"keine ausreichende Berechtigung"

cosinus · 20.06.2011, 14:16

Das ist aber nicht das OTL-Log...

Flieger · 20.06.2011, 14:52

Sorry, hier kommtsOTL Logfile:

Code:

ATTFilter

OTL logfile created on: 20.06.2011 14:03:42 - Run 2
OTL by OldTimer - Version 3.2.24.1     Folder = C:\Users\Flieger\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 66,80% Memory free
6,21 Gb Paging File | 4,90 Gb Available in Paging File | 78,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 576,16 Gb Total Space | 450,00 Gb Free Space | 78,10% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 2,75 Gb Free Space | 13,75% Space Free | Partition Type: FAT32
 
Computer Name: FLIEGER-PC | User Name: Flieger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.06.20 12:26:39 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Flieger\Desktop\OTL(1).exe
PRC - [2011.06.08 22:57:19 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.09.15 05:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010.06.22 15:22:52 | 000,138,752 | ---- | M] (Nokia) -- C:\Program Files\Nokia\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2010.06.14 16:07:14 | 000,615,936 | ---- | M] (Nokia) -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
PRC - [2010.03.25 22:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009.12.14 09:07:01 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009.06.25 15:12:42 | 001,414,144 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.02.25 23:52:06 | 000,244,224 | ---- | M] () -- C:\Program Files\AutoHotkey\AutoHotkey.exe
PRC - [2009.02.03 14:53:00 | 001,155,072 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2008.05.07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.05.07 17:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.02.28 18:07:58 | 001,828,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2006.03.21 14:19:40 | 000,069,632 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.06.20 12:26:39 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Flieger\Desktop\OTL(1).exe
MOD - [2011.06.08 23:08:27 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2009.04.11 08:28:25 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiutils.dll
MOD - [2009.04.11 08:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll
MOD - [2009.04.11 08:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll
MOD - [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll
MOD - [2008.01.21 04:24:58 | 000,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemdisp.dll
MOD - [2008.01.21 04:24:13 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2008.01.21 04:23:53 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.03.10 09:28:36 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2010.06.14 16:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.25 22:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009.08.23 13:21:23 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.02.03 14:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008.08.07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2008.05.07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.06.19 17:14:25 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D483F092-B7C0-4046-A32D-5CEBF1A1EE74}\MpKslabbfd143.sys -- (MpKslabbfd143)
DRV - [2010.07.30 15:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.07.30 15:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.07.30 15:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.07.30 15:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.03.25 22:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2009.04.11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008.12.06 20:18:38 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.06.09 07:23:00 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.02.06 17:13:00 | 000,218,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2005.04.12 10:41:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2005.03.01 10:46:56 | 000,053,632 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Gigusb.sys -- (Gigusb)
DRV - [2005.03.01 10:36:02 | 000,008,448 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\DectEnum.sys -- (DectEnum)
DRV - [2005.03.01 10:33:18 | 000,113,408 | ---- | M] (Siemens AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\siellif.sys -- (siellif)
DRV - [2005.01.31 11:20:04 | 000,211,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2005.01.31 11:12:46 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2004.09.08 15:22:04 | 000,050,759 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IUAPIWDM.sys -- (IUAPIWDM) ISDN USB Interface (Ver. 1.20.0032)
DRV - [2004.09.08 15:22:02 | 000,263,751 | ---- | M] (SIEMENS AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hrcmpa.sys -- (HRCMPA) ISDN Wan driver (Ver. 1.20.0032)
DRV - [2004.09.08 15:21:58 | 000,041,037 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ndiscapi.sys -- (NDISCAPI)
DRV - [2004.09.08 15:21:54 | 000,028,740 | ---- | M] (SIEMENS AG) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\capi.sys -- (CAPI)
DRV - [2003.08.22 12:13:36 | 000,021,888 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof2.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof2.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "free-downloads.net Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.arcor.de/ums/ums_ordner.jsp?ordnername=Posteingang"
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.1
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:4.0.0
FF - prefs.js..extensions.enabledItems: fb_add_on@avm.de:1.5.5
FF - prefs.js..extensions.enabledItems: {2A1D5949-B519-4924-BF62-8522FE0D5274}:0.13
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: {56dadc58-4c5e-4815-8553-d6a737f02fc9}:0.3.026
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.9
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.7.0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.08.20 08:39:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.08 22:57:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.25 20:42:40 | 000,000,000 | ---D | M]
 
[2008.11.01 17:47:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Flieger\AppData\Roaming\mozilla\Extensions
[2011.06.17 09:31:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Flieger\AppData\Roaming\mozilla\Firefox\Profiles\xpugimxs.default\extensions
[2011.03.25 20:24:42 | 000,000,000 | ---D | M] ("BabelFish") -- C:\Users\Flieger\AppData\Roaming\mozilla\Firefox\Profiles\xpugimxs.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}
[2011.04.01 17:18:16 | 000,000,000 | ---D | M] (softonic-de3 Community Toolbar) -- C:\Users\Flieger\AppData\Roaming\mozilla\Firefox\Profiles\xpugimxs.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011.03.25 20:24:40 | 000,000,000 | ---D | M] (free-downloads.net Community Toolbar) -- C:\Users\Flieger\AppData\Roaming\mozilla\Firefox\Profiles\xpugimxs.default\extensions\{ecdee021-0d17-467f-a1ff-c7a115230949}
[2011.03.25 20:18:26 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Flieger\AppData\Roaming\mozilla\Firefox\Profiles\xpugimxs.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2011.03.25 20:18:17 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\Flieger\AppData\Roaming\mozilla\Firefox\Profiles\xpugimxs.default\extensions\en-US@dictionaries.addons.mozilla.org
[2011.05.14 08:15:26 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\Flieger\AppData\Roaming\mozilla\Firefox\Profiles\xpugimxs.default\extensions\fb_add_on@avm.de
[2010.01.20 09:39:07 | 000,000,000 | ---D | M] ("MailCatch: Temporary Emails") -- C:\Users\Flieger\AppData\Roaming\mozilla\Firefox\Profiles\xpugimxs.default\extensions\firefox@mailcatch.com
[2010.06.12 14:28:41 | 000,000,000 | ---D | M] (Foxit Toolbar) -- C:\Users\Flieger\AppData\Roaming\mozilla\Firefox\Profiles\xpugimxs.default\extensions\toolbar@ask.com
[2010.06.12 14:28:43 | 000,002,427 | ---- | M] () -- C:\Users\Flieger\AppData\Roaming\Mozilla\Firefox\Profiles\xpugimxs.default\searchplugins\askcom.xml
[2008.10.28 14:24:00 | 000,000,898 | ---- | M] () -- C:\Users\Flieger\AppData\Roaming\Mozilla\Firefox\Profiles\xpugimxs.default\searchplugins\conduit.xml
[2011.03.25 20:16:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.14 19:06:01 | 000,000,000 | ---D | M] (BrowserZinc) -- C:\Program Files\Mozilla Firefox\extensions\{52ED9673-0722-4A1D-B859-959FD56143DC}
[2010.04.15 19:16:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.30 18:12:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- 
() (No name found) -- C:\USERS\FLIEGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPUGIMXS.DEFAULT\EXTENSIONS\{2A1D5949-B519-4924-BF62-8522FE0D5274}.XPI
() (No name found) -- C:\USERS\FLIEGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPUGIMXS.DEFAULT\EXTENSIONS\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.XPI
() (No name found) -- C:\USERS\FLIEGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPUGIMXS.DEFAULT\EXTENSIONS\{56DADC58-4C5E-4815-8553-D6A737F02FC9}.XPI
() (No name found) -- C:\USERS\FLIEGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPUGIMXS.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
() (No name found) -- C:\USERS\FLIEGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPUGIMXS.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\FLIEGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPUGIMXS.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
() (No name found) -- C:\USERS\FLIEGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPUGIMXS.DEFAULT\EXTENSIONS\AUTOFILLFORMS@BLUEIMP.NET.XPI
[2009.09.02 19:47:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.06.08 22:57:19 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.01.06 10:46:10 | 000,258,560 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Program Files\Mozilla Firefox\plugins\npEModelPlugin.dll
[2010.06.12 09:48:29 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\prxtbsof2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched]  File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe ( )
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - Reg Error: Value error. File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Flieger\Desktop\Eigene Bilder\Bundeswehr\Toni\CIMG1062.JPG
O24 - Desktop BackupWallPaper: C:\Users\Flieger\Desktop\Eigene Bilder\Bundeswehr\Toni\CIMG1062.JPG
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.06.20 12:26:37 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Flieger\Desktop\OTL(1).exe
[2011.06.18 09:37:29 | 000,000,000 | R--D | C] -- C:\Users\Flieger\Videos
[2011.06.17 19:23:57 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.06.08 23:23:04 | 003,208,568 | ---- | C] (TeamViewer GmbH) -- C:\Users\Flieger\Desktop\TeamViewer_Setup_de.exe
[2011.06.08 23:16:41 | 000,000,000 | ---D | C] -- C:\Users\Flieger\AppData\Local\Conduit
[2011.05.28 15:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2011.05.28 12:46:17 | 000,000,000 | ---D | C] -- C:\Users\Flieger\AppData\Roaming\Uvud
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.06.20 13:42:49 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.20 13:42:49 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.20 13:36:43 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.06.20 13:36:23 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.06.20 13:36:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.20 12:26:39 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Flieger\Desktop\OTL(1).exe
[2011.06.20 11:43:01 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.18 09:46:40 | 000,002,597 | ---- | M] () -- C:\Users\Flieger\Desktop\Microsoft Office Word 2003.lnk
[2011.06.18 09:38:36 | 000,640,330 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.06.18 09:38:36 | 000,607,028 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.18 09:38:36 | 000,130,656 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.06.18 09:38:36 | 000,108,106 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.18 08:51:04 | 3217,231,872 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.18 08:49:55 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011.06.17 08:51:34 | 000,250,803 | ---- | M] () -- C:\Users\Flieger\Desktop\17062011(001).jpg
[2011.06.17 08:46:26 | 000,227,514 | ---- | M] () -- C:\Users\Flieger\Desktop\17062011.jpg
[2011.06.10 17:17:02 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011.06.09 09:15:16 | 000,002,339 | ---- | M] () -- C:\Users\Flieger\Desktop\Skype.lnk
[2011.06.09 09:08:35 | 001,714,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.06.08 23:27:14 | 000,000,036 | ---- | M] () -- C:\Users\Flieger\AppData\Local\housecall.guid.cache
[2011.06.08 23:21:29 | 003,208,568 | ---- | M] (TeamViewer GmbH) -- C:\Users\Flieger\Desktop\TeamViewer_Setup_de.exe
[2011.06.08 23:08:35 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.06.08 23:08:35 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.06.08 23:08:27 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.06.08 22:06:40 | 000,000,680 | ---- | M] () -- C:\Users\Flieger\AppData\Local\d3d9caps.dat
[2011.05.30 08:36:19 | 002,079,232 | ---- | M] () -- C:\Users\Flieger\Desktop\Einladung_40_.pps
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.06.17 08:51:34 | 000,250,803 | ---- | C] () -- C:\Users\Flieger\Desktop\17062011(001).jpg
[2011.06.17 08:46:26 | 000,227,514 | ---- | C] () -- C:\Users\Flieger\Desktop\17062011.jpg
[2011.06.08 23:27:14 | 000,000,036 | ---- | C] () -- C:\Users\Flieger\AppData\Local\housecall.guid.cache
[2011.06.08 23:08:27 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.06.08 22:16:32 | 3217,231,872 | -HS- | C] () -- C:\hiberfil.sys
[2011.06.08 22:06:40 | 000,000,680 | ---- | C] () -- C:\Users\Flieger\AppData\Local\d3d9caps.dat
[2011.05.30 08:36:19 | 002,079,232 | ---- | C] () -- C:\Users\Flieger\Desktop\Einladung_40_.pps
[2011.03.10 09:28:42 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2010.12.05 12:58:31 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.06.18 13:23:17 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2009.12.20 15:36:45 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.10.21 07:51:37 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.10.21 07:51:37 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.09.14 15:48:15 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009.06.16 16:42:13 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.06.16 16:41:41 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.03.05 17:24:09 | 000,000,008 | ---- | C] () -- C:\Windows\odbcddp.ini
[2009.03.05 17:24:09 | 000,000,000 | ---- | C] () -- C:\Windows\PROTOCOL.INI
[2009.03.05 17:24:08 | 000,000,050 | ---- | C] () -- C:\Windows\odbcinst.ini
[2009.03.05 17:24:08 | 000,000,034 | ---- | C] () -- C:\Windows\odbcisam.ini
[2008.12.21 17:36:36 | 000,015,360 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2008.12.06 20:10:31 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2008.11.16 20:28:16 | 000,047,104 | ---- | C] () -- C:\Users\Flieger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.10 07:56:09 | 000,000,510 | ---- | C] () -- C:\Windows\Siemens.INI
[2008.11.06 18:32:43 | 000,040,960 | ---- | C] () -- C:\Windows\System32\IPPCPUID.DLL
[2008.11.06 18:32:31 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll
[2008.11.06 18:30:48 | 000,000,419 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2008.11.02 12:36:21 | 000,000,427 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.11.02 11:15:29 | 000,000,189 | ---- | C] () -- C:\Windows\OPHC.INI
[2008.08.08 15:49:44 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.08.04 15:16:09 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.08.04 12:08:00 | 000,000,028 | ---- | C] () -- C:\Windows\System32\drivers\VERSION.DAT
[2008.01.21 09:15:58 | 000,640,330 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,130,656 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 001,714,320 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,607,028 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,108,106 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.01.31 09:37:58 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
 
========== LOP Check ==========
 
[2010.11.10 17:00:10 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\AVG10
[2009.12.20 19:43:27 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\avidemux
[2008.11.08 11:28:51 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Canon
[2011.05.14 08:14:54 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Dropbox
[2011.03.10 09:28:57 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\EDrawings
[2010.06.12 09:49:22 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Foxit
[2010.06.17 15:05:15 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Foxit Software
[2010.01.25 16:07:26 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\FRITZ!
[2009.08.20 10:34:15 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2009.09.30 09:47:25 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\GoPal Assistant
[2011.05.16 16:04:40 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\inkscape
[2009.06.16 16:44:36 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\MAGIX
[2010.01.01 12:26:04 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Nokia
[2010.04.23 10:49:42 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Opera
[2008.12.18 11:00:38 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\PC Suite
[2008.11.06 18:30:40 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\ScanSoft
[2010.10.20 16:16:03 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Screenbrush
[2008.11.02 18:06:37 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\SparVoip
[2010.11.19 17:27:29 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\TuneUp Software
[2008.11.02 12:25:56 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Ulead Systems
[2011.05.28 12:46:17 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Uvud
[2011.06.18 08:49:57 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.08.16 17:09:58 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Adobe
[2008.11.08 11:29:41 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\ArcSoft
[2010.11.10 17:00:10 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\AVG10
[2009.12.20 19:43:27 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\avidemux
[2008.11.08 11:28:51 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Canon
[2011.05.14 08:14:54 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Dropbox
[2011.03.10 09:28:57 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\EDrawings
[2010.06.12 09:49:22 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Foxit
[2010.06.17 15:05:15 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Foxit Software
[2010.01.25 16:07:26 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\FRITZ!
[2009.08.20 10:34:15 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2008.11.22 11:36:18 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Google
[2009.09.30 09:47:25 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\GoPal Assistant
[2008.10.21 17:57:26 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Identities
[2011.05.16 16:04:40 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\inkscape
[2008.10.21 17:59:44 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Macromedia
[2009.06.16 16:44:36 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\MAGIX
[2010.06.19 18:18:38 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Media Center Programs
[2011.04.06 18:04:54 | 000,000,000 | --SD | M] -- C:\Users\Flieger\AppData\Roaming\Microsoft
[2008.11.01 17:47:31 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Mozilla
[2008.12.03 13:31:20 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Nero
[2010.01.01 12:26:04 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Nokia
[2010.04.23 10:49:42 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Opera
[2008.12.18 11:00:38 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\PC Suite
[2009.12.14 09:09:52 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Real
[2008.11.06 18:30:40 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\ScanSoft
[2010.10.20 16:16:03 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Screenbrush
[2011.06.09 12:16:35 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Skype
[2011.06.09 09:15:19 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\skypePM
[2008.11.02 18:06:37 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\SparVoip
[2010.11.19 17:27:29 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\TuneUp Software
[2008.11.02 12:25:56 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Ulead Systems
[2011.05.28 12:46:17 | 000,000,000 | ---D | M] -- C:\Users\Flieger\AppData\Roaming\Uvud
 
< %APPDATA%\*.exe /s >
[2010.12.17 04:24:30 | 023,343,848 | ---- | M] (Dropbox, Inc.) -- C:\Users\Flieger\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2010.12.17 04:24:34 | 000,153,176 | ---- | M] (Dropbox, Inc.) -- C:\Users\Flieger\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2009.09.30 09:54:24 | 000,028,672 | ---- | M] (Elektrobit Automotive GmbH) -- C:\Users\Flieger\AppData\Roaming\GoPal Assistant\Library\6E909346-9C25-48EB-8A62-F7FB64ECBAD6\AutoRunCE.exe
[2009.09.30 09:54:42 | 000,057,856 | ---- | M] () -- C:\Users\Flieger\AppData\Roaming\GoPal Assistant\Library\6E909346-9C25-48EB-8A62-F7FB64ECBAD6\1\module.exe
[2009.09.30 09:54:48 | 000,028,672 | ---- | M] (Elektrobit Automotive GmbH) -- C:\Users\Flieger\AppData\Roaming\GoPal Assistant\Library\7C6FF0FF-ACDF-4141-8082-0243F750A97C\AutoRunCE.exe
[2009.09.30 09:54:49 | 000,057,856 | ---- | M] () -- C:\Users\Flieger\AppData\Roaming\GoPal Assistant\Library\7C6FF0FF-ACDF-4141-8082-0243F750A97C\1\module.exe
[2009.09.30 09:54:50 | 000,028,672 | ---- | M] (Elektrobit Automotive GmbH) -- C:\Users\Flieger\AppData\Roaming\GoPal Assistant\Library\CE43E84F-E708-46B3-952D-1AE6FD1E33C8\AutoRunCE.exe
[2009.09.30 09:54:51 | 000,057,856 | ---- | M] () -- C:\Users\Flieger\AppData\Roaming\GoPal Assistant\Library\CE43E84F-E708-46B3-952D-1AE6FD1E33C8\1\module.exe
[2008.08.07 04:05:00 | 000,028,672 | ---- | M] (Elektrobit Automotive GmbH) -- C:\Users\Flieger\AppData\Roaming\GoPal Assistant\Library\Import\gpa_nsc13C\Installation\AutoRunCE.exe
[2008.08.07 04:05:00 | 000,057,856 | ---- | M] () -- C:\Users\Flieger\AppData\Roaming\GoPal Assistant\Library\Import\gpa_nsc13C\Installation\1\module.exe
[2009.12.08 09:53:51 | 000,439,816 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Flieger\AppData\Roaming\Real\Update\setup3.09\setup.exe
[2009.12.08 17:53:56 | 000,079,368 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Flieger\AppData\Roaming\Real\Update\setup3.09\RUP\vista.exe
[2010.05.30 08:42:35 | 000,443,912 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Flieger\AppData\Roaming\Real\Update\setup3.10\setup.exe
[2011.01.31 15:01:03 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Flieger\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2011.06.15 07:50:11 | 000,310,400 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Flieger\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\8.00\rnupgagent.exe
[2011.06.15 21:09:39 | 026,472,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Flieger\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\8.00\stub_data\RealPlayer_de.exe
[2011.06.15 21:08:02 | 000,676,624 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Flieger\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\8.00\stub_exe\RealPlayer_de.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\ERDNT\cache\atapi.sys
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\drivers\atapi.sys
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.03.12 08:38:18 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.03.12 08:24:20 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2008.05.07 17:40:38 | 000,395,288 | ---- | M] (Intel Corporation) MD5=07FB761600EFF44AF02C35B8B57E5863 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008.05.07 17:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.05.07 17:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\drivers\iaStor.sys
[2008.05.07 17:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1ab0331f\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\ERDNT\cache\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.12.06 20:18:38 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >

--- --- ---

20.06.2011, 14:16	#16
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	"keine ausreichende Berechtigung" Das ist aber nicht das OTL-Log... __________________ Logfiles bitte immer in CODE-Tags posten

"keine ausreichende Berechtigung"

Plagegeister aller Art und deren Bekämpfung: "keine ausreichende Berechtigung"

"keine ausreichende Berechtigung"

"keine ausreichende Berechtigung"

Ähnliche Themen: "keine ausreichende Berechtigung"