![]() |
Log-Analyse und Auswertung: auch ich habe das Problem mit XP mein Destop ist gesperrt.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() |
![]() | #1 |
| ![]() auch ich habe das Problem mit XP mein Destop ist gesperrt. ich bin auch mal ein Opfer geworden vom Trojner Error: Unable to interpret <OTL Logfile: Code:
ATTFilter OTL logfile created on: 5/7/2012 6:18:07 PM - Run > in the current context! Error: Unable to interpret <OTLPE by OldTimer - Version Folder = X:\Programs\OTLPE> in the current context! Error: Unable to interpret <Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM> in the current context! Error: Unable to interpret <Internet Explorer (Version = 8.0.6001.18702)> in the current context! Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <1,023.00 Mb Total Physical Memory | 764.00 Mb Available Physical Memory | 75.00% Memory free> in the current context! Error: Unable to interpret <907.00 Mb Paging File | 795.00 Mb Available in Paging File | 88.00% Paging File free> in the current context! Error: Unable to interpret <Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme> in the current context! Error: Unable to interpret <Drive C: | 298.08 Gb Total Space | 283.84 Gb Free Space | 95.22% Space Free | Partition Type: NTFS> in the current context! Error: Unable to interpret <Drive D: | 3.77 Gb Total Space | 3.68 Gb Free Space | 97.60% Space Free | Partition Type: FAT32> in the current context! Error: Unable to interpret <Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <Computer Name: REATOGO | User Name: SYSTEM> in the current context! Error: Unable to interpret <Boot Mode: Normal | Scan Mode: All users> in the current context! Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days> in the current context! Error: Unable to interpret <Using ControlSet: ControlSet003> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Win32 Services (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <SRV - [2012/04/19 15:12:57 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)> in the current context! Error: Unable to interpret <SRV - [2012/02/26 10:42:28 | 000,632,320 | ---- | M] (FileZilla Project) [Auto] -- C:\Programme\FileZilla Server\FileZilla Server.exe -- (FileZilla Server)> in the current context! Error: Unable to interpret <SRV - [2012/01/31 10:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)> in the current context! Error: Unable to interpret <SRV - [2011/12/09 07:40:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)> in the current context! Error: Unable to interpret <SRV - [2011/12/09 07:39:54 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)> in the current context! Error: Unable to interpret <SRV - [2011/05/06 05:03:10 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)> in the current context! Error: Unable to interpret <SRV - [2011/03/25 16:32:40 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)> in the current context! Error: Unable to interpret <SRV - [2010/01/09 16:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)> in the current context! Error: Unable to interpret <SRV - [2010/01/09 16:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)> in the current context! Error: Unable to interpret <SRV - [2008/09/08 06:09:40 | 000,184,320 | ---- | M] () [Auto] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <DRV - File not found [Kernel | On_Demand] -- -- (WDICA)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | System] -- -- (PCIDump)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | System] -- -- (lbrtfdc)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | System] -- -- (i2omgmt)> in the current context! Error: Unable to interpret <DRV - File not found [Kernel | System] -- -- (Changer)> in the current context! Error: Unable to interpret <DRV - [2012/02/17 11:54:49 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)> in the current context! Error: Unable to interpret <DRV - [2011/12/09 07:40:20 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)> in the current context! Error: Unable to interpret <DRV - [2011/12/09 07:40:20 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)> in the current context! Error: Unable to interpret <DRV - [2011/09/02 02:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)> in the current context! Error: Unable to interpret <DRV - [2011/09/02 02:31:10 | 000,042,648 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LEqdUsb.sys -- (LEqdUsb)> in the current context! Error: Unable to interpret <DRV - [2011/09/02 02:31:10 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidEqd.sys -- (LHidEqd)> in the current context! Error: Unable to interpret <DRV - [2011/09/02 02:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)> in the current context! Error: Unable to interpret <DRV - [2010/07/12 23:13:54 | 000,894,696 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rtl8192cu.sys -- (RTL8192cu)> in the current context! Error: Unable to interpret <DRV - [2010/06/17 09:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)> in the current context! Error: Unable to interpret <DRV - [2008/09/24 05:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)> in the current context! Error: Unable to interpret <DRV - [2008/08/18 13:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)> in the current context! Error: Unable to interpret <DRV - [2008/08/01 06:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)> in the current context! Error: Unable to interpret <DRV - [2008/08/01 06:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)> in the current context! Error: Unable to interpret <DRV - [2001/08/17 08:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)> in the current context! Error: Unable to interpret <DRV - [1999/09/20 06:05:34 | 000,006,144 | ---- | M] (Divicore Inc.) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\CINEMSUP.SYS -- (CINEMSUP)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Internet Explorer ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?st=1&barid={A54782AB-1F93-11E1-83DC-5067F0119E66}> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE - HKU\Lotus.LICHTZEN-349138_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=ie8hp> in the current context! Error: Unable to interpret <IE - HKU\Lotus.LICHTZEN-349138_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]> in the current context! Error: Unable to interpret <IE - HKU\Lotus.LICHTZEN-349138_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1> in the current context! Error: Unable to interpret <IE - HKU\Lotus.LICHTZEN-349138_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bluewin.ch/index.html.de?emlo=1> in the current context! Error: Unable to interpret <IE - HKU\Lotus.LICHTZEN-349138_ON_C\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)> in the current context! Error: Unable to interpret <IE - HKU\Lotus.LICHTZEN-349138_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Programme\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\\npGoogleUpdate3.dll (Google Inc.)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\\npGoogleUpdate3.dll (Google Inc.)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/04/20 12:45:55 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2011/12/05 08:00:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions> in the current context! Error: Unable to interpret <[2012/04/20 12:45:55 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll> in the current context! Error: Unable to interpret <[2012/04/01 10:23:02 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml> in the current context! Error: Unable to interpret <[2012/04/01 10:23:02 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml> in the current context! Error: Unable to interpret <[2012/04/01 10:23:02 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml> in the current context! Error: Unable to interpret <[2012/04/01 10:23:02 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml> in the current context! Error: Unable to interpret <[2012/04/01 10:23:02 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml> in the current context! Error: Unable to interpret <[2012/04/01 10:23:02 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <O1 HOSTS File: ([2006/02/28 08:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts> in the current context! Error: Unable to interpret <O1 - Hosts: localhost> in the current context! Error: Unable to interpret <O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)> in the current context! Error: Unable to interpret <O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)> in the current context! Error: Unable to interpret <O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)> in the current context! Error: Unable to interpret <O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)> in the current context! Error: Unable to interpret <O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)> in the current context! Error: Unable to interpret <O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Programme\Softonic\Softonic\\bh\Softonic.dll (Softonic.com)> in the current context! Error: Unable to interpret <O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)> in the current context! Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Programme\Softonic\Softonic\\SoftonicTlbr.dll (Softonic.com)> in the current context! Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programme\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)> in the current context! Error: Unable to interpret <O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)> in the current context! Error: Unable to interpret <O3 - HKU\Lotus.LICHTZEN-349138_ON_C\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [FileZilla Server Interface] C:\Programme\FileZilla Server\FileZilla Server Interface.exe (FileZilla Project)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)> in the current context! Error: Unable to interpret <O4 - HKU\Lotus.LICHTZEN-349138_ON_C..\Run: [1Y7C9I1C0ZWVZZ6WLKDYKBM] C:\update64\1E729812321.exe ()> in the current context! Error: Unable to interpret <O4 - HKU\Lotus.LICHTZEN-349138_ON_C..\Run: [200CA206] C:\WINDOWS\system32\60F8187B200CA20625C4.exe ()> in the current context! Error: Unable to interpret <O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Wireless N USB Dienstprogramm.lnk = C:\Programme\ZyXEL\NWD2205\NWD2205.exe (ZyXEL)> in the current context! Error: Unable to interpret <O4 - Startup: C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Wireless N USB Dienstprogramm.lnk = C:\Programme\ZyXEL\NWD2205\NWD2205.exe (ZyXEL)> in the current context! Error: Unable to interpret <O4 - Startup: C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Startmenü\Programme\Autostart\Logitech . Produktregistrierung.lnk = C:\Programme\Gemeinsame Dateien\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)> in the current context! Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1> in the current context! Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1> in the current context! Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1> in the current context! Error: Unable to interpret <O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145> in the current context! Error: Unable to interpret <O7 - HKU\LocalService.NT-AUTORITÄT_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145> in the current context! Error: Unable to interpret <O7 - HKU\Lotus.LICHTZEN-349138_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145> in the current context! Error: Unable to interpret <O7 - HKU\Lotus.LICHTZEN-349138_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1> in the current context! Error: Unable to interpret <O7 - HKU\Lotus.LICHTZEN-349138_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1> in the current context! Error: Unable to interpret <O7 - HKU\NetworkService.NT-AUTORITÄT_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145> in the current context! Error: Unable to interpret <O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret <O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret <O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)> in the current context! Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)> in the current context! Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)> in the current context! Error: Unable to interpret <O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)> in the current context! Error: Unable to interpret <O12 - Plugin for: .spop - C:\Programme\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)> in the current context! Error: Unable to interpret <O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab (Geräteerkennung)> in the current context! Error: Unable to interpret <O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)> in the current context! Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer => in the current context! Error: Unable to interpret <O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)> in the current context! Error: Unable to interpret <O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)> in the current context! Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\60F8187B200CA20625C4.exe) - C:\WINDOWS\system32\60F8187B200CA20625C4.exe ()> in the current context! Error: Unable to interpret <O27 - HKLM IFEO\msconfig.exe: Debugger - P9KDMF.EXE File not found> in the current context! Error: Unable to interpret <O27 - HKLM IFEO\regedit.exe: Debugger - P9KDMF.EXE File not found> in the current context! Error: Unable to interpret <O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found> in the current context! Error: Unable to interpret <O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)> in the current context! Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context! Error: Unable to interpret <O32 - AutoRun File - [2011/11/30 15:27:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]> in the current context! Error: Unable to interpret <O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]> in the current context! Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *) - File not found> in the current context! Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context! Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2012/05/07 14:45:53 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\NetworkService.NT-AUTORITÄT\Recent> in the current context! Error: Unable to interpret <[2012/05/07 14:45:53 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\NetworkService.NT-AUTORITÄT\Eigene Dateien> in the current context! Error: Unable to interpret <[2012/05/07 13:00:12 | 000,000,000 | ---D | C] -- C:\_OTL> in the current context! Error: Unable to interpret <[2012/05/07 12:53:49 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\LocalService.NT-AUTORITÄT\Recent> in the current context! Error: Unable to interpret <[2012/05/07 12:53:49 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\LocalService.NT-AUTORITÄT\Eigene Dateien> in the current context! Error: Unable to interpret <[2012/05/03 04:30:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Nlurjfabx> in the current context! Error: Unable to interpret <[2012/05/03 04:28:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\7-Zip> in the current context! Error: Unable to interpret <[2012/05/03 04:28:22 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip> in the current context! Error: Unable to interpret <[2012/05/03 04:26:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\WinRAR> in the current context! Error: Unable to interpret <[2012/05/03 04:26:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Startmenü\Programme\WinRAR> in the current context! Error: Unable to interpret <[2012/05/03 04:26:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\WinRAR> in the current context! Error: Unable to interpret <[2012/05/03 04:26:21 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR> in the current context! Error: Unable to interpret <[2012/04/29 11:49:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\public_html> in the current context! Error: Unable to interpret <[2012/04/29 11:48:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\public_ftp> in the current context! Error: Unable to interpret <[2012/04/29 11:48:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\.cpanel> in the current context! Error: Unable to interpret <[2012/04/29 11:31:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\phpDesigner> in the current context! Error: Unable to interpret <[2012/04/29 11:29:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\phpDesigner 8> in the current context! Error: Unable to interpret <[2012/04/29 11:29:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\phpDesigner> in the current context! Error: Unable to interpret <[2012/04/29 11:29:17 | 000,000,000 | ---D | C] -- C:\Programme\phpDesigner 8> in the current context! Error: Unable to interpret <[2012/04/27 08:19:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Softonic> in the current context! Error: Unable to interpret <[2012/04/27 06:59:52 | 000,000,000 | ---D | C] -- C:\Programme\Softonic> in the current context! Error: Unable to interpret <[2012/04/27 06:59:19 | 001,671,128 | ---- | C] (Softonic) -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\Softonic_ggl_1.5.21.0.exe> in the current context! Error: Unable to interpret <[2012/04/26 06:58:21 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\LocalService.NT-AUTORITÄT\IETldCache> in the current context! Error: Unable to interpret <[2012/04/26 02:17:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService.NT-AUTORITÄT\Lokale Einstellungen\Anwendungsdaten\Adobe> in the current context! Error: Unable to interpret <[2012/04/25 11:57:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\Neuer Ordner> in the current context! Error: Unable to interpret <[2012/04/24 13:05:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\zufahrt> in the current context! Error: Unable to interpret <[2012/04/24 13:04:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\preisliste> in the current context! Error: Unable to interpret <[2012/04/24 11:21:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\FileZilla> in the current context! Error: Unable to interpret <[2012/04/24 11:21:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Startmenü\Programme\FileZilla FTP Client> in the current context! Error: Unable to interpret <[2012/04/24 11:21:12 | 000,000,000 | ---D | C] -- C:\Programme\FileZilla FTP Client> in the current context! Error: Unable to interpret <[2012/04/24 11:17:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\FileZilla Server> in the current context! Error: Unable to interpret <[2012/04/24 11:17:06 | 000,000,000 | ---D | C] -- C:\Programme\FileZilla Server> in the current context! Error: Unable to interpret <[2012/04/24 11:07:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\Help> in the current context! Error: Unable to interpret <[2012/04/24 11:07:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Help> in the current context! Error: Unable to interpret <[2012/04/24 11:07:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Total Commander> in the current context! Error: Unable to interpret <[2012/04/24 11:07:35 | 000,000,000 | ---D | C] -- C:\totalcmd> in the current context! Error: Unable to interpret <[2012/04/24 11:05:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\Identities> in the current context! Error: Unable to interpret <[2012/04/24 11:05:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Windows Desktop Search> in the current context! Error: Unable to interpret <[2012/04/24 11:04:45 | 000,000,000 | ---D | C] -- C:\Programme\Windows Desktop Search> in the current context! Error: Unable to interpret <[2012/04/24 11:04:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy> in the current context! Error: Unable to interpret <[2012/04/24 11:03:14 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll> in the current context! Error: Unable to interpret <[2012/04/24 11:03:14 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll> in the current context! Error: Unable to interpret <[2012/04/24 11:03:14 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll> in the current context! Error: Unable to interpret <[2012/04/20 06:15:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\Adobe> in the current context! Error: Unable to interpret <[2012/04/19 15:22:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Google> in the current context! Error: Unable to interpret <[2012/04/19 15:18:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\Temp> in the current context! Error: Unable to interpret <[2012/04/19 15:13:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService.NT-AUTORITÄT\Lokale Einstellungen\Anwendungsdaten\Google> in the current context! Error: Unable to interpret <[2012/04/19 15:13:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\Google> in the current context! Error: Unable to interpret <[2012/04/19 15:13:00 | 000,000,000 | ---D | C] -- C:\Programme\Google> in the current context! Error: Unable to interpret <[2012/04/19 15:13:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Google> in the current context! Error: Unable to interpret <[2012/04/19 15:12:57 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe> in the current context! Error: Unable to interpret <[2012/04/19 15:12:10 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\IECompatCache> in the current context! Error: Unable to interpret <[2012/04/19 15:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Adobe> in the current context! Error: Unable to interpret <[2012/04/17 13:15:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Logitech> in the current context! Error: Unable to interpret <[2012/04/17 13:08:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidserv.dll> in the current context! Error: Unable to interpret <[2012/04/17 13:08:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Leadertech> in the current context! Error: Unable to interpret <[2012/04/17 13:08:17 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys> in the current context! Error: Unable to interpret <[2012/04/17 13:08:14 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll> in the current context! Error: Unable to interpret <[2012/04/17 13:07:43 | 000,012,184 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LBeepKE.sys> in the current context! Error: Unable to interpret <[2012/04/17 13:07:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\LogiShrd> in the current context! Error: Unable to interpret <[2012/04/17 13:06:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Logitech> in the current context! Error: Unable to interpret <[2012/04/17 13:06:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Logishrd> in the current context! Error: Unable to interpret <[2012/04/17 12:59:22 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft> in the current context! Error: Unable to interpret <[2012/04/17 12:52:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Logitech> in the current context! Error: Unable to interpret <[2012/04/17 12:52:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\LogiShrd> in the current context! Error: Unable to interpret <[2012/04/17 12:52:01 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\LogiShrd> in the current context! Error: Unable to interpret <[2012/04/17 04:53:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Eigene Dateien\Outlook-Dateien> in the current context! Error: Unable to interpret <[2012/04/14 10:57:19 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys> in the current context! Error: Unable to interpret <[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]> in the current context! Error: Unable to interpret <[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2012/05/07 17:55:49 | 000,262,144 | -H-- | M] () -- C:\Dokumente und Einstellungen\LocalService.NT-AUTORITÄT\NTUSER.DAT> in the current context! Error: Unable to interpret <[2012/05/07 14:48:33 | 000,524,288 | -H-- | M] () -- C:\Dokumente und Einstellungen\NetworkService.NT-AUTORITÄT\NTUSER.DAT> in the current context! Error: Unable to interpret <[2012/05/07 14:39:29 | 002,621,440 | -H-- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\NTUSER.DAT> in the current context! Error: Unable to interpret <[2012/05/07 10:30:27 | 000,188,791 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml> in the current context! Error: Unable to interpret <[2012/05/07 10:30:24 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job> in the current context! Error: Unable to interpret <[2012/05/07 10:30:21 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl> in the current context! Error: Unable to interpret <[2012/05/07 10:30:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT> in the current context! Error: Unable to interpret <[2012/05/07 10:30:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat> in the current context! Error: Unable to interpret <[2012/05/07 10:28:04 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat> in the current context! Error: Unable to interpret <[2012/05/07 05:34:12 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job> in the current context! Error: Unable to interpret <[2012/05/07 05:34:12 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job> in the current context! Error: Unable to interpret <[2012/05/07 05:30:20 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C160ECFC-4B5E-4CA5-BC6D-A2A9EEE79374}.job> in the current context! Error: Unable to interpret <[2012/05/07 05:03:54 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\ntuser.ini> in the current context! Error: Unable to interpret <[2012/05/04 03:12:10 | 006,430,700 | -H-- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\IconCache.db> in the current context! Error: Unable to interpret <[2012/05/03 23:52:20 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh325> in the current context! Error: Unable to interpret <[2012/05/03 23:41:54 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh324> in the current context! Error: Unable to interpret <[2012/05/03 23:27:28 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh323> in the current context! Error: Unable to interpret <[2012/05/03 23:26:12 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh322> in the current context! Error: Unable to interpret <[2012/05/03 23:23:16 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh321> in the current context! Error: Unable to interpret <[2012/05/03 23:20:38 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh320> in the current context! Error: Unable to interpret <[2012/05/03 04:28:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\7-Zip> in the current context! Error: Unable to interpret <[2012/05/03 04:27:24 | 000,102,912 | -H-- | M] () -- C:\WINDOWS\System32\60F8187B200CA20625C4.exe> in the current context! Error: Unable to interpret <[2012/05/03 04:26:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\WinRAR> in the current context! Error: Unable to interpret <[2012/05/01 14:00:00 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Startmenü\Programme\Autostart\Logitech . Produktregistrierung.lnk> in the current context! Error: Unable to interpret <[2012/04/30 06:09:00 | 000,000,864 | ---- | M] () -- C:\WINDOWS\wincmd.ini> in the current context! Error: Unable to interpret <[2012/04/29 14:58:53 | 000,027,920 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\phpdesigner.xml> in the current context! Error: Unable to interpret <[2012/04/29 11:29:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\phpDesigner 8> in the current context! Error: Unable to interpret <[2012/04/28 04:48:42 | 000,000,548 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\Total Commander.lnk> in the current context! Error: Unable to interpret <[2012/04/27 06:59:55 | 000,000,109 | ---- | M] () -- C:\user.js> in the current context! Error: Unable to interpret <[2012/04/27 06:59:49 | 001,671,128 | ---- | M] (Softonic) -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\Softonic_ggl_1.5.21.0.exe> in the current context! Error: Unable to interpret <[2012/04/27 06:59:44 | 004,681,921 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\MamboV4.6.5.zip> in the current context! Error: Unable to interpret <[2012/04/26 02:10:00 | 000,545,380 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Eigene Dateien\317.JPG> in the current context! Error: Unable to interpret <[2012/04/26 02:10:00 | 000,388,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Eigene Dateien\313.JPG> in the current context! Error: Unable to interpret <[2012/04/24 11:21:17 | 000,001,627 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\FileZilla Client.lnk> in the current context! Error: Unable to interpret <[2012/04/24 11:17:08 | 000,001,710 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\FileZilla Server Interface.lnk> in the current context! Error: Unable to interpret <[2012/04/24 11:17:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\FileZilla Server> in the current context! Error: Unable to interpret <[2012/04/24 11:11:45 | 000,002,299 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Adobe Reader X.lnk> in the current context! Error: Unable to interpret <[2012/04/24 11:07:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Total Commander> in the current context! Error: Unable to interpret <[2012/04/24 11:04:52 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK> in the current context! Error: Unable to interpret <[2012/04/24 11:04:51 | 000,001,771 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Search.lnk> in the current context! Error: Unable to interpret <[2012/04/24 11:04:51 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Windows Search.lnk> in the current context! Error: Unable to interpret <[2012/04/24 11:04:51 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart> in the current context! Error: Unable to interpret <[2012/04/24 11:04:48 | 001,106,904 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI> in the current context! Error: Unable to interpret <[2012/04/24 11:04:48 | 000,487,716 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat> in the current context! Error: Unable to interpret <[2012/04/24 11:04:48 | 000,095,702 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat> in the current context! Error: Unable to interpret <[2012/04/19 16:11:16 | 000,000,131 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\MSN.de.url> in the current context! Error: Unable to interpret <[2012/04/19 15:12:57 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe> in the current context! Error: Unable to interpret <[2012/04/19 15:12:56 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl> in the current context! Error: Unable to interpret <[2012/04/19 15:06:59 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader X.lnk> in the current context! Error: Unable to interpret <[2012/04/18 13:37:16 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\E-Mail.lnk> in the current context! Error: Unable to interpret <[2012/04/17 14:38:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Logitech> in the current context! Error: Unable to interpret <[2012/04/17 13:08:17 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys> in the current context! Error: Unable to interpret <[2012/04/17 13:08:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf> in the current context! Error: Unable to interpret <[2012/04/17 12:59:59 | 000,000,795 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Browser starten.lnk> in the current context! Error: Unable to interpret <[2012/04/17 05:02:28 | 000,070,376 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT> in the current context! Error: Unable to interpret <[2012/04/17 04:53:09 | 000,000,770 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk> in the current context! Error: Unable to interpret <[2012/04/14 21:02:32 | 000,000,552 | ---- | M] () -- C:\WINDOWS\win.ini> in the current context! Error: Unable to interpret <[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]> in the current context! Error: Unable to interpret <[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2012/05/04 02:52:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat> in the current context! Error: Unable to interpret <[2012/05/04 02:44:24 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh325> in the current context! Error: Unable to interpret <[2012/05/04 02:44:23 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh324> in the current context! Error: Unable to interpret <[2012/05/04 02:44:23 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh323> in the current context! Error: Unable to interpret <[2012/05/04 02:44:23 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh322> in the current context! Error: Unable to interpret <[2012/05/04 02:44:23 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh321> in the current context! Error: Unable to interpret <[2012/05/04 02:44:23 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh320> in the current context! Error: Unable to interpret <[2012/05/03 04:27:24 | 000,102,912 | -H-- | C] () -- C:\WINDOWS\System32\60F8187B200CA20625C4.exe> in the current context! Error: Unable to interpret <[2012/05/01 14:00:00 | 000,000,961 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Startmenü\Programme\Autostart\Logitech . Produktregistrierung.lnk> in the current context! Error: Unable to interpret <[2012/04/29 11:32:48 | 000,027,920 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\phpdesigner.xml> in the current context! Error: Unable to interpret <[2012/04/27 06:59:55 | 000,000,109 | ---- | C] () -- C:\user.js> in the current context! Error: Unable to interpret <[2012/04/27 06:59:19 | 004,681,921 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\MamboV4.6.5.zip> in the current context! Error: Unable to interpret <[2012/04/26 02:10:00 | 000,545,380 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Eigene Dateien\317.JPG> in the current context! Error: Unable to interpret <[2012/04/26 02:10:00 | 000,388,950 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Eigene Dateien\313.JPG> in the current context! Error: Unable to interpret <[2012/04/24 11:21:17 | 000,001,627 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\FileZilla Client.lnk> in the current context! Error: Unable to interpret <[2012/04/24 11:17:08 | 000,001,710 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\FileZilla Server Interface.lnk> in the current context! Error: Unable to interpret <[2012/04/24 11:07:37 | 000,000,548 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\Total Commander.lnk> in the current context! Error: Unable to interpret <[2012/04/24 11:07:35 | 000,000,864 | ---- | C] () -- C:\WINDOWS\wincmd.ini> in the current context! Error: Unable to interpret <[2012/04/24 11:07:35 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF> in the current context! Error: Unable to interpret <[2012/04/24 11:07:35 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF> in the current context! Error: Unable to interpret <[2012/04/24 11:07:35 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF> in the current context! Error: Unable to interpret <[2012/04/24 11:07:35 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF> in the current context! Error: Unable to interpret <[2012/04/24 11:07:35 | 000,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF> in the current context! Error: Unable to interpret <[2012/04/24 11:07:35 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF> in the current context! Error: Unable to interpret <[2012/04/24 11:07:35 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF> in the current context! Error: Unable to interpret <[2012/04/24 11:04:51 | 000,001,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Search.lnk> in the current context! Error: Unable to interpret <[2012/04/24 11:04:51 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Windows Search.lnk> in the current context! Error: Unable to interpret <[2012/04/19 15:13:09 | 000,001,088 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job> in the current context! Error: Unable to interpret <[2012/04/19 15:13:09 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job> in the current context! Error: Unable to interpret <[2012/04/19 15:12:57 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job> in the current context! Error: Unable to interpret <[2012/04/19 15:08:47 | 000,000,418 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C160ECFC-4B5E-4CA5-BC6D-A2A9EEE79374}.job> in the current context! Error: Unable to interpret <[2012/04/19 15:06:59 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader X.lnk> in the current context! Error: Unable to interpret <[2012/04/19 15:06:58 | 000,002,299 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Adobe Reader X.lnk> in the current context! Error: Unable to interpret <[2012/04/18 13:37:15 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\E-Mail.lnk> in the current context! Error: Unable to interpret <[2012/04/17 13:08:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf> in the current context! Error: Unable to interpret <[2012/04/17 04:53:09 | 000,000,770 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk> in the current context! Error: Unable to interpret <[2012/02/17 11:46:45 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll> in the current context! Error: Unable to interpret <[2011/12/06 09:25:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe> in the current context! Error: Unable to interpret <[2011/12/06 09:25:29 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll> in the current context! Error: Unable to interpret <[2011/12/05 19:37:16 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin> in the current context! Error: Unable to interpret <[2011/12/05 19:12:22 | 000,070,376 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT> in the current context! Error: Unable to interpret <[2011/12/04 04:31:07 | 000,000,154 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat> in the current context! Error: Unable to interpret <[2011/12/04 04:24:51 | 006,430,700 | -H-- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\IconCache.db> in the current context! Error: Unable to interpret <[2011/12/04 04:24:18 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe> in the current context! Error: Unable to interpret <[2011/12/04 04:19:41 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\ntuser.ini> in the current context! Error: Unable to interpret <[2011/12/04 04:19:40 | 002,621,440 | -H-- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\NTUSER.DAT> in the current context! Error: Unable to interpret <[2011/12/04 04:17:42 | 000,262,144 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService.NT-AUTORITÄT\NTUSER.DAT> in the current context! Error: Unable to interpret <[2011/12/04 04:17:42 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\LocalService.NT-AUTORITÄT\ntuser.ini> in the current context! Error: Unable to interpret <[2011/12/04 04:15:47 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\NetworkService.NT-AUTORITÄT\ntuser.ini> in the current context! Error: Unable to interpret <[2011/12/04 04:15:46 | 000,524,288 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService.NT-AUTORITÄT\NTUSER.DAT> in the current context! Error: Unable to interpret <[2011/12/04 04:14:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat> in the current context! Error: Unable to interpret <[2011/12/04 04:11:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini> in the current context! Error: Unable to interpret <[2011/12/04 04:10:51 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest> in the current context! Error: Unable to interpret <[2011/12/04 04:10:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest> in the current context! Error: Unable to interpret <[2011/12/04 04:09:26 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat> in the current context! Error: Unable to interpret <[2011/12/04 04:09:16 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini> in the current context! Error: Unable to interpret <[2011/12/04 04:09:16 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini> in the current context! Error: Unable to interpret <[2011/12/04 04:08:47 | 000,027,055 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini> in the current context! Error: Unable to interpret <[2011/12/04 04:08:46 | 000,003,999 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini> in the current context! Error: Unable to interpret <[2011/12/04 04:04:08 | 001,106,904 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI> in the current context! Error: Unable to interpret <[2011/12/04 04:04:07 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI> in the current context! Error: Unable to interpret <[2011/12/04 04:03:05 | 000,269,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT> in the current context! Error: Unable to interpret <[2011/10/25 16:21:48 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll> in the current context! Error: Unable to interpret <[2011/10/25 16:21:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OVDecoder.dll> in the current context! Error: Unable to interpret <[2008/08/01 09:48:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll> in the current context! Error: Unable to interpret <[2008/08/01 09:48:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe> in the current context! Error: Unable to interpret <[2008/08/01 09:48:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll> in the current context! Error: Unable to interpret <[2008/08/01 09:48:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe> in the current context! Error: Unable to interpret <[2008/08/01 09:48:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll> in the current context! Error: Unable to interpret <[2008/08/01 09:48:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll> in the current context! Error: Unable to interpret <[2008/08/01 09:48:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe> in the current context! Error: Unable to interpret <[2008/08/01 09:48:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe> in the current context! Error: Unable to interpret <[2008/08/01 09:48:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll> in the current context! Error: Unable to interpret <[2008/05/26 16:23:36 | 000,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini> in the current context! Error: Unable to interpret <[2008/05/26 16:23:34 | 000,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini> in the current context! Error: Unable to interpret <[2008/05/26 16:23:32 | 000,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini> in the current context! Error: Unable to interpret <[2008/05/26 15:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin> in the current context! Error: Unable to interpret <[2008/05/26 15:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin> in the current context! Error: Unable to interpret <[2006/06/29 09:58:52 | 000,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont> in the current context! Error: Unable to interpret <[2006/06/29 09:53:56 | 000,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont> in the current context! Error: Unable to interpret <[2006/04/18 10:39:28 | 000,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont> in the current context! Error: Unable to interpret <[2006/04/18 10:39:28 | 000,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,487,716 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,444,304 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,095,702 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,072,180 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,071,022 | ---- | C] () -- C:\WINDOWS\System32\edit.com> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,054,128 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,052,777 | ---- | C] () -- C:\WINDOWS\System32\command.com> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,039,546 | ---- | C] () -- C:\WINDOWS\System32\mem.exe> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,034,032 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,027,914 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,021,542 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,021,210 | ---- | C] () -- C:\WINDOWS\System32\debug.exe> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,019,726 | ---- | C] () -- C:\WINDOWS\System32\graphics.com> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,017,241 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,014,816 | ---- | C] () -- C:\WINDOWS\System32\kb16.com> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,014,060 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,013,026 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,012,610 | ---- | C] () -- C:\WINDOWS\System32\append.exe> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,011,903 | ---- | C] () -- C:\WINDOWS\System32\setver.exe> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,009,032 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,008,584 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,007,084 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,006,287 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,004,992 | ---- | C] () -- C:\WINDOWS\System32\himem.sys> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,004,438 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,004,233 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,003,358 | ---- | C] () -- C:\WINDOWS\System32\redir.exe> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,003,262 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,001,783 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,001,273 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,001,157 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,000,552 | ---- | C] () -- C:\WINDOWS\win.ini> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,000,369 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini> in the current context! Error: Unable to interpret <[2006/02/28 08:00:00 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini> in the current context! Error: Unable to interpret <[2001/08/18 00:54:50 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe> in the current context! Error: Unable to interpret <[2001/08/18 00:54:08 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== LOP Check ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2012/04/30 15:03:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\FileZilla> in the current context! Error: Unable to interpret <[2011/12/04 04:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\InterTrust> in the current context! Error: Unable to interpret <[2012/04/17 13:08:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Leadertech> in the current context! Error: Unable to interpret <[2011/12/04 05:56:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\MSNInstaller> in the current context! Error: Unable to interpret <[2012/05/03 04:30:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Nlurjfabx> in the current context! Error: Unable to interpret <[2012/04/29 11:32:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\phpDesigner> in the current context! Error: Unable to interpret <[2012/04/27 08:19:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Softonic> in the current context! Error: Unable to interpret <[2012/04/24 11:05:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Windows Desktop Search> in the current context! Error: Unable to interpret <[2011/12/05 19:02:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\PC Drivers HeadQuarters> in the current context! Error: Unable to interpret <[2012/04/29 11:31:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\phpDesigner> in the current context! Error: Unable to interpret <[2011/12/05 19:51:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\SweetIM> in the current context! Error: Unable to interpret <[2011/12/05 19:12:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\UAB> in the current context! Error: Unable to interpret <[2012/05/07 05:30:20 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C160ECFC-4B5E-4CA5-BC6D-A2A9EEE79374}.job> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Purity Check ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << End of report > > in the current context! OTLPE by OldTimer - Version log created on 05072012_182116 kann mir jemand bitte helfen.. |
![]() | #2 |
| ![]() auch ich habe das Problem mit XP mein Destop ist gesperrt. OTL Logfile:
ATTFilter OTL logfile created on: 5/7/2012 6:18:07 PM - Run OTLPE by OldTimer - Version Folder = X:\Programs\OTLPE Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,023.00 Mb Total Physical Memory | 764.00 Mb Available Physical Memory | 75.00% Memory free 907.00 Mb Paging File | 795.00 Mb Available in Paging File | 88.00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 298.08 Gb Total Space | 283.84 Gb Free Space | 95.22% Space Free | Partition Type: NTFS Drive D: | 3.77 Gb Total Space | 3.68 Gb Free Space | 97.60% Space Free | Partition Type: FAT32 Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days Using ControlSet: ControlSet003 ========== Win32 Services (SafeList) ========== SRV - [2012/04/19 15:12:57 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/02/26 10:42:28 | 000,632,320 | ---- | M] (FileZilla Project) [Auto] -- C:\Programme\FileZilla Server\FileZilla Server.exe -- (FileZilla Server) SRV - [2012/01/31 10:09:34 | 000,158,856 | R--- | M] (Skype Technologies) [Auto] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011/12/09 07:40:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011/12/09 07:39:54 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011/05/06 05:03:10 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011/03/25 16:32:40 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2010/01/09 16:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010/01/09 16:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2008/09/08 06:09:40 | 000,184,320 | ---- | M] () [Auto] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand] -- -- (WDICA) DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) DRV - File not found [Kernel | System] -- -- (PCIDump) DRV - File not found [Kernel | System] -- -- (lbrtfdc) DRV - File not found [Kernel | System] -- -- (i2omgmt) DRV - File not found [Kernel | System] -- -- (Changer) DRV - [2012/02/17 11:54:49 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) DRV - [2011/12/09 07:40:20 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) DRV - [2011/12/09 07:40:20 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) DRV - [2011/09/02 02:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2011/09/02 02:31:10 | 000,042,648 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LEqdUsb.sys -- (LEqdUsb) DRV - [2011/09/02 02:31:10 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidEqd.sys -- (LHidEqd) DRV - [2011/09/02 02:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2010/07/12 23:13:54 | 000,894,696 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rtl8192cu.sys -- (RTL8192cu) DRV - [2010/06/17 09:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2008/09/24 05:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM) DRV - [2008/08/18 13:54:00 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts) DRV - [2008/08/01 06:36:00 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2008/08/01 06:36:00 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2001/08/17 08:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir) DRV - [1999/09/20 06:05:34 | 000,006,144 | ---- | M] (Divicore Inc.) [Kernel | System] -- C:\WINDOWS\SYSTEM32\DRIVERS\CINEMSUP.SYS -- (CINEMSUP) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?st=1&barid={A54782AB-1F93-11E1-83DC-5067F0119E66} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Lotus.LICHTZEN-349138_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKU\Lotus.LICHTZEN-349138_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKU\Lotus.LICHTZEN-349138_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\Lotus.LICHTZEN-349138_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Web News online - Aktuelles - Swisscom - Aktuelle Nachrichten - Neuigkeiten IE - HKU\Lotus.LICHTZEN-349138_ON_C\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) IE - HKU\Lotus.LICHTZEN-349138_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Programme\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/04/20 12:45:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011/12/05 08:00:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012/04/20 12:45:55 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2012/04/01 10:23:02 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/04/01 10:23:02 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012/04/01 10:23:02 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012/04/01 10:23:02 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012/04/01 10:23:02 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012/04/01 10:23:02 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006/02/28 08:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Programme\Softonic\Softonic\\bh\Softonic.dll (Softonic.com) O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Programme\Softonic\Softonic\\SoftonicTlbr.dll (Softonic.com) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programme\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKU\Lotus.LICHTZEN-349138_ON_C\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [FileZilla Server Interface] C:\Programme\FileZilla Server\FileZilla Server Interface.exe (FileZilla Project) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe () O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKU\Lotus.LICHTZEN-349138_ON_C..\Run: [1Y7C9I1C0ZWVZZ6WLKDYKBM] C:\update64\1E729812321.exe () O4 - HKU\Lotus.LICHTZEN-349138_ON_C..\Run: [200CA206] C:\WINDOWS\system32\60F8187B200CA20625C4.exe () O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Wireless N USB Dienstprogramm.lnk = C:\Programme\ZyXEL\NWD2205\NWD2205.exe (ZyXEL) O4 - Startup: C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Wireless N USB Dienstprogramm.lnk = C:\Programme\ZyXEL\NWD2205\NWD2205.exe (ZyXEL) O4 - Startup: C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Startmenü\Programme\Autostart\Logitech . Produktregistrierung.lnk = C:\Programme\Gemeinsame Dateien\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\LocalService.NT-AUTORITÄT_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Lotus.LICHTZEN-349138_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Lotus.LICHTZEN-349138_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O7 - HKU\Lotus.LICHTZEN-349138_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1 O7 - HKU\NetworkService.NT-AUTORITÄT_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA) O12 - Plugin for: .spop - C:\Programme\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.) O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab (Geräteerkennung) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\60F8187B200CA20625C4.exe) - C:\WINDOWS\system32\60F8187B200CA20625C4.exe () O27 - HKLM IFEO\msconfig.exe: Debugger - P9KDMF.EXE File not found O27 - HKLM IFEO\regedit.exe: Debugger - P9KDMF.EXE File not found O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/11/30 15:27:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/05/07 14:45:53 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\NetworkService.NT-AUTORITÄT\Recent [2012/05/07 14:45:53 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\NetworkService.NT-AUTORITÄT\Eigene Dateien [2012/05/07 13:00:12 | 000,000,000 | ---D | C] -- C:\_OTL [2012/05/07 12:53:49 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\LocalService.NT-AUTORITÄT\Recent [2012/05/07 12:53:49 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\LocalService.NT-AUTORITÄT\Eigene Dateien [2012/05/03 04:30:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Nlurjfabx [2012/05/03 04:28:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\7-Zip [2012/05/03 04:28:22 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip [2012/05/03 04:26:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\WinRAR [2012/05/03 04:26:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Startmenü\Programme\WinRAR [2012/05/03 04:26:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\WinRAR [2012/05/03 04:26:21 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR [2012/04/29 11:49:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\public_html [2012/04/29 11:48:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\public_ftp [2012/04/29 11:48:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\.cpanel [2012/04/29 11:31:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\phpDesigner [2012/04/29 11:29:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\phpDesigner 8 [2012/04/29 11:29:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\phpDesigner [2012/04/29 11:29:17 | 000,000,000 | ---D | C] -- C:\Programme\phpDesigner 8 [2012/04/27 08:19:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Softonic [2012/04/27 06:59:52 | 000,000,000 | ---D | C] -- C:\Programme\Softonic [2012/04/27 06:59:19 | 001,671,128 | ---- | C] (Softonic) -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\Softonic_ggl_1.5.21.0.exe [2012/04/26 06:58:21 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\LocalService.NT-AUTORITÄT\IETldCache [2012/04/26 02:17:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService.NT-AUTORITÄT\Lokale Einstellungen\Anwendungsdaten\Adobe [2012/04/25 11:57:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\Neuer Ordner [2012/04/24 13:05:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\zufahrt [2012/04/24 13:04:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\preisliste [2012/04/24 11:21:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\FileZilla [2012/04/24 11:21:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Startmenü\Programme\FileZilla FTP Client [2012/04/24 11:21:12 | 000,000,000 | ---D | C] -- C:\Programme\FileZilla FTP Client [2012/04/24 11:17:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\FileZilla Server [2012/04/24 11:17:06 | 000,000,000 | ---D | C] -- C:\Programme\FileZilla Server [2012/04/24 11:07:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\Help [2012/04/24 11:07:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Help [2012/04/24 11:07:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Total Commander [2012/04/24 11:07:35 | 000,000,000 | ---D | C] -- C:\totalcmd [2012/04/24 11:05:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\Identities [2012/04/24 11:05:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Windows Desktop Search [2012/04/24 11:04:45 | 000,000,000 | ---D | C] -- C:\Programme\Windows Desktop Search [2012/04/24 11:04:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy [2012/04/24 11:03:14 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll [2012/04/24 11:03:14 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll [2012/04/24 11:03:14 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll [2012/04/20 06:15:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\Adobe [2012/04/19 15:22:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Google [2012/04/19 15:18:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\Temp [2012/04/19 15:13:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService.NT-AUTORITÄT\Lokale Einstellungen\Anwendungsdaten\Google [2012/04/19 15:13:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\Google [2012/04/19 15:13:00 | 000,000,000 | ---D | C] -- C:\Programme\Google [2012/04/19 15:13:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Google [2012/04/19 15:12:57 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012/04/19 15:12:10 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\IECompatCache [2012/04/19 15:05:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Adobe [2012/04/17 13:15:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Logitech [2012/04/17 13:08:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidserv.dll [2012/04/17 13:08:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Leadertech [2012/04/17 13:08:17 | 000,016,400 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys [2012/04/17 13:08:14 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll [2012/04/17 13:07:43 | 000,012,184 | ---- | C] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LBeepKE.sys [2012/04/17 13:07:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\LogiShrd [2012/04/17 13:06:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Logitech [2012/04/17 13:06:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Logishrd [2012/04/17 12:59:22 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft [2012/04/17 12:52:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Logitech [2012/04/17 12:52:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\LogiShrd [2012/04/17 12:52:01 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\LogiShrd [2012/04/17 04:53:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Eigene Dateien\Outlook-Dateien [2012/04/14 10:57:19 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouhid.sys [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/05/07 17:55:49 | 000,262,144 | -H-- | M] () -- C:\Dokumente und Einstellungen\LocalService.NT-AUTORITÄT\NTUSER.DAT [2012/05/07 14:48:33 | 000,524,288 | -H-- | M] () -- C:\Dokumente und Einstellungen\NetworkService.NT-AUTORITÄT\NTUSER.DAT [2012/05/07 14:39:29 | 002,621,440 | -H-- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\NTUSER.DAT [2012/05/07 10:30:27 | 000,188,791 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2012/05/07 10:30:24 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/05/07 10:30:21 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/05/07 10:30:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2012/05/07 10:30:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/05/07 10:28:04 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/05/07 05:34:12 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/05/07 05:34:12 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/05/07 05:30:20 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C160ECFC-4B5E-4CA5-BC6D-A2A9EEE79374}.job [2012/05/07 05:03:54 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\ntuser.ini [2012/05/04 03:12:10 | 006,430,700 | -H-- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\IconCache.db [2012/05/03 23:52:20 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh325 [2012/05/03 23:41:54 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh324 [2012/05/03 23:27:28 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh323 [2012/05/03 23:26:12 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh322 [2012/05/03 23:23:16 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh321 [2012/05/03 23:20:38 | 000,481,078 | ---- | M] () -- C:\WINDOWS\System32\winsh320 [2012/05/03 04:28:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\7-Zip [2012/05/03 04:27:24 | 000,102,912 | -H-- | M] () -- C:\WINDOWS\System32\60F8187B200CA20625C4.exe [2012/05/03 04:26:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\WinRAR [2012/05/01 14:00:00 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Startmenü\Programme\Autostart\Logitech . Produktregistrierung.lnk [2012/04/30 06:09:00 | 000,000,864 | ---- | M] () -- C:\WINDOWS\wincmd.ini [2012/04/29 14:58:53 | 000,027,920 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\phpdesigner.xml [2012/04/29 11:29:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\phpDesigner 8 [2012/04/28 04:48:42 | 000,000,548 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\Total Commander.lnk [2012/04/27 06:59:55 | 000,000,109 | ---- | M] () -- C:\user.js [2012/04/27 06:59:49 | 001,671,128 | ---- | M] (Softonic) -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\Softonic_ggl_1.5.21.0.exe [2012/04/27 06:59:44 | 004,681,921 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\MamboV4.6.5.zip [2012/04/26 02:10:00 | 000,545,380 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Eigene Dateien\317.JPG [2012/04/26 02:10:00 | 000,388,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Eigene Dateien\313.JPG [2012/04/24 11:21:17 | 000,001,627 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\FileZilla Client.lnk [2012/04/24 11:17:08 | 000,001,710 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\FileZilla Server Interface.lnk [2012/04/24 11:17:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\FileZilla Server [2012/04/24 11:11:45 | 000,002,299 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Adobe Reader X.lnk [2012/04/24 11:07:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Total Commander [2012/04/24 11:04:52 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012/04/24 11:04:51 | 000,001,771 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Search.lnk [2012/04/24 11:04:51 | 000,001,755 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Windows Search.lnk [2012/04/24 11:04:51 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart [2012/04/24 11:04:48 | 001,106,904 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2012/04/24 11:04:48 | 000,487,716 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012/04/24 11:04:48 | 000,095,702 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012/04/19 16:11:16 | 000,000,131 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\MSN.de.url [2012/04/19 15:12:57 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012/04/19 15:12:56 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012/04/19 15:06:59 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader X.lnk [2012/04/18 13:37:16 | 000,000,104 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\E-Mail.lnk [2012/04/17 14:38:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Logitech [2012/04/17 13:08:17 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\WINDOWS\System32\drivers\LNonPnP.sys [2012/04/17 13:08:17 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [2012/04/17 12:59:59 | 000,000,795 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Browser starten.lnk [2012/04/17 05:02:28 | 000,070,376 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT [2012/04/17 04:53:09 | 000,000,770 | ---- | M] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk [2012/04/14 21:02:32 | 000,000,552 | ---- | M] () -- C:\WINDOWS\win.ini [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/05/04 02:52:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012/05/04 02:44:24 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh325 [2012/05/04 02:44:23 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh324 [2012/05/04 02:44:23 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh323 [2012/05/04 02:44:23 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh322 [2012/05/04 02:44:23 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh321 [2012/05/04 02:44:23 | 000,481,078 | ---- | C] () -- C:\WINDOWS\System32\winsh320 [2012/05/03 04:27:24 | 000,102,912 | -H-- | C] () -- C:\WINDOWS\System32\60F8187B200CA20625C4.exe [2012/05/01 14:00:00 | 000,000,961 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Startmenü\Programme\Autostart\Logitech . Produktregistrierung.lnk [2012/04/29 11:32:48 | 000,027,920 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\phpdesigner.xml [2012/04/27 06:59:55 | 000,000,109 | ---- | C] () -- C:\user.js [2012/04/27 06:59:19 | 004,681,921 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\MamboV4.6.5.zip [2012/04/26 02:10:00 | 000,545,380 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Eigene Dateien\317.JPG [2012/04/26 02:10:00 | 000,388,950 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Eigene Dateien\313.JPG [2012/04/24 11:21:17 | 000,001,627 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\FileZilla Client.lnk [2012/04/24 11:17:08 | 000,001,710 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\FileZilla Server Interface.lnk [2012/04/24 11:07:37 | 000,000,548 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\Total Commander.lnk [2012/04/24 11:07:35 | 000,000,864 | ---- | C] () -- C:\WINDOWS\wincmd.ini [2012/04/24 11:07:35 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF [2012/04/24 11:07:35 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF [2012/04/24 11:07:35 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF [2012/04/24 11:07:35 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF [2012/04/24 11:07:35 | 000,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF [2012/04/24 11:07:35 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF [2012/04/24 11:07:35 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF [2012/04/24 11:04:51 | 000,001,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Windows Search.lnk [2012/04/24 11:04:51 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Windows Search.lnk [2012/04/19 15:13:09 | 000,001,088 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/04/19 15:13:09 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/04/19 15:12:57 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/04/19 15:08:47 | 000,000,418 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C160ECFC-4B5E-4CA5-BC6D-A2A9EEE79374}.job [2012/04/19 15:06:59 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader X.lnk [2012/04/19 15:06:58 | 000,002,299 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Adobe Reader X.lnk [2012/04/18 13:37:15 | 000,000,104 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Desktop\E-Mail.lnk [2012/04/17 13:08:17 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf [2012/04/17 04:53:09 | 000,000,770 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk [2012/02/17 11:46:45 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2011/12/06 09:25:49 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2011/12/06 09:25:29 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2011/12/05 19:37:16 | 000,004,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin [2011/12/05 19:12:22 | 000,070,376 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT [2011/12/04 04:31:07 | 000,000,154 | ---- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2011/12/04 04:24:51 | 006,430,700 | -H-- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Lokale Einstellungen\Anwendungsdaten\IconCache.db [2011/12/04 04:24:18 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe [2011/12/04 04:19:41 | 000,000,190 | -HS- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\ntuser.ini [2011/12/04 04:19:40 | 002,621,440 | -H-- | C] () -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\NTUSER.DAT [2011/12/04 04:17:42 | 000,262,144 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService.NT-AUTORITÄT\NTUSER.DAT [2011/12/04 04:17:42 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\LocalService.NT-AUTORITÄT\ntuser.ini [2011/12/04 04:15:47 | 000,000,020 | -HS- | C] () -- C:\Dokumente und Einstellungen\NetworkService.NT-AUTORITÄT\ntuser.ini [2011/12/04 04:15:46 | 000,524,288 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService.NT-AUTORITÄT\NTUSER.DAT [2011/12/04 04:14:02 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011/12/04 04:11:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2011/12/04 04:10:51 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2011/12/04 04:10:46 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2011/12/04 04:09:26 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011/12/04 04:09:16 | 000,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2011/12/04 04:09:16 | 000,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2011/12/04 04:08:47 | 000,027,055 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2011/12/04 04:08:46 | 000,003,999 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2011/12/04 04:04:08 | 001,106,904 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2011/12/04 04:04:07 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011/12/04 04:03:05 | 000,269,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011/10/25 16:21:48 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll [2011/10/25 16:21:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\OVDecoder.dll [2008/08/01 09:48:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2008/08/01 09:48:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe [2008/08/01 09:48:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2008/08/01 09:48:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe [2008/08/01 09:48:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2008/08/01 09:48:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008/08/01 09:48:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe [2008/08/01 09:48:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe [2008/08/01 09:48:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2008/05/26 16:23:36 | 000,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini [2008/05/26 16:23:34 | 000,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini [2008/05/26 16:23:32 | 000,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini [2008/05/26 15:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin [2008/05/26 15:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin [2006/06/29 09:58:52 | 000,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont [2006/06/29 09:53:56 | 000,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont [2006/04/18 10:39:28 | 000,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont [2006/04/18 10:39:28 | 000,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont [2006/02/28 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2006/02/28 08:00:00 | 001,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2006/02/28 08:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2006/02/28 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2006/02/28 08:00:00 | 000,487,716 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2006/02/28 08:00:00 | 000,444,304 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2006/02/28 08:00:00 | 000,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll [2006/02/28 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2006/02/28 08:00:00 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2006/02/28 08:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2006/02/28 08:00:00 | 000,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll [2006/02/28 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2006/02/28 08:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2006/02/28 08:00:00 | 000,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2006/02/28 08:00:00 | 000,095,702 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2006/02/28 08:00:00 | 000,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2006/02/28 08:00:00 | 000,072,180 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2006/02/28 08:00:00 | 000,071,022 | ---- | C] () -- C:\WINDOWS\System32\edit.com [2006/02/28 08:00:00 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2006/02/28 08:00:00 | 000,054,128 | ---- | C] () -- C:\WINDOWS\System32\dosx.exe [2006/02/28 08:00:00 | 000,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2006/02/28 08:00:00 | 000,052,777 | ---- | C] () -- C:\WINDOWS\System32\command.com [2006/02/28 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2006/02/28 08:00:00 | 000,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2006/02/28 08:00:00 | 000,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2006/02/28 08:00:00 | 000,039,546 | ---- | C] () -- C:\WINDOWS\System32\mem.exe [2006/02/28 08:00:00 | 000,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2006/02/28 08:00:00 | 000,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2006/02/28 08:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2006/02/28 08:00:00 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2006/02/28 08:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2006/02/28 08:00:00 | 000,034,032 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2006/02/28 08:00:00 | 000,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2006/02/28 08:00:00 | 000,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2006/02/28 08:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2006/02/28 08:00:00 | 000,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2006/02/28 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2006/02/28 08:00:00 | 000,027,914 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2006/02/28 08:00:00 | 000,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2006/02/28 08:00:00 | 000,021,542 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini [2006/02/28 08:00:00 | 000,021,210 | ---- | C] () -- C:\WINDOWS\System32\debug.exe [2006/02/28 08:00:00 | 000,019,726 | ---- | C] () -- C:\WINDOWS\System32\graphics.com [2006/02/28 08:00:00 | 000,017,241 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2006/02/28 08:00:00 | 000,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2006/02/28 08:00:00 | 000,014,816 | ---- | C] () -- C:\WINDOWS\System32\kb16.com [2006/02/28 08:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2006/02/28 08:00:00 | 000,014,060 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2006/02/28 08:00:00 | 000,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [2006/02/28 08:00:00 | 000,013,026 | ---- | C] () -- C:\WINDOWS\System32\edlin.exe [2006/02/28 08:00:00 | 000,012,610 | ---- | C] () -- C:\WINDOWS\System32\append.exe [2006/02/28 08:00:00 | 000,011,903 | ---- | C] () -- C:\WINDOWS\System32\setver.exe [2006/02/28 08:00:00 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll [2006/02/28 08:00:00 | 000,009,032 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2006/02/28 08:00:00 | 000,008,584 | ---- | C] () -- C:\WINDOWS\System32\exe2bin.exe [2006/02/28 08:00:00 | 000,007,084 | ---- | C] () -- C:\WINDOWS\System32\nlsfunc.exe [2006/02/28 08:00:00 | 000,006,287 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2006/02/28 08:00:00 | 000,004,992 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2006/02/28 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2006/02/28 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat [2006/02/28 08:00:00 | 000,004,438 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2006/02/28 08:00:00 | 000,004,233 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2006/02/28 08:00:00 | 000,003,358 | ---- | C] () -- C:\WINDOWS\System32\redir.exe [2006/02/28 08:00:00 | 000,003,262 | ---- | C] () -- C:\WINDOWS\System32\nw16.exe [2006/02/28 08:00:00 | 000,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv [2006/02/28 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin [2006/02/28 08:00:00 | 000,001,783 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2006/02/28 08:00:00 | 000,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2006/02/28 08:00:00 | 000,001,273 | ---- | C] () -- C:\WINDOWS\System32\loadfix.com [2006/02/28 08:00:00 | 000,001,157 | ---- | C] () -- C:\WINDOWS\System32\vwipxspx.exe [2006/02/28 08:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\share.exe [2006/02/28 08:00:00 | 000,000,882 | ---- | C] () -- C:\WINDOWS\System32\fastopen.exe [2006/02/28 08:00:00 | 000,000,817 | ---- | C] () -- C:\WINDOWS\System32\mscdexnt.exe [2006/02/28 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2006/02/28 08:00:00 | 000,000,552 | ---- | C] () -- C:\WINDOWS\win.ini [2006/02/28 08:00:00 | 000,000,369 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2006/02/28 08:00:00 | 000,000,231 | ---- | C] () -- C:\WINDOWS\system.ini [2001/08/18 00:54:50 | 000,057,856 | ---- | C] () -- C:\WINDOWS\System32\dvdplay.exe [2001/08/18 00:54:08 | 000,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll ========== LOP Check ========== [2012/04/30 15:03:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\FileZilla [2011/12/04 04:57:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\InterTrust [2012/04/17 13:08:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Leadertech [2011/12/04 05:56:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\MSNInstaller [2012/05/03 04:30:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Nlurjfabx [2012/04/29 11:32:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\phpDesigner [2012/04/27 08:19:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Softonic [2012/04/24 11:05:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Windows Desktop Search [2011/12/05 19:02:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\PC Drivers HeadQuarters [2012/04/29 11:31:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\phpDesigner [2011/12/05 19:51:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\SweetIM [2011/12/05 19:12:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\UAB [2012/05/07 05:30:20 | 000,000,418 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C160ECFC-4B5E-4CA5-BC6D-A2A9EEE79374}.job ========== Purity Check ========== < End of report > das ist das andere log. |
![]() | #3 |
/// Malware-holic ![]() ![]() ![]() ![]() ![]() ![]() | ![]() auch ich habe das Problem mit XP mein Destop ist gesperrt. hi
__________________auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort rein: Code:
ATTFilter :OTL O4 - HKU\Lotus.LICHTZEN-349138_ON_C..\Run: [200CA206] C:\WINDOWS\system32\60F8187B200CA20625C4.exe () O4 - HKU\Lotus.LICHTZEN-349138_ON_C..\Run: [1Y7C9I1C0ZWVZZ6WLKDYKBM] C:\update64\1E729812321.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1 O7 - HKU\Lotus.LICHTZEN-349138_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O7 - HKU\Lotus.LICHTZEN-349138_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1 O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\60F8187B200CA20625C4.exe) - C:\WINDOWS\system32\60F8187B200CA20625C4.exe () O27 - HKLM IFEO\msconfig.exe: Debugger - P9KDMF.EXE File not found O27 - HKLM IFEO\regedit.exe: Debugger - P9KDMF.EXE File not found O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found [2012/05/03 04:30:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lotus.LICHTZEN-349138\Anwendungsdaten\Nlurjfabx :Files :Commands [purity] [EMPTYFLASH] [emptytemp] [Reboot] dieses speicherst du auf nem usb stick als fix.txt nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist. • Klicke nun bitte auf den Fix Button. es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick. wenn dies nicht funktioniert, bitte den fix manuell eintragen. dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen, log posten bitte.
__________________ |
![]() | #4 |
| ![]() auch ich habe das Problem mit XP mein Destop ist gesperrt. danke hat geholfen nun ist meine Freundin mir den gleichen problem da.. wäre nett wenn du mir da wieder helfen kannst-. |
![]() | #5 |
/// Malware-holic ![]() ![]() ![]() ![]() ![]() ![]() | ![]() auch ich habe das Problem mit XP mein Destop ist gesperrt. neues thema bitte eröffnen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
![]() |
Themen zu auch ich habe das Problem mit XP mein Destop ist gesperrt. |
0x00000001, 7-zip, bingbar, cache.dat, destop, disabletaskmgr, document, flashplayerapp.exe, flashplayercplapp.cpl, gdipfontcachev1.dat, gesperrt, launch, opfer, problem, softonic, total commander |