Stellent, Inc.) -- C:\Programme\ibpcd2.flt [2007.04.05 10:49:50 | 000,110,676 | ---- | C] (Stellent, Inc.) -- C:\Programme\imcd52.flt [2007.04.05 10:49:50 | 000,110,676 | ---- | C] (Stellent, Inc.) -- C:\Programme\imcd42.flt [2007.04.05 10:49:50 | 000,094,292 | ---- | C] (Stellent, Inc.) -- C:\Programme\imcd32.flt [2007.04.05 10:49:50 | 000,090,197 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswp6.dll [2007.04.05 10:49:50 | 000,061,524 | ---- | C] (Stellent, Inc.) -- C:\Programme\ibjpg2.flt [2007.04.05 10:49:50 | 000,057,431 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswpg2.dll [2007.04.05 10:49:50 | 000,053,332 | ---- | C] (Stellent, Inc.) -- C:\Programme\ibxpm2.flt [2007.04.05 10:49:50 | 000,036,948 | ---- | C] (Stellent, Inc.) -- C:\Programme\ibxwd2.flt [2007.04.05 10:49:50 | 000,036,948 | ---- | C] (Stellent, Inc.) -- C:\Programme\ibpsd2.flt [2007.04.05 10:49:50 | 000,032,852 | ---- | C] (Stellent, Inc.) -- C:\Programme\imcdr2.flt [2007.04.05 10:49:50 | 000,032,852 | ---- | C] (Stellent, Inc.) -- C:\Programme\ibxbm2.flt [2007.04.05 10:49:50 | 000,028,757 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsxml.dll [2007.04.05 10:49:48 | 000,151,637 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsw97.dll [2007.04.05 10:49:48 | 000,118,867 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsw6.dll [2007.04.05 10:49:48 | 000,077,911 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsword.dll [2007.04.05 10:49:48 | 000,077,910 | ---- | C] (Stellent, Inc.) -- C:\Programme\detree.dll [2007.04.05 10:49:48 | 000,077,908 | ---- | C] (Stellent, Inc.) -- C:\Programme\ibfpx2.flt [2007.04.05 10:49:48 | 000,069,717 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswp5.dll [2007.04.05 10:49:48 | 000,041,045 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswmf.dll [2007.04.05 10:49:48 | 000,036,951 | ---- | C] (Stellent, Inc.) -- C:\Programme\vswork.dll [2007.04.05 10:49:48 | 000,036,948 | ---- | C] (Stellent, Inc.) -- C:\Programme\ibgp42.flt [2007.04.05 10:49:48 | 000,024,659 | ---- | C] (Stellent, Inc.) -- C:\Programme\dehex.dll [2007.04.05 10:49:46 | 000,180,309 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsso6.dll [2007.04.05 10:49:46 | 000,147,543 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspp97.dll [2007.04.05 10:49:46 | 000,147,541 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsrtf.dll [2007.04.05 10:49:46 | 000,131,157 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsw12.dll [2007.04.05 10:49:46 | 000,073,815 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspp12.dll [2007.04.05 10:49:46 | 000,073,813 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspp7.dll [2007.04.05 10:49:46 | 000,069,719 | ---- | C] (Stellent, Inc.) -- C:\Programme\vstif6.dll [2007.04.05 10:49:46 | 000,065,621 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsqp9.dll [2007.04.05 10:49:46 | 000,065,621 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspp2.dll [2007.04.05 10:49:46 | 000,032,855 | ---- | C] (Stellent, Inc.) -- C:\Programme\vstext.dll [2007.04.05 10:49:44 | 000,159,829 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspdf.dll [2007.04.05 10:49:44 | 000,065,621 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmsg.dll [2007.04.05 10:49:44 | 000,053,335 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspict.dll [2007.04.05 10:49:44 | 000,045,141 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspng.dll [2007.04.05 10:49:44 | 000,032,855 | ---- | C] (Stellent, Inc.) -- C:\Programme\vspdfi.dll [2007.04.05 10:49:44 | 000,028,759 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmwks.dll [2007.04.05 10:49:44 | 000,028,759 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmwkd.dll [2007.04.05 10:49:42 | 000,188,501 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmif.dll [2007.04.05 10:49:42 | 000,139,361 | ---- | C] (Stellent, Inc.) -- C:\Programme\vslwp.dll [2007.04.05 10:49:42 | 000,094,295 | ---- | C] (Stellent, Inc.) -- C:\Programme\vshtml.dll [2007.04.05 10:49:42 | 000,090,197 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsich.dll [2007.04.05 10:49:42 | 000,082,007 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsmime.dll [2007.04.05 10:49:42 | 000,077,911 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsgdsf.dll [2007.04.05 10:49:42 | 000,073,813 | ---- | C] (Stellent, Inc.) -- C:\Programme\vshwp.dll [2007.04.05 10:49:42 | 000,032,855 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsjbg2.dll [2007.04.05 10:49:42 | 000,028,757 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsfax.dll [2007.04.05 10:49:40 | 000,413,781 | ---- | C] (Stellent, Inc.) -- C:\Programme\SCCUT.DLL [2007.04.05 10:49:40 | 000,208,981 | ---- | C] (Stellent, Inc.) -- C:\Programme\sccvw.dll [2007.04.05 10:49:40 | 000,159,831 | ---- | C] (Stellent, Inc.) -- C:\Programme\vseshr.dll [2007.04.05 10:49:40 | 000,131,157 | ---- | C] (Stellent, Inc.) -- C:\Programme\scclo.dll [2007.04.05 10:49:40 | 000,057,429 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsemf.dll [2007.04.05 10:49:40 | 000,053,334 | ---- | C] (Stellent, Inc.) -- C:\Programme\sccind.dll [2007.04.05 10:49:40 | 000,036,949 | ---- | C] (Stellent, Inc.) -- C:\Programme\vsbmp.dll [2007.04.05 10:49:40 | 000,028,758 | ---- | C] (Stellent, Inc.) -- C:\Programme\sccole.dll [2007.04.05 10:49:38 | 000,266,325 | ---- | C] (Stellent, Inc.) -- C:\Programme\sccdu.dll [2007.04.05 10:49:38 | 000,208,982 | ---- | C] (Stellent, Inc.) -- C:\Programme\sccfut.dll [2007.04.05 10:49:38 | 000,094,293 | ---- | C] (Stellent, Inc.) -- C:\Programme\sccfa.dll [2007.04.05 10:49:38 | 000,090,197 | ---- | C] (Stellent, Inc.) -- C:\Programme\sccfi.dll [2007.04.05 10:49:38 | 000,073,813 | ---- | C] (Stellent, Inc.) -- C:\Programme\sccch.dll [2007.04.05 10:49:38 | 000,057,429 | ---- | C] (Stellent, Inc.) -- C:\Programme\sccda.dll [2007.04.05 10:49:38 | 000,041,052 | ---- | C] (Stellent, Inc.) -- C:\Programme\oswin32.dll [2007.04.05 10:49:36 | 000,528,470 | ---- | C] (Stellent, Inc.) -- C:\Programme\impsi2.flt [2007.04.05 10:49:36 | 000,241,749 | ---- | C] (Stellent, Inc.) -- C:\Programme\demet.dll [2007.04.05 10:49:36 | 000,217,172 | ---- | C] (Stellent, Inc.) -- C:\Programme\dewp.dll [2007.04.05 10:49:36 | 000,147,540 | ---- | C] (Stellent, Inc.) -- C:\Programme\dess.dll [2007.04.05 10:49:36 | 000,077,909 | ---- | C] (Stellent, Inc.) -- C:\Programme\debmp.dll [2006.12.02 17:48:50 | 002,025,768 | ---- | C] (Skype Technologies S.A.) -- C:\Programme\SkypeSetup.exe [2005.02.15 13:09:32 | 001,780,436 | ---- | C] (Kroll Ontrack Inc.) -- C:\Programme\ERDOSDSKGerman.exe [2002.03.11 11:06:30 | 001,822,520 | ---- | C] (Microsoft Corporation) -- C:\Programme\instmsiw.exe [2002.03.11 10:45:04 | 001,708,856 | ---- | C] (Microsoft Corporation) -- C:\Programme\instmsia.exe [2001.02.28 06:10:00 | 001,048,576 | ---- | C] (Blue Sky Software Corporation.) -- C:\Programme\ROBOEX32.DLL [2000.08.04 15:25:30 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\Programme\INETWH32.dll ========== Files - Modified Within 30 Days ========== [2013.09.21 08:07:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\-\Desktop\OTL.exe [2013.09.21 07:40:44 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.09.21 07:34:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.09.18 09:04:57 | 001,083,437 | ---- | M] (Farbar) -- C:\Dokumente und Einstellungen\-\Desktop\FRST.exe [2013.09.13 21:34:41 | 000,891,144 | ---- | M] () -- C:\Dokumente und Einstellungen\-\Desktop\SecurityCheck.exe [2013.09.12 10:26:47 | 000,000,051 | ---- | M] () -- C:\WINDOWS\System32\crt_wl.cy [2013.09.12 09:53:37 | 000,000,911 | ---- | M] () -- C:\Dokumente und Einstellungen\-\Desktop\adwcleaner.lnk [2013.09.12 09:46:25 | 000,000,968 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2013.09.11 15:31:17 | 000,002,477 | ---- | M] () -- C:\Dokumente und Einstellungen\-\Desktop\Microsoft Word.lnk [2013.08.22 10:52:15 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk ========== Files Created - No Company Name ========== [2013.09.13 21:34:39 | 000,891,144 | ---- | C] () -- C:\Dokumente und Einstellungen\-\Desktop\SecurityCheck.exe [2013.09.12 09:53:37 | 000,000,911 | ---- | C] () -- C:\Dokumente und Einstellungen\-\Desktop\adwcleaner.lnk [2013.09.12 09:46:25 | 000,000,968 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2013.09.12 09:21:00 | 000,018,119 | ---- | C] () -- C:\Dokumente und Einstellungen\-\Eigene Dateien\AdwCleaner.jpg [2012.05.15 22:35:16 | 004,240,384 | ---- | C] () -- C:\Programme\SatSYNC.msi [2012.05.15 22:34:29 | 004,546,362 | ---- | C] () -- C:\Programme\WindowsSatSYNC-DE.exe [2012.03.26 23:13:40 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.06.17 16:48:11 | 000,460,232 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2011.03.25 11:22:16 | 000,000,000 | ---- | C] () -- C:\Programme\vlc-1.1.8-win32.exe [2010.11.30 13:14:17 | 000,000,000 | ---- | C] () -- C:\Programme\vlc-1.1.5-win32.exe [2010.09.17 09:41:37 | 044,151,368 | ---- | C] () -- C:\Programme\avira_antivir_personal_de1000567.exe [2010.09.13 17:26:11 | 000,641,148 | ---- | C] () -- C:\Programme\Telediagnose.lnk [2010.09.06 11:29:37 | 000,002,072 | ---- | C] () -- C:\Dokumente und Einstellungen\-\BT747SettingsJ2SE.pdb [2010.08.27 16:14:14 | 006,072,332 | ---- | C] () -- C:\Programme\RouteConverter.exe [2010.07.09 09:07:16 | 006,197,248 | ---- | C] () -- C:\Programme\TB4931_Win_DE.exe [2010.06.03 15:29:13 | 018,499,623 | ---- | C] () -- C:\Programme\vlc-1.0.5-win32.exe [2010.04.17 22:57:24 | 005,274,337 | ---- | C] () -- C:\Programme\PanoStudioSetupM.exe [2010.04.17 21:25:23 | 005,378,248 | ---- | C] () -- C:\Programme\PanoStudio2ProSetup.exe [2010.03.15 16:44:49 | 001,603,072 | ---- | C] () -- C:\Programme\comparetracksSetup.msi [2009.08.30 10:27:13 | 000,000,920 | ---- | C] () -- C:\Programme\PanoLab.jnlp [2009.08.20 16:34:54 | 012,039,580 | ---- | C] () -- C:\Programme\HOLUX_ezTour_Logger_installer20090714_v1.02.rar [2009.08.04 09:35:02 | 003,346,304 | ---- | C] () -- C:\Programme\DriverDetective.exe [2008.07.14 20:11:53 | 000,000,623 | ---- | C] () -- C:\Programme\ezupdate.cfg [2008.07.14 20:11:53 | 000,000,048 | ---- | C] () -- C:\Programme\Ontrack.url [2008.05.22 09:21:29 | 119,746,270 | ---- | C] () -- C:\Programme\OOo_2.4.0_Win32Intel_install_de.exe [2008.04.13 13:29:52 | 001,564,873 | ---- | C] () -- C:\Programme\Paint.NET.3.30.zip [2008.03.30 15:51:35 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\$_hpcst$.hpc [2008.03.30 15:47:48 | 007,844,864 | ---- | C] () -- C:\Programme\setup.msi [2008.03.15 01:00:01 | 000,037,375 | ---- | C] () -- C:\Programme\openoffice.org-xsltfilter.cab [2008.03.15 01:00:00 | 002,677,826 | ---- | C] () -- C:\Programme\openoffice.org-writer.cab [2008.03.15 00:59:52 | 000,207,388 | ---- | C] () -- C:\Programme\openoffice.org-testtool.cab [2008.03.15 00:59:50 | 002,504,855 | ---- | C] () -- C:\Programme\openoffice.org-pyuno.cab [2008.03.15 00:59:30 | 000,052,152 | ---- | C] () -- C:\Programme\openoffice.org-onlineupdate.cab [2008.03.15 00:59:29 | 001,209,478 | ---- | C] () -- C:\Programme\openoffice.org-math.cab [2008.03.15 00:59:25 | 000,118,910 | ---- | C] () -- C:\Programme\openoffice.org-javafilter.cab [2008.03.15 00:59:24 | 001,395,007 | ---- | C] () -- C:\Programme\openoffice.org-impress.cab [2008.03.15 00:59:19 | 000,086,870 | ---- | C] () -- C:\Programme\openoffice.org-graphicfilter.cab [2008.03.15 00:59:19 | 000,002,769 | ---- | C] () -- C:\Programme\openoffice.org-emailmerge.cab [2008.03.15 00:59:18 | 001,046,365 | ---- | C] () -- C:\Programme\openoffice.org-draw.cab [2008.03.15 00:59:14 | 002,031,954 | ---- | C] () -- C:\Programme\openoffice.org-core09.cab [2008.03.15 00:59:08 | 000,305,840 | ---- | C] () -- C:\Programme\openoffice.org-core08.cab [2008.03.15 00:59:03 | 004,249,333 | ---- | C] () -- C:\Programme\openoffice.org-core07.cab [2008.03.15 00:58:53 | 028,886,542 | ---- | C] () -- C:\Programme\openoffice.org-core06.cab [2008.03.15 00:55:03 | 018,833,212 | ---- | C] () -- C:\Programme\openoffice.org-core05.cab [2008.03.15 00:54:05 | 016,453,751 | ---- | C] () -- C:\Programme\openoffice.org-core04.cab [2008.03.15 00:53:12 | 009,118,899 | ---- | C] () -- C:\Programme\openoffice.org-core03.cab [2008.03.15 00:52:52 | 003,861,518 | ---- | C] () -- C:\Programme\openoffice.org-core02.cab [2008.03.15 00:52:39 | 015,103,860 | ---- | C] () -- C:\Programme\openoffice.org-core01.cab [2008.03.15 00:52:09 | 004,871,721 | ---- | C] () -- C:\Programme\openoffice.org-calc.cab [2008.03.15 00:51:54 | 001,912,702 | ---- | C] () -- C:\Programme\openoffice.org-base.cab [2008.03.15 00:51:46 | 000,043,005 | ---- | C] () -- C:\Programme\openoffice.org-activex.cab [2008.03.15 00:51:44 | 000,000,217 | ---- | C] () -- C:\Programme\setup.ini [2008.03.15 00:51:41 | 004,375,552 | ---- | C] () -- C:\Programme\openofficeorg24.msi [2008.02.08 22:33:18 | 000,497,152 | ---- | C] () -- C:\Programme\setup.exe [2007.07.18 08:39:35 | 007,951,856 | ---- | C] ( ) -- C:\Programme\gimp-2.2.15-i586-setup-1.exe [2007.07.15 12:15:16 | 007,346,061 | ---- | C] () -- C:\Programme\p36i_049.exe [2007.04.26 22:25:58 | 000,102,912 | ---- | C] () -- C:\Dokumente und Einstellungen\-\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.04.15 21:06:03 | 000,000,131 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\pcwCleaner.REG [2007.04.11 22:56:50 | 000,865,280 | ---- | C] () -- C:\Programme\wbfwdvd.exe [2007.04.05 10:49:54 | 001,567,232 | ---- | C] () -- C:\Programme\LWPAPIN.DLL [2007.04.05 10:49:54 | 001,066,910 | ---- | C] () -- C:\Programme\LTSCSD13.TLB [2007.04.05 10:49:54 | 000,183,254 | ---- | C] () -- C:\Programme\LWPAPIPN.DAT [2007.04.05 10:49:46 | 000,371,960 | ---- | C] () -- C:\Programme\cmmap000.bin [2007.04.05 10:49:46 | 000,260,531 | ---- | C] () -- C:\Programme\adinit.dat [2007.01.24 20:18:49 | 013,409,832 | ---- | C] () -- C:\Programme\antivir_workstation_win702u_de_h.exe [2006.12.02 22:56:30 | 002,855,080 | ---- | C] () -- C:\Programme\aawsepersonal.exe [2006.11.14 16:23:02 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\-\NULL [2006.09.11 18:15:07 | 000,000,144 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MagicPlayDVD.ini [2006.09.09 23:59:47 | 000,000,040 | -HS- | C] () -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\.zreglib [2006.05.26 15:51:28 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html [2006.05.26 15:06:41 | 000,000,004 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QSLLPSVCShare [2005.05.03 12:52:24 | 000,308,097 | ---- | C] () -- C:\Programme\fil.dat [2005.02.15 13:06:40 | 001,525,760 | ---- | C] () -- C:\Programme\ERBootGerman.iso [2002.05.05 04:22:02 | 000,002,048 | ---- | C] () -- C:\Programme\Profile.dat ========== ZeroAccess Check ========== [2008.04.13 12:44:33 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2009.04.29 06:51:20 | 001,495,552 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:18:19 | 000,473,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2004.08.04 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2008.04.13 12:14:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\aborange VertippTop [2006.07.05 19:47:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\ACD Systems [2007.02.20 20:16:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\apm [2008.07.14 20:42:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Ashampoo [2010.05.07 21:32:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Ashampoo Photo Commander 5 [2007.02.25 22:17:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Autodesk [2010.07.09 10:00:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Canon [2010.04.07 10:08:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\EasyPCGate [2010.08.05 16:48:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\GARMIN [2010.03.03 11:02:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\GeoSetter [2007.07.18 08:45:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\gtk-2.0 [2008.03.13 22:04:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\ICAClient [2010.04.07 10:08:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\ImagesWords [2006.12.02 16:54:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\IrfanView [2009.11.11 09:35:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\PanoramaStudio [2010.04.17 21:38:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\PanoramaStudio2Pro [2010.06.03 10:50:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Participatory Culture Foundation [2010.06.03 15:23:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\PCF-VLC [2012.05.15 22:49:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Satmap [2010.07.09 09:38:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\ScanSoft [2006.09.10 00:01:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\SlySoft [2008.06.07 13:06:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Smart PC Solutions [2007.06.11 18:14:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\SMC [2010.11.29 22:23:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Teleca [2008.04.16 20:35:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Thunderbird [2006.05.26 14:45:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\Toshiba [2007.04.11 23:03:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\-\Anwendungsdaten\WinPatrol [2008.04.13 13:02:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ashampoo [2007.07.17 13:43:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Autodesk [2010.03.15 16:48:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\comparetracks [2010.04.07 10:08:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EasyPCGate [2008.07.14 20:35:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ebay [2010.04.07 10:08:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ImagesWords [2009.08.04 09:39:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters [2013.09.13 21:59:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PlayPond [2011.01.17 22:17:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft [2010.08.25 08:35:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SSScanAppDataDir [2010.07.09 09:38:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SSScanWizard [2009.08.18 07:38:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2010.11.29 22:17:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip [2012.03.12 09:01:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} [2009.08.23 11:30:32 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{83C91755-2546-441D-AC40-9A6B4B860800} [2009.08.23 12:06:32 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{9CCF7773-8BDD-441A-9B92-593772C4EFDC} ========== Purity Check ========== ========== Custom Scans ========== < reg query "HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0" /c > ! REG.EXE VERSION 3.0 HKEY_LOCAL_MACHINE\HARDWARE\DEVICEMAP\SCSI\SCSI PORT 0 DMAEnabled REG_DWORD 0x1 Driver REG_SZ atapi HKEY_LOCAL_MACHINE\HARDWARE\DEVICEMAP\SCSI\SCSI PORT 0\Scsi Bus 0 < reg query "HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}" /s /c > ! REG.EXE VERSION 3.0 HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318} Class REG_SZ hdc <NO NAME> REG_SZ IDE ATA/ATAPI-Controller Icon REG_SZ -9 Installer32 REG_SZ SysSetup.Dll,HdcClassInstaller TroubleShooter-0 REG_SZ hcp://help/tshoot/tsdrive.htm HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0000 MasterOnMask REG_DWORD 0x80 MasterOnConfigOffset REG_DWORD 0x41 SlaveOnMask REG_DWORD 0x80 SlaveOnConfigOffset REG_DWORD 0x43 InfPath REG_SZ ich6ide.inf InfSection REG_SZ intelide ProviderName REG_SZ Intel DriverDateData REG_BINARY 00403BF33211C401 DriverDate REG_SZ 3-24-2004 DriverVersion REG_SZ 6.1.0.1004 MatchingDeviceId REG_SZ pci\ven_8086&dev_2653&cc_0101 DriverDesc REG_SZ Intel(R) 82801FBM Ultra ATA Storage Controllers - 2653 HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0001 EnumPropPages32 REG_SZ storprop.dll,IdePropPageProvider InfPath REG_SZ mshdc.inf InfSection REG_SZ atapi_Inst_primary ProviderName REG_SZ Microsoft DriverDateData REG_BINARY 008062C5C001C101 DriverDate REG_SZ 7-1-2001 DriverVersion REG_SZ 5.1.2600.2180 MatchingDeviceId REG_SZ primary_ide_channel DriverDesc REG_SZ Primärer IDE-Kanal MasterDeviceType REG_DWORD 0x1 SlaveDeviceType REG_DWORD 0x0 SlaveDeviceDetectionTimeout REG_DWORD 0x1 MasterDeviceTimingMode REG_DWORD 0x10010 MasterDeviceTimingModeAllowed REG_DWORD 0xffffffff MasterIdDataCheckSum REG_DWORD 0x28392 SlaveDeviceTimingMode REG_DWORD 0x0 HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0002 EnumPropPages32 REG_SZ storprop.dll,IdePropPageProvider InfPath REG_SZ mshdc.inf InfSection REG_SZ atapi_Inst_secondary ProviderName REG_SZ Microsoft DriverDateData REG_BINARY 008062C5C001C101 DriverDate REG_SZ 7-1-2001 DriverVersion REG_SZ 5.1.2600.2180 MatchingDeviceId REG_SZ secondary_ide_channel DriverDesc REG_SZ Sekundärer IDE-Kanal MasterDeviceType REG_DWORD 0x2 SlaveDeviceType REG_DWORD 0x0 SlaveDeviceDetectionTimeout REG_DWORD 0x1 MasterDeviceTimingMode REG_DWORD 0x2010 MasterDeviceTimingModeAllowed REG_DWORD 0xffffffff MasterIdDataCheckSum REG_DWORD 0x1a657 SlaveDeviceTimingMode REG_DWORD 0x0 HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties < > [2006.05.26 14:03:02 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini [2006.05.26 14:18:08 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT [2009.08.23 11:31:13 | 000,000,458 | ---- | C] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job [2010.04.10 07:13:04 | 000,000,236 | ---- | C] () -- C:\WINDOWS\Tasks\OGALogon.job [2010.04.19 07:35:30 | 000,000,336 | ---- | C] () -- C:\WINDOWS\Tasks\WinMaximizer---Startup.job [2013.07.12 18:02:27 | 000,001,086 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1ce7f1934ad36c0.job ========== Alternate Data Streams ========== @Alternate Data Stream - 110 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 < End of report > Code:
ATTFilter OTL Extras logfile created on: 21.09.2013 09:06:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\-\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
503,37 Mb Total Physical Memory | 157,10 Mb Available Physical Memory | 31,21% Memory free
1,20 Gb Paging File | 0,49 Gb Available in Paging File | 41,23% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 27,87 Gb Total Space | 7,09 Gb Free Space | 25,45% Space Free | Partition Type: NTFS
Computer Name: WCSAG-NB04 | User Name: - | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\Huawei technologies\Huawei UMTS Data Card\HUAWEI 3G Data Card.exe" = C:\Programme\Huawei technologies\Huawei UMTS Data Card\HUAWEI 3G Data Card.exe:*:Enabled:Huawei 3G Data Card
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WcesMgr.exe" = C:\Programme\Microsoft ActiveSync\WcesMgr.exe:*:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\-\Lokale Einstellungen\Temp\routeconverter\IeEmbed.exe" = C:\Dokumente und Einstellungen\-\Lokale Einstellungen\Temp\routeconverter\IeEmbed.exe:*:Disabled:JDesktop Integration Components binary
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Programme\Participatory Culture Foundation\Miro\Miro_Downloader.exe" = C:\Programme\Participatory Culture Foundation\Miro\Miro_Downloader.exe:*:Enabled:Miro_Downloader
"C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Google\Google Earth\plugin\geplugin.exe" = C:\Programme\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\Java\jre7\bin\java.exe" = C:\Programme\Java\jre7\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00170407-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F528948-0E80-4C96-B455-DE4167CB1DF7}" = Energieverwaltung der internen Netzwerkkarte
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{28DA872A-0848-48CF-B749-19A198157A2A}" = mDriver
"{2A77FEA4-FA15-4C60-AEDF-D96E88118AEE}" = Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C499A5A-EF17-4FE0-995B-1EFC34D426C1}" = SatSYNC
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F77F6EE-2C99-49F7-940A-2E9C208C3BE1}" = Paint.NET v3.5.2
"{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"{56364334-9530-11D2-BFFC-00C04FA329AA}" = Microsoft Works 2000
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}" = OmniPage SE 2.0
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8A1D86F3-3FF4-400B-9B2F-27B269C594EE}" = Multiple Image Resizer .NET
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{911A0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Outlook 2002
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{97A4D873-47B9-454A-A567-8AFF41C07155}" = EasyRecovery DataRecovery
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9D669429-A2E4-4793-B7A0-283D259F39AF}" = Adobe Photoshop Lightroom 2.5
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = C-Major Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A71000000002}" = Adobe Reader 7.1.0 - Deutsch
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}" = mToolkit
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = Canon CanoScan Toolbox 4.9
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"99_is1" = Jawbreaker
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 2008 Advanced_is1" = Ashampoo Burning Studio 2008 Advanced
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"B406677FA530D213D0B10B080DCD1080AE866D39" = Windows-Treiberpaket - Ross-Tech USB Driver Package (05/21/2009 2.04.18)
"B4DFFB06B716298277125094C48185BFE8B5A7E1" = Windows-Treiberpaket - Ross-Tech USB Driver Package (06/16/2010 2.06.02)
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.92 Modem
"DeInst_d2vexcrdAMAP3D Viewer (Build 1.1.5.596)" = AMAP3D Viewer
"EconomyLab" = EconomyLab
"fl_sim_p3" = FluidSIM-P V3.1j D
"GPS-Track-Analyse.NET_is1" = 5.0.1
"HOLUX ezTour for Logger_HOLUX_DL" = HOLUX ezTour for Logger v1.01
"InstallShield_{52504CE6-E909-4113-B232-4AFEC6543A61}" = Broadcom 440x 10/100 Integrated Controller
"InstallShield_{97A4D873-47B9-454A-A567-8AFF41C07155}" = EasyRecovery DataRecovery
"IrfanView" = IrfanView (remove only)
"KOMPASS Digital Map Kärnten_is1" = KOMPASS Digital Map Kärnten
"KOMPASS Digital Map_is1" = KOMPASS Digital Map
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 23.0.1 (x86 de)" = Mozilla Firefox 23.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Multiple Image Resizer .NET" = Multiple Image Resizer .NET
"ODBC" = ODBC
"PanoramaStudio" = PanoramaStudio 1.6 (deinstallieren)
"Picasa 3" = Picasa 3
"ProInst" = Intel(R) PROSet/Wireless Software
"SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
"SuperRam_is1" = SuperRam
"VCDS PCI" = VCDS PCI 10
"VLC media player" = VLC media player 1.0.5
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
"xp-AntiSpy" = xp-AntiSpy 3.96-4
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PanoLab" = PanoLab
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.09.2013 01:14:22 | Computer Name = WCSAG-NB04 | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 14.09.2013 02:15:45 | Computer Name = WCSAG-NB04 | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 14.09.2013 02:51:26 | Computer Name = WCSAG-NB04 | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 14.09.2013 11:18:37 | Computer Name = WCSAG-NB04 | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 15.09.2013 14:18:18 | Computer Name = WCSAG-NB04 | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 15.09.2013 14:19:27 | Computer Name = WCSAG-NB04 | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 16.09.2013 01:17:38 | Computer Name = WCSAG-NB04 | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 18.09.2013 02:12:01 | Computer Name = WCSAG-NB04 | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 18.09.2013 07:40:21 | Computer Name = WCSAG-NB04 | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
Error - 20.09.2013 00:52:04 | Computer Name = WCSAG-NB04 | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
[ System Events ]
Error - 21.09.2013 02:03:29 | Computer Name = WCSAG-NB04 | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 21.09.2013 02:03:59 | Computer Name = WCSAG-NB04 | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 21.09.2013 02:04:29 | Computer Name = WCSAG-NB04 | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 21.09.2013 02:04:59 | Computer Name = WCSAG-NB04 | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 21.09.2013 02:05:29 | Computer Name = WCSAG-NB04 | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 21.09.2013 02:05:59 | Computer Name = WCSAG-NB04 | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 21.09.2013 02:06:29 | Computer Name = WCSAG-NB04 | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 21.09.2013 02:06:59 | Computer Name = WCSAG-NB04 | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 21.09.2013 02:07:29 | Computer Name = WCSAG-NB04 | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 21.09.2013 02:08:00 | Computer Name = WCSAG-NB04 | Source = DCOM | ID = 10010
Description = Der Server "{8BC3F05E-D86B-11D0-A075-00C04FB68820}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
< End of report >
Schon mal, wieder, vielen Dank für Deine Bemühungen und ich wünsche Dir ein angenehmes Wochenende! |
|
21.09.2013, 16:20
| #32 |
| /// the machine /// TB-Ausbilder    | Befall von Metropolitan British Police, WinXP, SP2, uralt-LaptopFixen mit OTL
Code:
ATTFilter :reg
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0001]
"MasterDeviceTimingMode"=dword:ffffffff
"MasterDeviceTimingModeAllowed"=dword:ffffffff
"MasterIdDataCheckSum"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0002]
"MasterDeviceTimingMode"=dword:ffffffff
"MasterDeviceTimingModeAllowed"=dword:ffffffff
"MasterIdDataCheckSum"=-
:commands
[reboot]
Was macht die Performance?
__________________ |
|
28.09.2013, 12:09
| #33 | |
| | Befall von Metropolitan British Police, WinXP, SP2, uralt-Laptop Servus @Schrauber.
__________________Lang, lang ists her.. sorry  Das Laptop treibt mich in den Wahnsinn... Habe zwischenzeitlich das Fix durch gezogen: HTML-Code: ========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0001\\"MasterDeviceTimingMode"|dword:ffffffff /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0001\\"MasterDeviceTimingModeAllowed"|dword:ffffffff /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0001\\MasterIdDataCheckSum deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0002\\"MasterDeviceTimingMode"|dword:ffffffff /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0002\\"MasterDeviceTimingModeAllowed"|dword:ffffffff /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0002\\MasterIdDataCheckSum deleted successfully.
========== COMMANDS ==========
OTL by OldTimer - Version 3.2.69.0 log created on 09272013_160803 Zitat:
 Bin aber zu 100% mit Deiner Hilfe zufrieden, weil ich auf jeden Fall wieder Zugriff auf die Daten bekam  Hier nochmals vielen Dank für Deinen Einsatz  Ich befürchte, mir wird nur eine Neuinstallation wirklich helfen, oder? |
|
28.09.2013, 15:32
| #34 |
| /// the machine /// TB-Ausbilder | Befall von Metropolitan British Police, WinXP, SP2, uralt-Laptop Was genau kommt für ein FEhler wenn Du die VBS laufen lassen willst?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.09.2013, 08:22
| #35 | |
| | Befall von Metropolitan British Police, WinXP, SP2, uralt-Laptop servus @schrauber, danke für Deine Rückmeldung! Zitat:
 Sorry  |
|
29.09.2013, 17:54
| #36 | |
| /// the machine /// TB-Ausbilder | Befall von Metropolitan British Police, WinXP, SP2, uralt-Laptop Sorry, das Teil aus dem Post meine ich. Zitat:
__________________ --> Befall von Metropolitan British Police, WinXP, SP2, uralt-Laptop |
|
| Themen zu Befall von Metropolitan British Police, WinXP, SP2, uralt-Laptop |
| backup, beachten, board, community, dateien, diverse, eingabe, funktion, guter, hilfe!, hilft, hinweis, laptop, logfile, neue, sp2, starte, starten, system, tab, version, virus?, webseite, webseiten, winxp |
Textbox. 
Linear-Darstellung
