und den OTL hab ich gerade auch nochma drüber gejagt. Code:
OTL logfile created on: 29.04.2010 07:53:24 - Run 3
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Users\mts\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223,92 Gb Total Space | 21,08 Gb Free Space | 9,42% Space Free | Partition Type: NTFS
Drive D: | 8,96 Gb Total Space | 1,64 Gb Free Space | 18,33% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 952,19 Mb Total Space | 944,27 Mb Free Space | 99,17% Space Free | Partition Type: FAT
I: Drive not present or media not loaded
Computer Name: MTS-PC
Current User Name: mts
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\mts\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\stacsv.exe (IDT, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Windows\System32\hasplms.exe (Aladdin Knowledge Systems Ltd.)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe (ANSYS, Inc.)
PRC - C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_monitor.exe ()
PRC - C:\Windows\SMINST\BLService.exe ()
PRC - C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansyslmd.exe ()
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
PRC - C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\lmgrd.exe (Macrovision Corporation)
PRC - C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe (UASSOFT.COM)
PRC - C:\Program Files\Trust\Trust R-Series Mouse\KMCONFIG.exe (UASSOFT.COM)
PRC - C:\Program Files\Trust\Trust R-Series Mouse\KMProcess.exe (UASSOFT.COM)
PRC - C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe (UASSOFT.COM)
========== Modules (SafeList) ==========
MOD - C:\Users\mts\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (NMSAccess) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\stacsv.exe (IDT, Inc.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (hasplms) -- C:\Windows\System32\hasplms.exe (Aladdin Knowledge Systems Ltd.)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (ANSYS, Inc. License Manager) -- C:\Program Files\ANSYS Inc\Shared Files\Licensing\win32\ansysli_server.exe (ANSYS, Inc.)
SRV - (Recovery Service for Windows) -- C:\Windows\SMINST\BLService.exe ()
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (KMWDSERVICE) -- C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe (UASSOFT.COM)
SRV - (SentinelProtectionServer) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc)
SRV - (SentinelKeysServer) -- C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.)
SRV - (MSC.Licensing 10.8) -- C:\Program Files\MSC NASTRAN\lmgrd.exe (Macrovision Corporation)
SRV - (WebDriveService) -- C:\Program Files\NetDrive\wdService.exe ()
========== Driver Services (SafeList) ==========
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (VClone) -- C:\Windows\System32\drivers\VClone.sys (Elaborate Bytes AG)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (hardlock) -- C:\Windows\System32\drivers\hardlock.sys (Aladdin Knowledge Systems Ltd.)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (aksfridge) -- C:\Windows\System32\drivers\aksfridge.sys (Aladdin Knowledge Systems Ltd.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.)
DRV - (hpdskflt) -- C:\Windows\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Corporation)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (HpqRemHid) -- C:\Windows\System32\drivers\HpqRemHid.sys (Hewlett-Packard Development Company, L.P.)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (Sentinel) -- C:\Windows\System32\Drivers\SENTINEL.SYS (SafeNet, Inc.)
DRV - (RBC9SpaceNavigator) -- C:\Windows\System32\drivers\RBC9-SpaceNav.sys ([RBC9-X11])
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm60x32.sys (NVIDIA Corporation)
DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (NSNDIS5) -- C:\Windows\System32\nsndis5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (RFNP32) -- C:\Windows\System32\RFNP32.dll (River Front Software)
DRV - (WebDriveFSD) -- C:\Program Files\NetDrive\rffsd.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.mini20.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ftp=127.0.0.1:4001;http=127.0.0.1:4001;https=127.0.0.1:4001;socks=127.0.0.1:4001
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.search.selectedEngine: "Google (Language: DE)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://olympia.zdf.de/ZDFsport/inhalt/15/0,5676,8033519,00.html"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.3
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2a}:1.3.8
FF - prefs.js..extensions.enabledItems: {ec268e28-22c6-4a6c-ac22-635cabee283c}:1.0.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.2
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=971163&p="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.03 11:15:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.28 22:13:55 | 000,000,000 | ---D | M]
[2009.02.21 15:32:39 | 000,000,000 | ---D | M] -- C:\Users\mts\AppData\Roaming\mozilla\Extensions
[2010.04.28 15:46:31 | 000,000,000 | ---D | M] -- C:\Users\mts\AppData\Roaming\mozilla\Firefox\Profiles\0pcufrrk.default\extensions
[2010.04.03 19:30:01 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\mts\AppData\Roaming\mozilla\Firefox\Profiles\0pcufrrk.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2009.09.02 20:00:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\mts\AppData\Roaming\mozilla\Firefox\Profiles\0pcufrrk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.02.22 15:54:08 | 000,000,000 | ---D | M] (Linkification) -- C:\Users\mts\AppData\Roaming\mozilla\Firefox\Profiles\0pcufrrk.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
[2010.04.03 19:30:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\mts\AppData\Roaming\mozilla\Firefox\Profiles\0pcufrrk.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.01.07 16:33:31 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\mts\AppData\Roaming\mozilla\Firefox\Profiles\0pcufrrk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.02.22 15:54:08 | 000,000,000 | ---D | M] (Plain Text Links) -- C:\Users\mts\AppData\Roaming\mozilla\Firefox\Profiles\0pcufrrk.default\extensions\{ec268e28-22c6-4a6c-ac22-635cabee283c}
[2010.03.22 12:55:16 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\mts\AppData\Roaming\mozilla\Firefox\Profiles\0pcufrrk.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010.03.26 12:50:54 | 000,001,820 | ---- | M] () -- C:\Users\mts\AppData\Roaming\Mozilla\FireFox\Profiles\0pcufrrk.default\searchplugins\bing.xml
[2009.11.16 00:05:38 | 000,001,805 | ---- | M] () -- C:\Users\mts\AppData\Roaming\Mozilla\FireFox\Profiles\0pcufrrk.default\searchplugins\google-language-de.xml
[2009.11.08 15:43:35 | 000,002,108 | ---- | M] () -- C:\Users\mts\AppData\Roaming\Mozilla\FireFox\Profiles\0pcufrrk.default\searchplugins\qtl.xml
[2010.03.23 15:28:58 | 000,001,905 | ---- | M] () -- C:\Users\mts\AppData\Roaming\Mozilla\FireFox\Profiles\0pcufrrk.default\searchplugins\semager.xml
[2010.04.28 08:30:47 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.06.08 20:11:23 | 000,000,000 | ---D | M] (pdfforge Toolbar Plugin) -- C:\Program Files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[2010.04.28 08:30:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009.06.08 20:11:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\search@searchsettings.com
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.25 18:13:31 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.25 18:13:31 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.25 18:13:31 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.25 18:13:31 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.25 18:13:31 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll (GreenTree Applications, Inc.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {1ED48504-8834-11D5-AC75-0008C73FD642} file:///C:/Program%20Files/proeWildfire%203.0/i486_nt/obj/pvx_install.exe (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D6E0B119-DCF2-4CD6-8DFB-7CFF1B70F7FF} https://bis.eu.blackberry.com/html/web/client_tools/TOImport.cab (TeamOn Import Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.129.23.110 192.168.111.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.23 10:05:53 | 000,000,123 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{32a5e8a0-ad06-11de-910d-00238b0b7982}\Shell - "" = AutoRun
O33 - MountPoints2\{32a5e8a0-ad06-11de-910d-00238b0b7982}\Shell\AutoRun\command - "" = F:\Autorun.exe -- File not found
O33 - MountPoints2\{680b5944-630d-11de-ab8f-00238b0b7982}\Shell\AutoRun\command - "" = H:\APOTEKA\\\\\\BRENINA.exe -- File not found
O33 - MountPoints2\{680b5944-630d-11de-ab8f-00238b0b7982}\Shell\explore\command - "" = H:\APOTEKA\\\\\\BRENINA.exe -- File not found
O33 - MountPoints2\{680b5944-630d-11de-ab8f-00238b0b7982}\Shell\open\command - "" = H:\APOTEKA\\\\\\BRENINA.exe -- File not found
O33 - MountPoints2\{af4f3379-3ef0-11df-b683-00238b0b7982}\Shell\AutoRun\command - "" = I:\BOMBOM\dokazehehe.exe -- File not found
O33 - MountPoints2\{af4f3379-3ef0-11df-b683-00238b0b7982}\Shell\open\command - "" = I:\BOMBOM\dokazehehe.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.04.28 08:30:36 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.04.28 08:30:36 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.04.28 08:30:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.04.28 08:30:36 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.04.27 21:48:10 | 000,563,712 | ---- | C] (OldTimer Tools) -- C:\Users\mts\Desktop\OTL.exe
[2010.04.27 21:29:49 | 000,000,000 | ---D | C] -- C:\Users\mts\AppData\Roaming\Malwarebytes
[2010.04.27 21:29:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.27 21:29:36 | 000,020,824 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.27 21:29:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.04.27 21:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.04.27 21:26:37 | 000,000,000 | -HSD | C] -- C:\Users\mts\AppData\Roaming\lowsec
[2010.04.27 21:04:14 | 000,000,000 | ---D | C] -- C:\Users\mts\Desktop\USB
[2010.04.26 09:59:56 | 000,000,000 | ---D | C] -- C:\Users\mts\Desktop\10 copies linear
[2010.04.25 19:31:24 | 000,000,000 | ---D | C] -- C:\Users\mts\AppData\Roaming\Real
[2010.04.24 16:30:04 | 000,000,000 | ---D | C] -- C:\Users\mts\Desktop\Diplomarbeit 4
[2010.04.24 16:29:47 | 277,936,872 | ---- | C] (Microsoft Corporation) -- C:\Users\mts\Desktop\WindowsXP-KB835935-SP2-DEU.exe
[2010.04.14 23:45:20 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.04.14 23:45:18 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.04.14 23:45:18 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.04.14 23:45:09 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.04.14 23:45:09 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010.04.07 23:12:26 | 000,000,000 | ---D | C] -- C:\Users\mts\Desktop\Sport
[2010.04.07 23:12:15 | 000,000,000 | ---D | C] -- C:\Users\mts\Desktop\Media
[2010.04.03 00:02:58 | 000,000,000 | ---D | C] -- C:\Program Files\CD Wave
[2010.04.02 20:08:37 | 000,000,000 | ---D | C] -- C:\Users\mts\AppData\Roaming\Cycling '74
[2010.04.02 17:19:02 | 000,000,000 | ---D | C] -- C:\Users\mts\Reason
[2010.04.02 09:38:33 | 000,368,640 | ---- | C] (Propellerhead Software AB) -- C:\Windows\System32\ReWire.dll
[2010.04.02 09:38:33 | 000,233,472 | ---- | C] (Propellerhead Software AB) -- C:\Windows\System32\REX Shared Library.dll
[2010.04.02 09:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Propellerhead Software
[2010.04.02 09:33:39 | 000,000,000 | ---D | C] -- C:\Users\mts\AppData\Roaming\Propellerhead Software
[2010.04.02 09:32:53 | 000,000,000 | ---D | C] -- C:\Program Files\Propellerhead
[2010.03.31 08:30:13 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.03.31 08:30:13 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.03.31 08:30:13 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.03.31 08:30:13 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.03.31 08:30:13 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.03.31 08:30:12 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.03.31 08:30:12 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.03.31 08:30:12 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.03.31 08:30:12 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.03.31 08:30:12 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.03.31 08:30:12 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.03.31 08:30:12 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.03.31 08:30:12 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.03.31 08:30:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.03.31 08:30:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.03.30 18:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[1 C:\Users\mts\*.tmp files -> C:\Users\mts\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.04.29 07:53:49 | 001,541,724 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.29 07:53:49 | 000,664,282 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.04.29 07:53:49 | 000,625,582 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.29 07:53:49 | 000,142,622 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.04.29 07:53:49 | 000,117,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.29 07:52:08 | 003,932,160 | -HS- | M] () -- C:\Users\mts\ntuser.dat
[2010.04.29 07:50:18 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.04.29 07:50:05 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{105A9444-2BD4-4557-A359-99A7B8F4EE5B}.job
[2010.04.29 07:49:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.04.29 07:48:22 | 000,096,107 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.04.29 07:48:13 | 000,096,107 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.04.29 07:48:11 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.04.29 07:48:05 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.29 07:48:03 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.29 07:47:48 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.29 07:47:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.29 07:47:43 | 3218,296,832 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.29 01:08:10 | 000,524,288 | -HS- | M] () -- C:\Users\mts\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.04.29 01:08:10 | 000,065,536 | -HS- | M] () -- C:\Users\mts\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.04.29 01:08:01 | 004,101,365 | -H-- | M] () -- C:\Users\mts\AppData\Local\IconCache.db
[2010.04.29 01:02:43 | 000,437,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.04.28 21:21:49 | 000,002,481 | ---- | M] () -- C:\Users\mts\Desktop\Microsoft Office Visio 2007.lnk
[2010.04.28 15:17:06 | 000,474,624 | ---- | M] () -- C:\Users\mts\Documents\20100428_Aufspannplatte_1.vsd
[2010.04.28 14:51:02 | 000,000,250 | ---- | M] () -- C:\Users\mts\Documents\std.out
[2010.04.28 14:05:49 | 000,001,218 | ---- | M] () -- C:\Users\mts\Documents\pruefstand.crc
[2010.04.28 14:00:43 | 000,002,695 | ---- | M] () -- C:\Users\mts\Desktop\Microsoft Office Outlook 2007.lnk
[2010.04.28 13:03:01 | 000,097,792 | ---- | M] () -- C:\Users\mts\Documents\20100428_Bemaßung.vsd
[2010.04.28 01:03:02 | 306,252,291 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.04.27 22:24:12 | 000,000,169 | ---- | M] () -- C:\Users\mts\Documents\std.err
[2010.04.27 21:46:42 | 000,563,712 | ---- | M] (OldTimer Tools) -- C:\Users\mts\Desktop\OTL.exe
[2010.04.27 21:30:43 | 000,293,376 | ---- | M] () -- C:\Users\mts\Desktop\0gvgm5qd.exe
[2010.04.27 21:29:42 | 000,000,778 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.26 21:19:07 | 000,002,593 | ---- | M] () -- C:\Users\mts\Desktop\Microsoft Office Excel 2007.lnk
[2010.04.26 12:34:17 | 000,044,544 | ---- | M] () -- C:\Users\mts\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.26 10:10:59 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2010.04.26 10:10:59 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2010.04.25 15:14:13 | 000,002,591 | ---- | M] () -- C:\Users\mts\Desktop\Microsoft Office Word 2007.lnk
[2010.04.21 15:39:36 | 000,143,460 | ---- | M] () -- C:\Users\mts\Desktop\Termine-FEM-Pr-2010-SS.pdf
[2010.04.19 17:09:13 | 000,035,328 | ---- | M] () -- C:\Users\mts\Documents\20100419_Winkelmessung.vsd
[2010.04.19 10:03:41 | 000,220,404 | ---- | M] () -- C:\Users\mts\Documents\Systembeschreibung_3.0.pdf
[2010.04.18 19:43:08 | 000,074,935 | ---- | M] () -- C:\Users\mts\Documents\Herzliche Einladung.docx
[2010.04.17 23:50:34 | 002,666,612 | ---- | M] () -- C:\01 - - version1.wav.MP3
[2010.04.17 23:45:56 | 002,061,265 | ---- | M] () -- C:\Users\mts\Desktop\01 - - version1.ogg
[2010.04.17 15:45:53 | 000,058,880 | ---- | M] () -- C:\Users\mts\Documents\20100417_Zylinderlagerung_Var1.vsd
[2010.04.15 08:23:11 | 000,000,039 | ---- | M] () -- C:\Windows\vbaddin.ini
[2010.04.14 00:06:08 | 000,090,112 | ---- | M] () -- C:\Users\mts\Documents\20100413_Lagerungen.vsd
[2010.04.12 18:45:50 | 000,002,033 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.04.12 17:29:27 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.04.12 17:29:26 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.04.12 17:29:25 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.04.12 12:00:17 | 000,010,480 | ---- | M] () -- C:\Users\mts\Documents\20100412_Wölbkrafttorsion.docx
[2010.04.06 22:11:24 | 000,115,712 | ---- | M] () -- C:\Users\mts\Documents\homepage.pub
[2010.04.05 22:16:39 | 000,187,379 | ---- | M] () -- C:\Users\mts\Documents\Hosteurope.pdf
[2010.04.03 11:14:52 | 000,001,449 | ---- | M] () -- C:\Users\mts\AppData\Local\RecConfig.xml
[2010.04.03 11:06:39 | 037,060,652 | ---- | M] () -- C:\01 - - shesgotthatlight.wav
[2010.04.03 10:35:16 | 023,511,084 | ---- | M] () -- C:\01 - - version1.wav
[2010.04.02 17:25:10 | 002,129,964 | ---- | M] () -- C:\01 - - z6.wav
[2010.04.02 17:24:10 | 002,244,652 | ---- | M] () -- C:\01 - - z5.wav
[2010.04.02 17:22:52 | 002,359,340 | ---- | M] () -- C:\01 - - z4.wav
[2010.04.02 17:21:48 | 002,228,268 | ---- | M] () -- C:\01 - - z2.wav
[2010.04.02 17:20:52 | 002,424,876 | ---- | M] () -- C:\01 - - z1.wav
[2010.04.02 14:49:00 | 000,848,258 | ---- | M] () -- C:\Users\mts\Documents\torsion.pdf
[2010.04.02 09:38:33 | 000,368,640 | ---- | M] (Propellerhead Software AB) -- C:\Windows\System32\ReWire.dll
[2010.04.02 09:38:33 | 000,233,472 | ---- | M] (Propellerhead Software AB) -- C:\Windows\System32\REX Shared Library.dll
[2010.04.01 20:42:55 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.03.30 11:51:01 | 000,013,037 | ---- | M] () -- C:\Users\mts\Documents\20090810_Notenrechner.xlsx
[1 C:\Users\mts\*.tmp files -> C:\Users\mts\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.04.28 15:17:05 | 000,474,624 | ---- | C] () -- C:\Users\mts\Documents\20100428_Aufspannplatte_1.vsd
[2010.04.28 11:03:38 | 000,097,792 | ---- | C] () -- C:\Users\mts\Documents\20100428_Bemaßung.vsd
[2010.04.28 00:30:10 | 000,293,376 | ---- | C] () -- C:\Users\mts\Desktop\0gvgm5qd.exe
[2010.04.27 21:29:42 | 000,000,778 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.04.21 15:39:36 | 000,143,460 | ---- | C] () -- C:\Users\mts\Desktop\Termine-FEM-Pr-2010-SS.pdf
[2010.04.19 17:09:12 | 000,035,328 | ---- | C] () -- C:\Users\mts\Documents\20100419_Winkelmessung.vsd
[2010.04.19 10:03:41 | 000,220,404 | ---- | C] () -- C:\Users\mts\Documents\Systembeschreibung_3.0.pdf
[2010.04.18 18:08:33 | 000,074,935 | ---- | C] () -- C:\Users\mts\Documents\Herzliche Einladung.docx
[2010.04.17 23:50:34 | 002,666,612 | ---- | C] () -- C:\01 - - version1.wav.MP3
[2010.04.17 23:46:57 | 002,061,265 | ---- | C] () -- C:\Users\mts\Desktop\01 - - version1.ogg
[2010.04.17 15:45:52 | 000,058,880 | ---- | C] () -- C:\Users\mts\Documents\20100417_Zylinderlagerung_Var1.vsd
[2010.04.13 19:30:47 | 000,090,112 | ---- | C] () -- C:\Users\mts\Documents\20100413_Lagerungen.vsd
[2010.04.12 18:45:50 | 000,002,033 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.04.12 12:00:17 | 000,010,480 | ---- | C] () -- C:\Users\mts\Documents\20100412_Wölbkrafttorsion.docx
[2010.04.06 22:11:24 | 000,115,712 | ---- | C] () -- C:\Users\mts\Documents\homepage.pub
[2010.04.05 22:16:39 | 000,187,379 | ---- | C] () -- C:\Users\mts\Documents\Hosteurope.pdf
[2010.04.03 10:43:29 | 037,060,652 | ---- | C] () -- C:\01 - - shesgotthatlight.wav
[2010.04.03 10:29:34 | 023,511,084 | ---- | C] () -- C:\01 - - version1.wav
[2010.04.02 17:24:58 | 002,129,964 | ---- | C] () -- C:\01 - - z6.wav
[2010.04.02 17:23:19 | 002,244,652 | ---- | C] () -- C:\01 - - z5.wav
[2010.04.02 17:22:38 | 002,359,340 | ---- | C] () -- C:\01 - - z4.wav
[2010.04.02 17:21:36 | 002,228,268 | ---- | C] () -- C:\01 - - z2.wav
[2010.04.02 17:20:39 | 002,424,876 | ---- | C] () -- C:\01 - - z1.wav
[2010.04.02 14:49:00 | 000,848,258 | ---- | C] () -- C:\Users\mts\Documents\torsion.pdf
[2010.03.18 10:35:42 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010.02.06 20:09:28 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.11.23 20:13:43 | 000,137,544 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.10.21 08:52:08 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.10.07 15:26:40 | 000,020,480 | ---- | C] () -- C:\Windows\System32\maplecompat.dll
[2009.10.07 15:26:39 | 000,212,992 | ---- | C] () -- C:\Windows\System32\WMIMPLEX.dll
[2009.10.07 15:26:39 | 000,031,232 | ---- | C] () -- C:\Windows\System32\maplec.dll
[2009.10.04 15:46:05 | 000,225,280 | ---- | C] () -- C:\Windows\System32\rfwdres.dll
[2009.10.04 15:46:05 | 000,036,864 | ---- | C] () -- C:\Windows\System32\rfhres.dll
[2009.10.04 15:46:05 | 000,024,576 | ---- | C] () -- C:\Windows\System32\rfstrres.dll
[2009.10.04 15:46:05 | 000,024,576 | ---- | C] () -- C:\Windows\System32\rfshres.dll
[2009.10.04 15:46:04 | 000,503,808 | ---- | C] () -- C:\Windows\System32\RFHelper.dll
[2009.10.04 15:46:04 | 000,126,976 | ---- | C] () -- C:\Windows\System32\rfshext.dll
[2009.09.22 21:50:53 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009.09.22 21:50:53 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2009.09.11 10:56:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.16 22:50:43 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2009.06.08 20:10:52 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.02.17 02:36:58 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008.12.07 14:08:06 | 000,795,648 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.12.07 14:08:04 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.09.12 16:21:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2007.11.06 19:24:30 | 000,041,984 | ---- | C] () -- C:\Windows\System32\spwini.dll
[2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007.02.05 21:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.09 11:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2003.01.25 11:52:14 | 000,131,072 | ---- | C] () -- C:\Windows\System32\libFLAC.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:24051EFF
< End of report >
außerdem hab ich schon mal von einem sauberen PC aus meine passwörter geändert.
wie schätzt ihr die lage ein? wie sehr ist mein rechner noch verseucht? und kann ich nochwas bereinigen?
danke schon mal! |