Hohe-Berge | 15.07.2012 11:32 | Servus Arne :-)
vielen Dank, dass du dich meinem Fall angenommen hast!
Mit der OTLPENet.exe hat es geklappt, wobei sie sich sogar selbst gleich brennt (ISOBurner war also nicht nötig - nur als Info für dich).
Bei Scann mit OTLPE und den Ergebnis gab/gibt es folgende Besonderheiten (nur zur Info): - folgendes habe ich nicht verstanden und ignoriert: "Hinweis: Damit OTLPE auch das richtige installierte Windows scant, musst du den Windows-Ordner des auf der Platte installierten Windows auswählen, einfach nur C: auswählen gibt einen Fehler!"
- da wo man den Haken an der Box "Automatically Load All Remaining Users" macht (habe ich auch darauf geachtet, war schon detault), konnte man verschiedene Profile auswählen. Ich habe mein normales Account (***) angeklickt und nicht Administrator.
- ansonsten alle Default-Einstellungen verwendet.
- Wichtig: ich habe die Datei Extras.txt nicht gefunden (war nicht dort unter C: wo die OTL.txt war). Auch hat sich kein zweites Notpad-Fenster geöffnet. Im Folgenden also nur die OTL.txt.
- in der unten eingefügten OTL.txt ist der Accountname durch *** ersetzt.
- auf dem Rechner ist auch Symantec installiert. Dies lässt sich leider nicht deinstallieren sondern nur deaktivieren. Falls relevant lasse ich dir gerne weitere Infos zukommen.
OTL Logfile: Code:
OTL logfile created on: 7/15/2012 10:17:04 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,023.00 Mb Total Physical Memory | 830.00 Mb Available Physical Memory | 81.00% Memory free
907.00 Mb Paging File | 852.00 Mb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINNT | %ProgramFiles% = C:\Programme
Drive C: | 66.38 Gb Total Space | 6.01 Gb Free Space | 9.06% Space Free | Partition Type: NTFS
Drive D: | 3.00 Gb Total Space | 2.54 Gb Free Space | 84.79% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2012/03/13 06:01:14 | 001,609,208 | ---- | M] (G Data Software AG) [Auto] -- C:\Programme\G Data\TotalProtection\AVKBackup\AVKBackupService.exe -- (GDBackupSvc)
SRV - [2012/03/09 10:31:26 | 000,306,184 | ---- | M] (G Data Software) [Auto] -- C:\Programme\G Data\TotalProtection\TSNxG\TSNxGService.exe -- (TSNxGService)
SRV - [2012/03/08 06:59:20 | 001,218,040 | ---- | M] (G Data Software AG) [On_Demand] -- C:\Programme\G Data\TotalProtection\AVKTuner\AVKTunerService.exe -- (GDTunerSvc)
SRV - [2012/02/02 06:21:36 | 001,524,728 | ---- | M] (G Data Software AG) [Auto] -- C:\Programme\Gemeinsame Dateien\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2012/01/27 09:01:06 | 000,471,048 | ---- | M] (G Data Software AG) [On_Demand] -- C:\Programme\Gemeinsame Dateien\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2012/01/26 23:06:50 | 001,898,728 | ---- | M] (G Data Software AG) [On_Demand] -- C:\Programme\G Data\TotalProtection\Firewall\GDFwSvc.exe -- (GDFwSvc)
SRV - [2012/01/26 23:00:38 | 001,580,464 | ---- | M] (G Data Software AG) [Auto] -- C:\Programme\G Data\TotalProtection\AVK\AVKWCtl.exe -- (AVKWCtl)
SRV - [2012/01/26 22:43:34 | 000,468,472 | ---- | M] (G Data Software AG) [Auto] -- C:\Programme\G Data\TotalProtection\AVK\AVKService.exe -- (AVKService)
SRV - [2010/05/08 07:48:36 | 000,229,376 | ---- | M] () [Auto] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2009/06/02 05:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/04/20 11:10:06 | 000,070,144 | ---- | M] () [Auto] -- C:\Programme\RSMGMT\APPS\RsSubst\SubstSrv.exe -- (Substitude Service)
SRV - [2008/10/24 10:35:44 | 000,128,296 | ---- | M] () [Auto] -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008/09/30 11:41:08 | 000,116,664 | ---- | M] (symantec) [On_Demand] -- C:\Programme\Symantec Client Security\Symantec AntiVirus\SavRoam.exe -- (SavRoam)
SRV - [2008/09/30 11:41:04 | 001,956,792 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programme\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2008/09/30 11:40:56 | 000,031,160 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programme\Symantec Client Security\Symantec AntiVirus\DefWatch.exe -- (DefWatch)
SRV - [2008/09/30 08:37:50 | 000,173,432 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programme\Symantec Client Security\Symantec Client Firewall\SymSPort.exe -- (SymSecurePort)
SRV - [2008/09/30 08:37:18 | 000,087,416 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programme\Symantec Client Security\Symantec Client Firewall\ISSVC.exe -- (ISSVC)
SRV - [2008/08/20 09:50:30 | 000,214,408 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2008/06/24 12:17:38 | 000,202,088 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe -- (ccProxy)
SRV - [2008/06/24 12:17:38 | 000,169,320 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2008/06/24 12:17:36 | 000,191,848 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2008/02/01 14:01:10 | 000,143,360 | ---- | M] (Global Graphics Software Ltd.) [Auto] -- C:\WINNT\system32\PDFCreatorMessages.exe -- (PDFCreatorMessages)
SRV - [2007/07/26 13:25:20 | 001,181,016 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2007/06/27 13:04:00 | 000,279,848 | ---- | M] (Nero AG) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2004/01/05 05:47:48 | 000,065,795 | R--- | M] (HP) [On_Demand] -- C:\WINNT\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/06/19 18:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (GLogin)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2012/05/25 05:03:17 | 000,103,928 | ---- | M] (G Data Software) [Kernel | Boot] -- C:\WINNT\system32\drivers\TS4nt.sys -- (TS4NT)
DRV - [2012/05/25 05:02:24 | 000,030,200 | ---- | M] (G Data Software AG) [Kernel | Boot] -- C:\WINNT\system32\drivers\GDNdisIc.sys -- (GDNdisIc)
DRV - [2012/05/25 05:02:23 | 000,052,728 | ---- | M] (G Data Software AG) [Kernel | Auto] -- C:\WINNT\system32\drivers\GDTdiIcpt.sys -- (GDTdiInterceptor)
DRV - [2012/05/25 05:02:18 | 000,046,840 | ---- | M] (G Data Software AG) [Kernel | System] -- C:\WINNT\system32\drivers\HookCentre.sys -- (HookCentre)
DRV - [2012/05/25 05:02:16 | 000,090,744 | ---- | M] (G Data Software AG) [Kernel | System] -- C:\WINNT\system32\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV - [2012/05/25 05:02:15 | 000,041,848 | ---- | M] (G Data Software AG) [Kernel | Boot] -- C:\WINNT\system32\drivers\GDBehave.sys -- (GDBehave)
DRV - [2010/10/18 02:14:40 | 001,371,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\VirusDefs\20101027.007\navex15.sys -- (NAVEX15)
DRV - [2010/10/18 02:14:40 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/10/18 02:14:40 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/10/18 02:14:40 | 000,086,064 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\VirusDefs\20101027.007\naveng.sys -- (NAVENG)
DRV - [2010/09/15 12:07:10 | 000,270,712 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SymcData\scfidsdefs\20101019.002\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2010/04/09 09:24:12 | 000,063,616 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010/03/25 04:08:30 | 000,105,728 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2010/03/20 05:56:04 | 000,101,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2010/03/20 04:28:00 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009/06/16 05:38:37 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2008/08/26 05:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/20 09:50:02 | 000,188,808 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINNT\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2008/08/20 09:49:56 | 000,023,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINNT\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2008/08/20 09:49:52 | 000,031,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINNT\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2008/08/20 09:49:46 | 000,028,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINNT\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2008/08/20 09:49:42 | 000,099,208 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINNT\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2008/08/20 09:49:38 | 000,012,680 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINNT\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2008/05/28 05:31:24 | 000,337,280 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Programme\Symantec Client Security\Symantec AntiVirus\savrt.sys -- (SAVRT)
DRV - [2008/05/28 05:31:24 | 000,054,656 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Programme\Symantec Client Security\Symantec AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2007/07/26 13:25:18 | 000,400,216 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2007/04/23 09:11:54 | 000,224,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2005/08/12 10:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System] -- C:\WINNT\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/05/26 11:42:00 | 000,376,192 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/01/11 08:18:22 | 000,800,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004/09/15 14:53:12 | 000,271,704 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\STAC97.sys -- (STAC97)
DRV - [2004/09/03 07:23:38 | 000,121,472 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2004/06/17 10:57:02 | 000,200,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2004/06/17 10:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 10:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/05/03 11:26:16 | 000,080,384 | ---- | M] (Texas Instruments) [Kernel | On_Demand] -- C:\WINNT\system32\drivers\gtipci21.sys -- (GTIPCI21)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://iris.rsint.net
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://intranet.rsint.net
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = hxxp://cfg.rsint.net/proxy.pac
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINNT\system32\blank.htm
IE - HKU\***_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://intranet.rsint.net
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\***_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = hxxp://cfg.rsint.net/proxy.pac
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {906305f7-aafc-45e9-8bbd-941950a84dad}:1.1.11215.1124
FF - prefs.js..network.proxy.autoconfig_url: "hxxp://cfg.rsint.net/proxy.pac"
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 2
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINNT\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINNT\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINNT\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Mozilla Firefox\components [2011/04/15 14:05:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Mozilla Firefox\plugins [2011/01/02 07:46:53 | 000,000,000 | ---D | M]
[2010/10/28 12:38:32 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\mozilla\Extensions
[2010/10/28 12:38:32 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\mozilla\Firefox\Profiles\o9v0xl0o.default\extensions
[2012/05/25 05:02:51 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\DOKUMENTE UND EINSTELLUNGEN\***\LOKALE EINSTELLUNGEN\ANWENDUNGSDATEN\MOZILLA FIREFOX\EXTENSIONS\{906305F7-AAFC-45E9-8BBD-941950A84DAD}
O1 HOSTS File: ([2001/08/23 09:00:00 | 000,000,820 | ---- | M]) - C:\WINNT\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Programme\Gemeinsame Dateien\G Data\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (PrivBar) - {300BC64A-BF32-4cc8-8917-91148CEFE700} - C:\Programme\Internet Explorer\privbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O3 - HKU\***_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINNT\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [ccApp] C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CopyTo_Launcher] C:\Programme\Copyto\CopyTo_launcher.EXE ()
O4 - HKLM..\Run: [Dell QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [FinePrint Dispatcher v5] C:\WINNT\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe (FinePrint Software, LLC)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Programme\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [HP Software Update] C:\Programme\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IE_SETTINGS_RS] C:\Programme\RSMGMT\Setup\Internet Explorer\IE_UserSettings.EXE ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PDFCreatorClient] C:\Programme\Jaws PDF Desktop Suite\Jaws PDF Creator\PDFClient.exe (Global Graphics Software Ltd.)
O4 - HKLM..\Run: [TSNxG4Tray] File not found
O4 - HKLM..\Run: [vptray] C:\Programme\Symantec Client Security\Symantec AntiVirus\VPTray.exe (Symantec Corporation)
O4 - HKLM..\RunOnceEx: [Flags] Reg Error: Invalid data type. File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Hardcopy.LNK = C:\Programme\hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\NETGEAR WG111v3 Smart Wizard.lnk = C:\Programme\NETGEAR\WG111v3\WG111v3.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoMSAppLogo5ChannelNotify = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Persistence present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Security present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\Administrator_ON_C\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\Administrator_ON_C\Software\Policies\Microsoft\Internet Explorer\Persistence present
O7 - HKU\Administrator_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\Administrator_ON_C\Software\Policies\Microsoft\Internet Explorer\Security present
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Home = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: SpecifyDefaultButtons = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Fullscreen = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Tools = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Print = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Edit = 2
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Cut = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Copy = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Paste = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Encoding = 2
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Persistence present
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Security present
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Persistence present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Security present
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\***_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\***_ON_C\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\***_ON_C\Software\Policies\Microsoft\Internet Explorer\Persistence present
O7 - HKU\***_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\***_ON_C\Software\Policies\Microsoft\Internet Explorer\Security present
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Home = 1
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: SpecifyDefaultButtons = 1
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Fullscreen = 1
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Tools = 1
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Print = 1
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Edit = 2
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Cut = 1
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Copy = 1
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Paste = 1
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Encoding = 2
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 1
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
O7 - HKU\***_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Persistence present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Security present
O15 - HKU\Administrator_ON_C\..Trusted Domains: rsd.de ([caxweb01] * in Local intranet)
O15 - HKU\Administrator_ON_C\..Trusted Domains: rsint.net ([ABS03] * in Local intranet)
O15 - HKU\Administrator_ON_C\..Trusted Domains: rsint.net ([caxweb01] * in Local intranet)
O15 - HKU\Administrator_ON_C\..Trusted Domains: rsint.net ([cert-management] * in Local intranet)
O15 - HKU\Administrator_ON_C\..Trusted Domains: rsint.net ([epm] * in Local intranet)
O15 - HKU\Administrator_ON_C\..Trusted Domains: rsint.net ([epm1] * in Local intranet)
O15 - HKU\Administrator_ON_C\..Trusted Domains: rsint.net ([epm-reports] * in Local intranet)
O15 - HKU\Administrator_ON_C\..Trusted Domains: rsint.net ([it-servicedesk] * in Local intranet)
O15 - HKU\Administrator_ON_C\..Trusted Domains: rsint.net ([itsm] * in Local intranet)
O15 - HKU\Administrator_ON_C\..Trusted Domains: rsint.net ([portal] * in Local intranet)
O15 - HKU\Administrator_ON_C\..Trusted Domains: rsint.net ([wss] * in Local intranet)
O15 - HKU\***_ON_C\..Trusted Domains: rsd.de ([caxweb01] * in Lokales Intranet)
O15 - HKU\***_ON_C\..Trusted Domains: rsint.net ([ABS03] * in Lokales Intranet)
O15 - HKU\***_ON_C\..Trusted Domains: rsint.net ([caxweb01] * in Lokales Intranet)
O15 - HKU\***_ON_C\..Trusted Domains: rsint.net ([cert-management] * in Lokales Intranet)
O15 - HKU\***_ON_C\..Trusted Domains: rsint.net ([epm] * in Lokales Intranet)
O15 - HKU\***_ON_C\..Trusted Domains: rsint.net ([epm1] * in Lokales Intranet)
O15 - HKU\***_ON_C\..Trusted Domains: rsint.net ([epm-reports] * in Lokales Intranet)
O15 - HKU\***_ON_C\..Trusted Domains: rsint.net ([it-servicedesk] * in Lokales Intranet)
O15 - HKU\***_ON_C\..Trusted Domains: rsint.net ([itsm] * in Lokales Intranet)
O15 - HKU\***_ON_C\..Trusted Domains: rsint.net ([portal] * in Lokales Intranet)
O15 - HKU\***_ON_C\..Trusted Domains: rsint.net ([wss] * in Lokales Intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = rsint.net
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINNT\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINNT\system32\RS\userinit.exe) - File not found
O20 - HKLM Winlogon: UserInit - (-q) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINNT\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\NavLogon: DllName - C:\WINNT\system32\NavLogon.dll - C:\WINNT\system32\NavLogon.dll (Symantec Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/16 05:01:39 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{5c404e12-5bc7-11de-94c9-0014a508e143}\Shell - "" = AutoRun
O33 - MountPoints2\{5c404e12-5bc7-11de-94c9-0014a508e143}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5c404e12-5bc7-11de-94c9-0014a508e143}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{9f174cf4-c546-11e1-98bf-0014a508e143}\Shell - "" = AutoRun
O33 - MountPoints2\{9f174cf4-c546-11e1-98bf-0014a508e143}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9f174cf4-c546-11e1-98bf-0014a508e143}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{f1fe3cc6-ddcf-11df-9546-0014a508e143}\Shell - "" = AutoRun
O33 - MountPoints2\{f1fe3cc6-ddcf-11df-9546-0014a508e143}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{f1fe3cc6-ddcf-11df-9546-0014a508e143}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/07/11 12:25:27 | 000,000,000 | ---D | C] -- C:\bd_logs
[2012/07/11 06:52:23 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012/07/03 15:55:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mobile Partner
[2012/07/03 15:54:51 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\spmsgXP_2k3.dll
[2012/07/03 15:54:36 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\wdfcoinstaller01009.dll
[2012/07/03 15:54:36 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\WdfCoInstaller01009.dll
[2012/07/03 15:54:36 | 000,069,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINNT\System32\drivers\ew_jucdcacm.sys
[2012/07/03 15:54:36 | 000,063,616 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINNT\System32\drivers\ew_jubusenum.sys
[2012/07/03 15:54:36 | 000,046,336 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINNT\System32\drivers\ew_jucdcecm.sys
[2012/07/03 15:54:36 | 000,025,088 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINNT\System32\drivers\ew_juextctrl.sys
[2012/07/03 15:54:34 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\WINNT\System32\drivers\mod7700.sys
[2012/07/03 15:54:34 | 000,117,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINNT\System32\drivers\ewusbnet.sys
[2012/07/03 15:54:34 | 000,105,728 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINNT\System32\drivers\ewusbmdm.sys
[2012/07/03 15:54:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINNT\System32\drivers\usbccid.sys
[2012/07/03 15:54:34 | 000,024,448 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\WINNT\System32\drivers\ewdcsc.sys
[2012/07/03 15:54:34 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINNT\System32\drivers\ew_usbenumfilter.sys
[2012/07/03 15:54:31 | 000,101,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\WINNT\System32\drivers\ew_hwusbdev.sys
[2012/07/03 15:53:23 | 000,000,000 | ---D | C] -- C:\Programme\Mobile Partner
[2012/07/03 15:52:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService
[2009/06/16 05:11:03 | 000,538,624 | ---- | C] ( ) -- C:\WINNT\System32\RSsubst.exe
[1 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> ]
[1 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/07/12 03:27:02 | 000,002,048 | --S- | M] () -- C:\WINNT\bootstat.dat
[2012/07/12 03:14:05 | 000,000,040 | ---- | M] () -- C:\WINNT\System32\profile.dat
[2012/07/11 08:54:35 | 000,002,206 | ---- | M] () -- C:\WINNT\System32\wpa.dbl
[2012/07/04 06:40:58 | 000,002,519 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Excel.lnk
[2012/07/04 05:12:03 | 000,002,491 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Microsoft Word.lnk
[2012/07/03 15:55:39 | 000,000,728 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mobile Partner.lnk
[2012/07/03 15:55:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mobile Partner
[2012/07/03 15:55:16 | 000,000,000 | -H-- | M] () -- C:\WINNT\System32\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
[2012/07/03 15:55:11 | 000,000,000 | -H-- | M] () -- C:\WINNT\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/06/29 11:58:11 | 000,694,417 | ---- | M] () -- C:\WINNT\System32\sig.bin
[2012/06/29 11:58:11 | 000,041,159 | ---- | M] () -- C:\WINNT\System32\nmp.map
[1 C:\WINNT\System32\*.tmp files -> C:\WINNT\System32\*.tmp -> ]
[1 C:\WINNT\*.tmp files -> C:\WINNT\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/07/03 15:55:39 | 000,000,728 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mobile Partner.lnk
[2012/07/03 15:55:16 | 000,000,000 | -H-- | C] () -- C:\WINNT\System32\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
[2012/07/03 15:55:11 | 000,000,000 | -H-- | C] () -- C:\WINNT\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2011/07/21 14:26:32 | 000,694,417 | ---- | C] () -- C:\WINNT\System32\sig.bin
[2011/02/07 05:07:52 | 000,000,754 | ---- | C] () -- C:\WINNT\WORDPAD.INI
[2010/11/26 04:09:18 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\$_hpcst$.hpc
[2010/11/21 07:44:37 | 000,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2010/11/21 07:08:54 | 000,038,879 | ---- | C] () -- C:\WINNT\hpomdl03.dat
[2010/11/21 07:08:54 | 000,029,142 | ---- | C] () -- C:\WINNT\hpoins03.dat
[2010/11/18 11:12:36 | 000,000,027 | ---- | C] () -- C:\WINNT\BRPP2KA.INI
[2010/11/18 11:12:35 | 000,000,425 | ---- | C] () -- C:\WINNT\BRWMARK.INI
[2010/11/18 05:49:27 | 000,008,238 | ---- | C] () -- C:\WINNT\mozver.dat
[2010/10/29 03:15:38 | 000,000,335 | ---- | C] () -- C:\WINNT\nsreg.dat
[2010/10/28 12:45:24 | 000,033,749 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LUUnInstall.LiveUpdate
[2009/09/27 04:40:10 | 000,565,248 | R--- | C] () -- C:\WINNT\System32\hpotscl.dll
[2009/08/12 13:38:21 | 000,007,680 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/12 13:36:49 | 000,000,069 | ---- | C] () -- C:\WINNT\NeroDigital.ini
[2009/06/16 14:47:07 | 000,459,396 | ---- | C] () -- C:\WINNT\System32\perfh007.dat
[2009/06/16 14:47:07 | 000,269,480 | ---- | C] () -- C:\WINNT\System32\perfi007.dat
[2009/06/16 14:47:07 | 000,084,722 | ---- | C] () -- C:\WINNT\System32\perfc007.dat
[2009/06/16 14:47:07 | 000,034,478 | ---- | C] () -- C:\WINNT\System32\perfd007.dat
[2009/06/16 14:46:41 | 000,004,569 | ---- | C] () -- C:\WINNT\System32\secupd.dat
[2009/06/16 14:46:35 | 000,441,458 | ---- | C] () -- C:\WINNT\System32\perfh009.dat
[2009/06/16 14:46:35 | 000,272,128 | ---- | C] () -- C:\WINNT\System32\perfi009.dat
[2009/06/16 14:46:35 | 000,071,394 | ---- | C] () -- C:\WINNT\System32\perfc009.dat
[2009/06/16 14:46:35 | 000,028,626 | ---- | C] () -- C:\WINNT\System32\perfd009.dat
[2009/06/16 14:46:34 | 000,004,463 | ---- | C] () -- C:\WINNT\System32\oembios.dat
[2009/06/16 14:46:32 | 013,107,200 | ---- | C] () -- C:\WINNT\System32\oembios.bin
[2009/06/16 14:46:30 | 000,000,741 | ---- | C] () -- C:\WINNT\System32\noise.dat
[2009/06/16 14:46:22 | 000,673,088 | ---- | C] () -- C:\WINNT\System32\mlang.dat
[2009/06/16 14:46:21 | 000,046,258 | ---- | C] () -- C:\WINNT\System32\mib.bin
[2009/06/16 14:46:06 | 000,218,003 | ---- | C] () -- C:\WINNT\System32\dssec.dat
[2009/06/16 14:45:55 | 000,001,804 | ---- | C] () -- C:\WINNT\System32\Dcache.bin
[2009/06/16 14:45:29 | 000,192,512 | ---- | C] () -- C:\WINNT\System32\stac97co.dll
[2009/06/16 08:04:54 | 000,000,000 | ---- | C] () -- C:\WINNT\vpc32.INI
[2009/06/16 06:58:14 | 000,001,702 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Umwandeln zu PDF.lnk
[2009/06/16 06:58:07 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\C
[2009/06/16 06:57:49 | 000,466,944 | ---- | C] () -- C:\WINNT\System32\EventConsumer.dll
[2009/06/16 06:57:49 | 000,282,624 | ---- | C] () -- C:\WINNT\System32\niknakXML.dll
[2009/06/16 06:57:49 | 000,135,168 | ---- | C] () -- C:\WINNT\System32\expat.dll
[2009/06/16 06:57:34 | 000,028,672 | ---- | C] () -- C:\WINNT\System32\JAWSMacroUtils.dll
[2009/06/16 06:57:34 | 000,024,576 | ---- | C] () -- C:\WINNT\System32\PDFMacroUtils.dll
[2009/06/16 06:56:13 | 000,000,394 | ---- | C] () -- C:\WINNT\ODBC.INI
[2009/06/16 06:46:40 | 000,000,559 | ---- | C] () -- C:\WINNT\hardcopy.ini
[2009/06/16 05:52:11 | 000,004,073 | ---- | C] () -- C:\WINNT\ODBCINST.INI
[2009/06/16 05:51:15 | 000,138,056 | ---- | C] () -- C:\WINNT\System32\FNTCACHE.DAT
[2009/06/16 05:48:48 | 000,009,368 | RHS- | C] () -- C:\Dokumente und Einstellungen\***\ntuser.pol
[2009/06/16 05:42:18 | 000,000,040 | ---- | C] () -- C:\WINNT\System32\profile.dat
[2009/06/16 05:12:08 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/06/16 05:04:12 | 000,002,048 | --S- | C] () -- C:\WINNT\bootstat.dat
[2009/06/16 04:58:58 | 000,021,740 | ---- | C] () -- C:\WINNT\System32\emptyregdb.dat
[2007/05/02 12:43:30 | 000,143,360 | ---- | C] () -- C:\WINNT\System32\bioapi_mds300.dll
[2007/05/02 12:43:30 | 000,106,496 | ---- | C] () -- C:\WINNT\System32\bioapi100.dll
========== LOP Check ==========
[2011/10/08 10:04:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\elsterformular
[2012/06/29 11:49:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\FileZilla
[2011/10/30 15:28:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\flightgear.org
[2011/10/30 15:24:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\fltk.org
[2011/03/21 14:46:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\fotobuch.de AG
[2009/06/16 07:40:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\JAM Software
[2009/11/22 06:47:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Nokia
[2009/11/22 06:47:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\PC Suite
[2011/10/30 15:26:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Subversion
[2011/05/09 03:44:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AAV
[2009/06/16 06:41:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ConeXware
[2012/07/03 15:55:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DatacardService
[2011/08/11 06:01:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\digiSeal reader
[2012/05/10 15:39:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2011/03/21 14:46:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fotobuch.de AG
[2012/05/25 05:19:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2012/05/25 05:00:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA Software
[2009/11/22 06:44:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2009/11/22 06:47:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
========== Purity Check ==========
< End of report > Dann warte ich hoffend auf weitere Infos von dir :-)
Viele Grüße & Danke
Ulrich
--- --- --- |