| anonfool | 30.03.2012 20:03 |
Hallo,
danke für die schnelle Antwort!
Hier die Log-Dateien:
OTL.Txt Code:
OTL logfile created on: 30.03.2012 20:51:05 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\anonfool\Downloads\malware
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,87 Gb Available Physical Memory | 88,25% Memory free
6,50 Gb Paging File | 6,14 Gb Available in Paging File | 94,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 119,14 Gb Total Space | 41,30 Gb Free Space | 34,66% Space Free | Partition Type: NTFS
Drive D: | 120,00 Gb Total Space | 41,89 Gb Free Space | 34,91% Space Free | Partition Type: NTFS
Drive E: | 118,08 Gb Total Space | 10,46 Gb Free Space | 8,86% Space Free | Partition Type: NTFS
Drive Z: | 60,00 Gb Total Space | 1,28 Gb Free Space | 2,13% Space Free | Partition Type: NTFS
Computer Name: anonfool-PC | User Name: anonfool | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.03.30 20:42:30 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\anonfool\Downloads\malware\OTL.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.09.28 17:00:06 | 000,056,952 | ---- | M] (Ipswitch) -- C:\Programme\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe
========== Modules (No Company Name) ==========
MOD - [2010.09.28 16:53:26 | 000,948,496 | ---- | M] () -- C:\Programme\Ipswitch\WS_FTP 12\libeay32.dll
MOD - [2010.09.28 16:53:26 | 000,153,360 | ---- | M] () -- C:\Programme\Ipswitch\WS_FTP 12\ssleay32.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.03.04 22:40:10 | 000,748,440 | ---- | M] (Spigot, Inc.) [Auto | Stopped] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.06.28 18:01:22 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.27 18:00:32 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.11.26 04:54:00 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.10.28 12:13:30 | 000,293,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010.09.21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.05.31 17:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001.11.12 15:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Stopped] -- C:\Programme\Common Files\X10\Common\X10NETS.EXE -- (x10nets)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\\SystemRoot\System32\Drivers\sptd.sys -- (sptd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\FsUsbExDisk.SYS -- (FsUsbExDisk)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2011.12.08 16:33:53 | 000,039,016 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2011.12.08 16:33:47 | 000,031,848 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV - [2011.12.08 16:33:47 | 000,031,848 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCap)
DRV - [2011.12.08 06:22:26 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.12.08 06:22:26 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011.12.08 06:22:26 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2011.09.29 19:15:46 | 000,028,352 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2011.06.28 18:01:22 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.28 18:01:22 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.03.18 13:46:26 | 000,061,704 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2011.03.18 13:46:10 | 000,073,096 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2010.11.30 14:27:50 | 000,151,040 | ---- | M] (ODSoft multimedia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\kncbda32.sys -- (kncbda)
DRV - [2010.11.26 06:19:20 | 006,650,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010.11.26 06:19:20 | 006,650,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010.11.26 04:16:26 | 000,231,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.11.17 14:04:24 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2010.08.24 19:31:02 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2010.08.24 19:30:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010.04.27 17:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2010.04.27 17:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2010.04.27 17:57:24 | 000,031,816 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmHidLo.sys -- (WmHidLo)
DRV - [2010.04.27 17:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2010.04.27 15:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009.11.18 19:09:52 | 000,376,832 | ---- | M] (NETGEAR Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2009.07.14 00:02:53 | 000,657,408 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009.07.14 00:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.02.20 19:09:16 | 000,044,032 | ---- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GigasetGenericUSB.sys -- (GigasetGenericUSB)
DRV - [2006.11.30 16:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2006.11.17 12:31:02 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=ie9hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DC F9 BB 4D F7 BB CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results)
IE - HKCU\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\5.1\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{125D16F3-D586-4F95-9960-B32D86F37AD6}: "URL" = hxxp://websearch.search-results.com/redirect?client=ie&tb=STC-SRS&o=41648033&src=kw&q={searchTerms}&locale=&apn_ptnrs=96&apn_dtid=YYYYYYYYDE&apn_uid=45EB381C-91AC-4E33-B5FC-E5F0AF2150C7&apn_sauid=11D48887-0723-4B86-8B60-1B8A81FBA436
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
IE - HKCU\..\SearchScopes\{84C138B0-4D2E-4757-9BD0-DEDF35FA61F9}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2736476
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "Freeware.de Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316&ilc=12"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.rsf-phoenix.de/"
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.21.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=827316&p="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/CCBPL: C:\Program Files\Canon\APU\npCCBPLFirefox.dll (Canon Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.18 09:07:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.15 08:33:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.09.05 12:36:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2011.01.24 12:54:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\anonfool\AppData\Roaming\mozilla\Extensions
[2011.01.24 12:54:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\anonfool\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.03.25 17:44:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\anonfool\AppData\Roaming\mozilla\Firefox\Profiles\zo3w4qr6.default\extensions
[2011.09.09 17:34:54 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\anonfool\AppData\Roaming\mozilla\Firefox\Profiles\zo3w4qr6.default\extensions\DefaultManager@Microsoft
[2011.08.10 05:36:50 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\anonfool\AppData\Roaming\mozilla\Firefox\Profiles\zo3w4qr6.default\extensions\DeviceDetection@logitech.com
[2011.12.07 20:45:33 | 000,000,000 | ---D | M] (Softonic Toolbar) -- C:\Users\anonfool\AppData\Roaming\mozilla\Firefox\Profiles\zo3w4qr6.default\extensions\toolbar@ask.com
[2011.09.27 13:41:08 | 000,000,925 | ---- | M] () -- C:\Users\anonfool\AppData\Roaming\Mozilla\Firefox\Profiles\zo3w4qr6.default\searchplugins\conduit.xml
[2011.05.17 20:23:12 | 000,003,295 | ---- | M] () -- C:\Users\anonfool\AppData\Roaming\Mozilla\Firefox\Profiles\zo3w4qr6.default\searchplugins\search-results.xml
[2012.01.10 19:07:39 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.10.20 16:17:41 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.03.25 17:44:26 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2012.03.25 17:44:26 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF
() (No name found) -- C:\USERS\anonfool\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZO3W4QR6.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012.03.18 09:07:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.09.07 13:51:29 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.07 13:51:29 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.09.07 13:51:29 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.07 13:51:29 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.07 13:51:29 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.07 13:51:29 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\anonfool\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.83\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\anonfool\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\APU\npCCBPLFirefox.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\anonfool\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\anonfool\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.18_0\
CHR - Extension: Skype Click to Call = C:\Users\anonfool\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Google Mail = C:\Users\anonfool\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\5.1\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (Softonic Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\5.1\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Search-Results)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EPSON PageSTM InboxIcon01] C:\Programme\EPSON\ISTM3\PG\E_L20IC3.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [MMTray] C:\Programme\Musicmatch\Musicmatch Jukebox\mm_tray.exe (Musicmatch, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [PCSpeedUp] C:\Program Files\PC Beschleunigen\PCSpeedUp.lnk ()
O4 - HKCU..\Run: [SJelite3Launch] C:\Users\anonfool\AppData\Roaming\Transcend\SJelite3\SJelite3Launch.exe ()
O4 - HKCU..\Run: [Winsplit] C:\Programme\WinSplit Revolution\WinSplit.exe ()
O4 - Startup: C:\Users\anonfool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\audioVolume.bat - Verknüpfung.lnk = E:\audioVolume.bat ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{16431724-B950-4966-B70C-4454066221B7}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{89A9EE2A-2739-4B07-B5F3-F2DE7401FDD1}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{214a25ad-a562-11e0-98a3-0017316a289a}\Shell - "" = AutoRun
O33 - MountPoints2\{214a25ad-a562-11e0-98a3-0017316a289a}\Shell\AutoRun\command - "" = M:\AutoRun.exe
O33 - MountPoints2\M\Shell - "" = AutoRun
O33 - MountPoints2\M\Shell\AutoRun\command - "" = M:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {DA5927F2-0C44-42EC-8DE1-E0A1C08209E7} - Bing Bar
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{503879BC-E052-4521-B621-C06AC025F417} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG111v3 Setup-Assistent.lnk - C:\Programme\NETGEAR\WG111v3\WG111v3.exe - ()
MsConfig - State: "startup" - 2
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2012.03.28 19:36:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gigaset QuickSync
[2012.03.28 19:36:05 | 000,000,000 | ---D | C] -- C:\Program Files\Gigaset QuickSync
[2012.03.27 06:26:07 | 000,000,000 | ---D | C] -- C:\Office-Daten
[2012.03.25 17:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2012.03.25 17:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar
[2012.03.25 17:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012.03.21 18:00:46 | 000,000,000 | ---D | C] -- C:\c47d15a4022baa1f1d30ff9b3e
[2012.03.13 07:39:50 | 000,000,000 | ---D | C] -- C:\3cf249c1195da8ec5dcbaff2a3
[2012.03.09 07:10:16 | 000,000,000 | ---D | C] -- C:\Users\anonfool\AppData\Roaming\Amazon
[2012.03.09 07:09:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
[2012.03.09 07:09:36 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon
[2012.03.01 14:46:38 | 000,495,616 | ---- | C] (Gigaset Communications GmbH) -- C:\Windows\System32\Gqstsp.tsp
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.03.30 20:49:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.30 20:49:46 | 2616,107,008 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.30 20:48:46 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.30 20:45:34 | 011,859,130 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.03.30 20:45:34 | 003,532,638 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.03.30 20:45:34 | 000,631,692 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.03.30 20:45:34 | 000,119,436 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.03.30 20:03:27 | 000,016,720 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.30 20:03:27 | 000,016,720 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.30 18:24:26 | 000,000,176 | ---- | M] () -- C:\Users\anonfool\defogger_reenable
[2012.03.30 17:45:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.29 18:49:39 | 000,002,675 | ---- | M] () -- C:\Users\Public\Desktop\QuickSteuer 2011.lnk
[2012.03.29 17:40:48 | 000,001,210 | ---- | M] () -- C:\Users\anonfool\Desktop\pidgin-portable.exe - Verknüpfung (2).lnk
[2012.03.29 17:35:20 | 000,003,177 | ---- | M] () -- C:\Program Files\traybackup.ini
[2012.03.28 19:43:36 | 000,025,088 | ---- | M] () -- C:\Users\anonfool\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.28 19:36:06 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\Gigaset QuickSync.exe.lnk
[2012.03.22 19:14:07 | 000,002,675 | ---- | M] () -- C:\Users\Public\Desktop\QuickSteuer 2012.lnk
[2012.03.18 12:13:21 | 000,036,864 | ---- | M] () -- C:\Users\anonfool\Desktop\Finanzierung.pdf
[2012.03.14 19:17:23 | 000,381,368 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.03.11 17:33:32 | 000,045,775 | ---- | M] () -- C:\Users\anonfool\Documents\panorama schule.jpg
[2012.03.11 17:12:16 | 000,054,031 | ---- | M] () -- C:\Users\anonfool\Documents\andrea3.jpg
[2012.03.09 06:53:16 | 000,232,562 | ---- | M] () -- C:\Users\anonfool\Documents\Saalplan.jpg
[2012.03.09 06:51:37 | 000,003,620 | ---- | M] () -- C:\Windows\WDC.INI
[2012.03.08 19:02:16 | 000,061,616 | ---- | M] () -- C:\Users\anonfool\Documents\schwenker2.jpg
[2012.03.08 19:01:48 | 000,057,832 | ---- | M] () -- C:\Users\anonfool\Documents\schwenker1.jpg
[2012.03.07 16:21:32 | 000,076,550 | ---- | M] () -- C:\Users\anonfool\Documents\GPS_Daten_Guadeloupe.zip
[2012.03.07 16:16:00 | 002,116,510 | R--- | M] () -- C:\Users\anonfool\Documents\Guadeloupe.pdf
[2012.03.04 08:09:09 | 000,242,091 | ---- | M] () -- C:\Users\anonfool\Desktop\Scan 02.03.ini
[2012.03.01 18:27:16 | 000,000,584 | ---- | M] () -- C:\Users\anonfool\Desktop\radmärz12.PRZ.lnk
[2012.03.01 14:46:38 | 000,495,616 | ---- | M] (Gigaset Communications GmbH) -- C:\Windows\System32\Gqstsp.tsp
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.03.30 18:24:14 | 000,000,176 | ---- | C] () -- C:\Users\anonfool\defogger_reenable
[2012.03.29 17:40:48 | 000,001,210 | ---- | C] () -- C:\Users\anonfool\Desktop\pidgin-portable.exe - Verknüpfung (2).lnk
[2012.03.22 20:12:14 | 000,101,206 | ---- | C] () -- C:\Users\anonfool\Documents\C3000fax.tif
[2012.03.22 20:12:13 | 005,042,942 | ---- | C] () -- C:\Users\anonfool\Documents\brt2011
[2012.03.22 20:12:12 | 005,042,942 | ---- | C] () -- C:\Users\anonfool\Documents\brt
[2012.03.22 20:12:10 | 000,004,273 | ---- | C] () -- C:\Users\anonfool\Documents\BMW 1er M Coupé.pdf
[2012.03.22 20:12:07 | 000,161,911 | ---- | C] () -- C:\Users\anonfool\Documents\Aufwärmen im Sportunterrich....pdf
[2012.03.22 20:12:06 | 000,058,910 | ---- | C] () -- C:\Users\anonfool\Documents\Aufgaben Pythagoras.pdf
[2012.03.22 20:12:05 | 001,502,185 | ---- | C] () -- C:\Users\anonfool\Documents\ATT00036.dat
[2012.03.22 20:11:59 | 000,011,381 | ---- | C] () -- C:\Users\anonfool\Documents\Alben_MP3-CD.jpg
[2012.03.22 20:11:57 | 000,003,982 | ---- | C] () -- C:\Users\anonfool\Documents\5_20101117.ideva
[2012.03.22 20:11:55 | 000,965,883 | ---- | C] () -- C:\Users\anonfool\Documents\35i.jpg
[2012.03.22 20:11:51 | 001,602,271 | ---- | C] () -- C:\Users\anonfool\Documents\241210.pdf
[2012.03.22 20:11:49 | 001,183,212 | ---- | C] () -- C:\Users\anonfool\Documents\123d_Harig.pdf
[2012.03.22 20:11:48 | 000,093,883 | ---- | C] () -- C:\Users\anonfool\Documents\123d.pdf
[2012.03.22 20:11:46 | 003,032,647 | ---- | C] () -- C:\Users\anonfool\Documents\06_1568.zip
[2012.03.22 20:11:45 | 000,002,220 | ---- | C] () -- C:\Users\anonfool\Documents\(RSF) KLEIN Jörg.contact
[2012.03.22 20:11:42 | 000,002,842 | ---- | C] () -- C:\Users\anonfool\Documents\(RSF) BÄCHLE Ulf.contact
[2012.03.18 12:13:19 | 000,036,864 | ---- | C] () -- C:\Users\anonfool\Desktop\Finanzierung.pdf
[2012.03.11 17:33:43 | 000,045,775 | ---- | C] () -- C:\Users\anonfool\Documents\panorama schule.jpg
[2012.03.11 17:12:18 | 000,054,031 | ---- | C] () -- C:\Users\anonfool\Documents\andrea3.jpg
[2012.03.09 06:53:20 | 000,232,562 | ---- | C] () -- C:\Users\anonfool\Documents\Saalplan.jpg
[2012.03.08 19:02:20 | 000,061,616 | ---- | C] () -- C:\Users\anonfool\Documents\schwenker2.jpg
[2012.03.08 19:01:32 | 000,057,832 | ---- | C] () -- C:\Users\anonfool\Documents\schwenker1.jpg
[2012.03.07 16:21:26 | 000,076,550 | ---- | C] () -- C:\Users\anonfool\Documents\GPS_Daten_Guadeloupe.zip
[2012.03.07 16:20:29 | 002,116,510 | R--- | C] () -- C:\Users\anonfool\Documents\Guadeloupe.pdf
[2012.03.05 09:54:26 | 000,002,675 | ---- | C] () -- C:\Users\Public\Desktop\QuickSteuer 2012.lnk
[2012.03.04 08:09:09 | 000,242,091 | ---- | C] () -- C:\Users\anonfool\Desktop\Scan 02.03.ini
[2012.02.12 16:02:39 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2012.01.31 21:13:49 | 000,003,620 | ---- | C] () -- C:\Windows\WDC.INI
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.11.11 21:16:23 | 000,000,122 | ---- | C] () -- C:\Users\anonfool\AppData\Roaming\.ptbt1
[2011.10.28 15:19:57 | 000,004,096 | -H-- | C] () -- C:\Users\anonfool\AppData\Local\keyfile3.drm
[2011.10.03 17:14:46 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2011.09.29 19:11:40 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011.09.29 10:29:50 | 000,000,021 | ---- | C] () -- C:\Windows\TemplateWizard.INI
[2011.07.13 17:14:43 | 000,022,145 | ---- | C] () -- C:\Users\anonfool\AppData\Roaming\UserTile.png
[2011.06.09 04:57:35 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.03.18 18:50:54 | 000,025,088 | ---- | C] () -- C:\Users\anonfool\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.23 18:35:16 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.30 17:33:26 | 000,003,177 | ---- | C] () -- C:\Program Files\traybackup.ini
[2011.01.25 17:58:39 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.01.25 17:00:29 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2011.01.24 15:50:01 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.01.24 13:08:21 | 000,698,000 | ---- | C] () -- C:\Windows\unins000.exe
[2011.01.24 13:08:21 | 000,001,611 | ---- | C] () -- C:\Windows\unins000.dat
[2011.01.24 12:04:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.01.04 17:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.01.04 17:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.01.04 17:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.01.04 17:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010.09.28 22:07:36 | 000,224,001 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.09.17 21:17:00 | 000,002,888 | ---- | C] () -- C:\Windows\System32\atipblag.dat
========== LOP Check ==========
[2011.02.22 16:41:45 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\.purple
[2012.03.09 07:10:16 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\Amazon
[2011.10.05 16:10:18 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\Anvsoft
[2012.01.29 18:15:12 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\Audacity
[2011.01.29 16:14:21 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\Canon
[2011.03.15 15:22:40 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\Ciclo
[2012.01.27 05:56:56 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\DAEMON Tools Lite
[2011.04.12 15:12:09 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\DeepBurner
[2011.08.09 15:18:16 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\FILEminimizerPictures
[2012.02.12 16:02:53 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\FreeAudioPack
[2011.09.24 20:49:01 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\gtk-2.0
[2012.03.30 17:33:29 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\IrfanView
[2011.01.29 19:36:06 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\Leadertech
[2011.03.06 09:27:09 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\Lexware
[2011.02.15 16:09:50 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\Memeo
[2011.09.14 15:53:25 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\OpenCandy
[2011.09.14 15:53:31 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\pdfforge
[2012.01.02 10:13:01 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\Priotecs
[2011.01.26 21:23:17 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\PTV AG
[2012.02.12 15:12:54 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\Samsung
[2011.01.24 12:54:54 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\Thunderbird
[2011.01.30 17:39:14 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\Transcend
[2012.03.30 12:00:30 | 000,000,000 | ---D | M] -- C:\Users\anonfool\AppData\Roaming\Winsplit Revolution
[2012.03.28 04:48:27 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.08.02 14:29:21 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.03.14 17:28:59 | 000,000,000 | ---D | M] -- C:\3cf249c1195da8ec5dcbaff2a3
[2011.12.28 08:50:48 | 000,000,000 | ---D | M] -- C:\BMW M3 Challenge
[2012.03.21 18:00:46 | 000,000,000 | ---D | M] -- C:\c47d15a4022baa1f1d30ff9b3e
[2012.03.29 18:49:43 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2012.01.22 19:17:19 | 000,000,000 | ---D | M] -- C:\d
[2011.08.10 06:27:13 | 000,000,000 | ---D | M] -- C:\d94063a78788d2cd20db
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.01.24 12:12:19 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.09.14 07:28:46 | 000,000,000 | ---D | M] -- C:\e8d42f6c78a50fc1eb
[2011.02.10 07:36:05 | 000,000,000 | ---D | M] -- C:\eb9df2393c2daba6cc3778ea
[2011.02.14 16:14:29 | 000,000,000 | ---D | M] -- C:\IrfanViewPortable
[2011.01.26 21:06:55 | 000,000,000 | ---D | M] -- C:\lotus
[2011.02.14 16:14:24 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011.12.30 21:17:38 | 000,000,000 | ---D | M] -- C:\OEMSettings
[2012.03.27 06:32:28 | 000,000,000 | ---D | M] -- C:\Office-Daten
[2009.07.14 04:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.03.30 17:33:30 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.01.26 17:55:52 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.01.24 12:12:19 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.01.24 12:12:19 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.03.30 17:30:25 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.08.03 19:36:05 | 000,000,000 | ---D | M] -- C:\Temp
[2011.01.24 12:12:31 | 000,000,000 | R--D | M] -- C:\Users
[2012.03.30 17:34:06 | 000,000,000 | ---D | M] -- C:\Windows
[2011.07.04 18:00:32 | 000,000,000 | ---D | M] -- C:\{BFFABDB7-DE96-4467-9C57-1BFDA39C34AF}
< %PROGRAMFILES%\*.exe >
[2009.01.12 03:52:00 | 000,354,304 | ---- | M] ((C) Michael Schiel) -- C:\Program Files\traybackup.exe
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: IASTORV.SYS >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: USER32.DLL >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %USERPROFILE%\*.* >
[2011.09.20 19:50:33 | 000,000,843 | ---- | M] () -- C:\Users\anonfool\.recently-used.xbel
[2011.03.17 18:19:27 | 000,736,085 | ---- | M] () -- C:\Users\anonfool\1er M Coupe.pdf
[2011.03.21 22:01:25 | 000,271,081 | ---- | M] () -- C:\Users\anonfool\335i.pdf
[2011.03.21 06:42:06 | 000,462,660 | ---- | M] () -- C:\Users\anonfool\335i_Cabrio_Leder.pdf
[2011.03.21 21:49:59 | 001,128,228 | ---- | M] () -- C:\Users\anonfool\335i_Cabrio_Leder_19.pdf
[2011.01.24 20:42:03 | 000,001,024 | ---- | M] () -- C:\Users\anonfool\338DA18A784655B7.dvbvkey
[2011.04.20 17:48:26 | 000,004,093 | ---- | M] () -- C:\Users\anonfool\Abreschviller-Abreschviller.csv
[2011.08.07 11:18:03 | 000,036,331 | ---- | M] () -- C:\Users\anonfool\ACER3820.jpg
[2011.08.15 09:14:21 | 000,077,824 | ---- | M] () -- C:\Users\anonfool\Andrea_plan.xls
[2011.03.22 07:15:13 | 000,055,793 | ---- | M] () -- C:\Users\anonfool\Angebot 112956 Modell BMW 335i Cabrio_Euler.pdf
[2011.03.21 21:23:24 | 000,068,067 | ---- | M] () -- C:\Users\anonfool\Angebot 335i-Cabrio.pdf
[2011.03.27 16:22:37 | 001,128,237 | ---- | M] () -- C:\Users\anonfool\Angebot 335i-Cabrio_Stand270311.pdf
[2011.03.20 20:34:01 | 000,108,428 | ---- | M] () -- C:\Users\anonfool\BMW 3er 335i Cabrio - Ihre Anfrage im Überblick2.pdf
[2011.03.20 20:34:52 | 000,138,170 | ---- | M] () -- C:\Users\anonfool\BMW Z4 sDrive35is - Bitte wählen Sie die gewünschten Servicekomponenten.pdf
[2011.08.15 09:21:44 | 000,003,358 | ---- | M] () -- C:\Users\anonfool\Bous-Sankt Wendel.csv
[2011.08.15 09:20:33 | 000,008,021 | ---- | M] () -- C:\Users\anonfool\Bous-Sankt Wendel.tef
[2011.08.15 09:31:35 | 000,002,799 | ---- | M] () -- C:\Users\anonfool\Bous-Sankt Wendel_Niederkirchen im Ostertal.csv
[2011.03.02 16:02:42 | 000,027,587 | ---- | M] () -- C:\Users\anonfool\breitsamer0001.pdf
[2011.03.21 21:45:43 | 003,385,753 | ---- | M] () -- C:\Users\anonfool\Brief Z4.pdf
[2012.03.30 18:24:26 | 000,000,176 | ---- | M] () -- C:\Users\anonfool\defogger_reenable
[2011.03.26 08:03:55 | 000,304,812 | ---- | M] () -- C:\Users\anonfool\Dokument1.pdf
[2011.03.18 16:50:54 | 000,032,801 | ---- | M] () -- C:\Users\anonfool\Einwilligungserklaerung_Angebot_NL_12-2009.pdf
[2011.03.11 12:02:25 | 000,081,266 | ---- | M] () -- C:\Users\anonfool\jaguarxfpdf.pdf
[2011.04.02 19:53:06 | 000,041,675 | ---- | M] () -- C:\Users\anonfool\Kaufvertrag_Z4_35i.pdf
[2011.03.17 06:15:57 | 000,074,447 | ---- | M] () -- C:\Users\anonfool\Mailpasswörter.jpg
[2012.03.30 20:49:04 | 003,145,728 | -HS- | M] () -- C:\Users\anonfool\ntuser.dat
[2012.03.30 20:49:04 | 000,262,144 | -HS- | M] () -- C:\Users\anonfool\ntuser.dat.LOG1
[2011.01.24 12:12:33 | 000,000,000 | -HS- | M] () -- C:\Users\anonfool\ntuser.dat.LOG2
[2011.09.04 21:11:05 | 000,065,536 | -HS- | M] () -- C:\Users\anonfool\ntuser.dat{2f482de9-d6ec-11e0-9e55-0022b06045b8}.TM.blf
[2011.09.04 21:11:05 | 000,524,288 | -HS- | M] () -- C:\Users\anonfool\ntuser.dat{2f482de9-d6ec-11e0-9e55-0022b06045b8}.TMContainer00000000000000000001.regtrans-ms
[2011.09.04 21:11:05 | 000,524,288 | -HS- | M] () -- C:\Users\anonfool\ntuser.dat{2f482de9-d6ec-11e0-9e55-0022b06045b8}.TMContainer00000000000000000002.regtrans-ms
[2011.01.24 15:11:12 | 000,065,536 | -HS- | M] () -- C:\Users\anonfool\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2011.01.24 15:11:12 | 000,524,288 | -HS- | M] () -- C:\Users\anonfool\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2011.01.24 15:11:12 | 000,524,288 | -HS- | M] () -- C:\Users\anonfool\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2011.01.24 12:12:33 | 000,000,020 | -HS- | M] () -- C:\Users\anonfool\ntuser.ini
[2011.03.30 04:10:01 | 000,086,059 | ---- | M] () -- C:\Users\anonfool\Schwackebewertung35i.pdf
[2011.08.15 11:00:49 | 000,279,040 | -HS- | M] () -- C:\Users\anonfool\Thumbs.db
[2011.03.13 12:30:46 | 000,050,462 | ---- | M] () -- C:\Users\anonfool\todotxt_notes.pdf
[2011.03.08 19:09:48 | 002,720,264 | ---- | M] () -- C:\Users\anonfool\Z4_35i.pdf
[2011.03.14 19:41:49 | 001,074,218 | ---- | M] () -- C:\Users\anonfool\z4_35is.pdf
[2011.05.31 13:16:22 | 000,095,764 | ---- | M] () -- C:\Users\anonfool\Überweisung Polsterservice.pdf
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 189 bytes -> C:\ProgramData\TEMP:0A8E2C33
< End of report >
Extras.Txt Code:
OTL Extras logfile created on: 30.03.2012 20:51:05 - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\anonfool\Downloads\malware
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,87 Gb Available Physical Memory | 88,25% Memory free
6,50 Gb Paging File | 6,14 Gb Available in Paging File | 94,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 119,14 Gb Total Space | 41,30 Gb Free Space | 34,66% Space Free | Partition Type: NTFS
Drive D: | 120,00 Gb Total Space | 41,89 Gb Free Space | 34,91% Space Free | Partition Type: NTFS
Drive E: | 118,08 Gb Total Space | 10,46 Gb Free Space | 8,86% Space Free | Partition Type: NTFS
Drive Z: | 60,00 Gb Total Space | 1,28 Gb Free Space | 2,13% Space Free | Partition Type: NTFS
Computer Name: anonfool-PC | User Name: anonfool | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{23170F69-40C1-2701-0920-000001000000}" = 7-Zip 9.20
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{31a52f2e-32e8-4c8f-9d99-6fd0c37c99ef}" = Gigaset QuickSync
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39AF5C9F-9673-438F-BBF9-47690B989F7F}" = QuickSteuer 2012
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B52E7BC-28A6-F68C-A12F-BC7581BE344C}" = ATI Catalyst Install Manager
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5144CB05-69D8-03DD-9D9A-ECDAEEA93826}" = AMD Drag and Drop Transcoding
"{536D6172-7453-7569-7465-392E37300407}" = Lotus SmartSuite - Deutsch
"{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{60D32CDC-E3BE-4578-BA10-29322307CDDC}" = Logitech Gaming Software 5.10
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB57823-3580-4CE0-9CF0-072E2A39460C}" = Catalyst Control Center - Branding
"{6E9B216E-1D8F-06AB-FE30-FA19AC530F75}" = ccc-utility
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7675C2B8-A4FC-F01D-B0EA-7F251E36D2F0}" = ccc-core-static
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{776F7D39-5704-DBBF-CAFE-8826F98462F3}" = Catalyst Control Center InstallProxy
"{782AE8DA-30DA-44bd-BA9A-9F23B8A4AC79}" = pdfforge Toolbar v5.1
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.8.0
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84000886-8F44-97F4-69CF-5C90D441E2BC}" = Catalyst Control Center Graphics Previews Common
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Search-Results Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}" = Ipswitch WS_FTP 12
"{B0464744-7F9E-BC45-0398-ED28CFADCEDF}" = CCC Help English
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B808FD6B-3C3A-450A-83EB-E2DAD602E433}" = Rad.RoutenPlaner.7.0
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1" = BMW M3 Challenge
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DFB92E80-F614-8710-37BD-E5091D241B90}" = WMV9/VC-1 Video Playback
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3CDAAD3-F806-4F2A-BACF-487AD2E5B3EB}" = QuickSteuer 2011
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5FA48FC-9702-4A4A-AFCB-800007E60938}" = Audials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F30F4040-D69D-4055-81AD-D08BF8138FD0}_is1" = DVBViewer Recording Properties
"{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"AnvSoft Photo Flash Maker Free" = AnvSoft Photo Flash Maker Free 5.39
"AnvSoft Photo Flash Maker Professional" = AnvSoft Photo Flash Maker Professional 5.39
"APU" = CANON iMAGE GATEWAY Album Plugin Utility
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode)
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"conduitEngine" = Conduit Engine
"CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only)
"DAEMON Tools Lite" = DAEMON Tools Lite
"DED9B6BE-2B04-4799-A88F-8BBF4D114AAF_is1" = TBBackup 2 (Freiversion)
"DVBViewer Pro_is1" = DVBViewer Pro
"EOS Utility" = Canon Utilities EOS Utility
"EPSON Printer and Utilities" = EPSON Printer Software
"FILEminimizer Pictures_is1" = FILEminimizer Pictures
"Flash-Creator 1" = Flash-Creator 1
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 2.2
"Freeware.de Toolbar" = Freeware.de Toolbar
"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"Google Calendar Sync" = Google Calendar Sync
"Google Chrome" = Google Chrome
"HaaliMkx" = Haali Media Splitter
"Hactronic_is1" = Hactronic 2.3
"InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}" = NETGEAR WG111v3 wireless USB 2.0 adapter
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"IrfanView" = IrfanView (remove only)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Mozilla Thunderbird 11.0.1 (x86 de)" = Mozilla Thunderbird 11.0.1 (x86 de)
"MyCamera" = Canon Utilities MyCamera
"OpenAL" = OpenAL
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Pidgin" = Pidgin
"Race On_is1" = Race On
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"sp6" = Logitech SetPoint 6.20
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinSplit Revolution" = WinSplit Revolution (v11.04)
"X10Hardware" = X10 Hardware(TM)
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 08.01.2012 06:30:50 | Computer Name = anonfool-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: SJelite3Launch.exe, Version: 0.0.0.0,
Zeitstempel: 0x4ab361a0 Name des fehlerhaften Moduls: JMUsbDll.dll, Version: 1.0.8.3,
Zeitstempel: 0x483a335e Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000ad5f ID des fehlerhaften
Prozesses: 0x974 Startzeit der fehlerhaften Anwendung: 0x01cccdd1ab8562ea Pfad der
fehlerhaften Anwendung: C:\Users\anonfool\AppData\Roaming\Transcend\SJelite3\SJelite3Launch.exe
Pfad
des fehlerhaften Moduls: C:\Users\anonfool\AppData\Roaming\Transcend\SJelite3\JMUsbDll.dll
Berichtskennung:
d4eaa776-39e3-11e1-9908-0017316a289a
Error - 08.01.2012 06:37:24 | Computer Name = anonfool-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 08.01.2012 06:37:24 | Computer Name = anonfool-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators
in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge
ist "8333". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch
formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die
letzten gültigen Indexwerte enthalten.
Error - 08.01.2012 08:07:06 | Computer Name = anonfool-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 08.01.2012 08:07:06 | Computer Name = anonfool-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators
in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge
ist "8333". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch
formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die
letzten gültigen Indexwerte enthalten.
Error - 08.01.2012 11:40:22 | Computer Name = anonfool-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: SJelite3Launch.exe, Version: 0.0.0.0,
Zeitstempel: 0x4ab361a0 Name des fehlerhaften Moduls: JMUsbDll.dll, Version: 1.0.8.3,
Zeitstempel: 0x483a335e Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000ad5f ID des fehlerhaften
Prozesses: 0x9e4 Startzeit der fehlerhaften Anwendung: 0x01cccdfd31f9e082 Pfad der
fehlerhaften Anwendung: C:\Users\anonfool\AppData\Roaming\Transcend\SJelite3\SJelite3Launch.exe
Pfad
des fehlerhaften Moduls: C:\Users\anonfool\AppData\Roaming\Transcend\SJelite3\JMUsbDll.dll
Berichtskennung:
12ffeb64-3a0f-11e1-b746-0017316a289a
Error - 08.01.2012 14:00:01 | Computer Name = anonfool-PC | Source = Windows Backup | ID = 4103
Description =
Error - 08.01.2012 14:38:46 | Computer Name = anonfool-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 16.0.912.75,
Zeitstempel: 0x4f054b76 Name des fehlerhaften Moduls: npSkypeChromePlugin.dll, Version:
5.6.0.8442, Zeitstempel: 0x4e92c077 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002a8d7
ID
des fehlerhaften Prozesses: 0xa38 Startzeit der fehlerhaften Anwendung: 0x01ccce34a9723727
Pfad
der fehlerhaften Anwendung: C:\Program Files\Google\Chrome\Application\chrome.exe
Pfad
des fehlerhaften Moduls: C:\Users\anonfool\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
Berichtskennung:
ff316f5a-3a27-11e1-b746-0017316a289a
Error - 08.01.2012 23:59:09 | Computer Name = anonfool-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error - 08.01.2012 23:59:09 | Computer Name = anonfool-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = Der Textzeichenfolgenwert zur Beschreibung des Leistungsindikators
in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge
ist "8333". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch
formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die
letzten gültigen Indexwerte enthalten.
[ Media Center Events ]
Error - 20.03.2012 12:09:16 | Computer Name = anonfool-PC | Source = MCUpdate | ID = 0
Description = 17:09:16 - Fehler beim Herstellen der Internetverbindung. 17:09:16
- Serververbindung konnte nicht hergestellt werden..
Error - 20.03.2012 12:09:25 | Computer Name = anonfool-PC | Source = MCUpdate | ID = 0
Description = 17:09:21 - Fehler beim Herstellen der Internetverbindung. 17:09:22
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 30.03.2012 14:50:04 | Computer Name = anonfool-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 30.03.2012 14:50:04 | Computer Name = anonfool-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 30.03.2012 14:50:27 | Computer Name = anonfool-PC | Source = DCOM | ID = 10005
Description =
Error - 30.03.2012 14:50:27 | Computer Name = anonfool-PC | Source = DCOM | ID = 10005
Description =
Error - 30.03.2012 14:52:12 | Computer Name = anonfool-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 30.03.2012 14:52:12 | Computer Name = anonfool-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 30.03.2012 14:52:12 | Computer Name = anonfool-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 30.03.2012 14:57:12 | Computer Name = anonfool-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 30.03.2012 14:57:12 | Computer Name = anonfool-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 30.03.2012 14:57:12 | Computer Name = anonfool-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
< End of report >
|
