| |
| |||||||
Log-Analyse und Auswertung: GVU Trojaner und Exploit.Drop.GSWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
03.09.2012, 13:04
| #1 |
| |  GVU Trojaner und Exploit.Drop.GS Hallo an alle! Vor zwei Tagen hatte ich plötzlich einen blockierten Bildschirm dank des Bundespolizeitrojaners. Über den abgesichtern Modus habe ich das System auf einen früheren Speicherpunkt zurückgesetzt. Danach konnte ich den Laptop normal starten und habe einen Scan mit Malwarebytes durchgeführt. Dabei fand das Programm den Trojaner Exploit.Drop.GS. Nach einer kurzen Suchen im Internet bin ich auf dieses Forum gestoßen und habe mich an die Ratgeber gehalten, die hier gepostet sind, was heißt, dass ich eine Rescue Disk von Kaspersky erstellt habe, mithilfe dieser meinen Laptop gescannt habe (währenddessen auch 5 oder 6 Funde erzielt wurden), alles gelöscht, neugestartet und einen kompletten Scan mit Malwarebytes gemacht habe (keine Funde). An und für sich läuft wieder alles normal, auch wurden mal wieder alle Datenbanken aktualisiert, etc. Ich würde trotzdem um einen kurzen Blick auf die OTL Logfiles bitten, um sicher zu gehen, dass nicht doch noch irgendwas im Argen ist. Vielen Dank im Voraus! Viele Grüße, Lydia Hier noch die Logs: Code:
ATTFilter OTL logfile created on: 02.09.2012 22:30:08 - Run 2 OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Lydia\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 1014,36 Mb Total Physical Memory | 276,34 Mb Available Physical Memory | 27,24% Memory free 2,38 Gb Paging File | 1,63 Gb Available in Paging File | 68,59% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 55,89 Gb Total Space | 3,89 Gb Free Space | 6,96% Space Free | Partition Type: NTFS Computer Name: MIEZER | User Name: Lydia | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) PRC - C:\Documents and Settings\Lydia\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited) PRC - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation) PRC - C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) PRC - C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) PRC - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.) PRC - C:\WINDOWS\system32\acs.exe (Atheros) PRC - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) ========== Modules (No Company Name) ========== MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll () MOD - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.DEU () MOD - C:\Program Files\Mozilla Firefox\mozjs.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll () MOD - C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll () MOD - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF () MOD - C:\WINDOWS\system32\vpnapi.dll () MOD - C:\WINDOWS\system32\btwicons.dll () MOD - C:\Program Files\ThinkPad\Bluetooth Software\BTKeyInd.dll () MOD - C:\WINDOWS\system32\devenum.dll () MOD - C:\WINDOWS\system32\msdmo.dll () ========== Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG) SRV - (SUService) -- C:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited) SRV - (S24EventMonitor) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe (Intel(R) Corporation) SRV - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (CVPND) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) SRV - (btwdins) -- C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.) SRV - (acs) -- C:\WINDOWS\system32\acs.exe (Atheros) SRV - (ThinkVantage Registry Monitor Service) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (Changer) -- File not found DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (psadd) -- C:\WINDOWS\system32\drivers\psadd.sys (Lenovo (United States) Inc.) DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH) DRV - (ssudserd) -- C:\WINDOWS\system32\drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (ssudmdm) -- C:\WINDOWS\system32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (dg_ssudbus) -- C:\WINDOWS\system32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (mv64xxmm) -- C:\WINDOWS\System32\drivers\mv64xxmm.sys (Marvell Semiconductor Inc.) DRV - (iastor9) -- C:\WINDOWS\System32\drivers\iastor9.sys (Intel Corporation) DRV - (mvxxmm) -- C:\WINDOWS\System32\drivers\mvxxmm.sys (Marvell Semiconductor Inc.) DRV - (mv61xxmm) -- C:\WINDOWS\System32\drivers\mv61xxmm.sys (Marvell Semiconductor Inc.) DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.) DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.) DRV - (HSFHWAZL) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.) DRV - (AR5416) -- C:\WINDOWS\system32\drivers\athw.sys (Atheros Communications, Inc.) DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.) DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.) DRV - (WSIMD) -- C:\WINDOWS\system32\drivers\wsimd.sys (Atheros Communications, Inc.) DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.) DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs, LLC) DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.) DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {6B528F7B-1290-4F85-BA27-8515B393FF4B} IE - HKLM\..\SearchScopes\{6B528F7B-1290-4F85-BA27-8515B393FF4B}: "URL" = hxxp://www.google.com/search?q={searchTerms} IE - HKLM\..\SearchScopes\{6BA4BBC5-3A34-465E-A7AD-CA216AD72022}: "URL" = hxxp://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1645522239-1078081533-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-1645522239-1078081533-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-1645522239-1078081533-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1645522239-1078081533-1417001333-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 5F B5 7A A9 CF CC 01 [binary data] IE - HKU\S-1-5-21-1645522239-1078081533-1417001333-1003\..\SearchScopes,DefaultScope = {6B528F7B-1290-4F85-BA27-8515B393FF4B} IE - HKU\S-1-5-21-1645522239-1078081533-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1645522239-1078081533-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google" FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {DCBD1271-D228-4082-9FBC-36D9B7660B03}:1.1.9.1 FF - prefs.js..extensions.enabledItems: {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.94 FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1 FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8 FF - prefs.js..extensions.enabledItems: {d37dc5d0-431d-44e5-8c91-49419370caa1}:2.6.18 FF - prefs.js..extensions.enabledItems: furiganainjector@yayakoshi.net:2.2.2 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: kitsune@kitsune.sourceforge.net:0.1.5 FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:5.0.1 FF - prefs.js..extensions.enabledItems: {0620B69D-7B58-416d-A92A-0198860C2757}:3.0.2009060901 FF - prefs.js..extensions.enabledItems: amznUWL@amazon.com:2.12 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.3.0244 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 FF - prefs.js..extensions.enabledItems: rikaichan-jpen@polarcloud.com:2.01.101002 FF - prefs.js..extensions.enabledItems: rikaichan-jpde@polarcloud.com:2.01.101002 FF - prefs.js..extensions.enabledItems: rikaichan-jpnames@polarcloud.com:2.01.101002 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {64e8cc5b-20db-4212-8320-178fc5ae71f7}:1.5 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2 FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:5.0.4.0 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2 FF - prefs.js..extensions.enabledItems: {84e53b2b-b8f6-4b9a-ab0c-fc293d0f7a45}:3.3.3.2 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q=" FF - prefs.js..network.proxy.http: "199.195.109.21" FF - prefs.js..network.proxy.http_port: 9090 FF - prefs.js..network.proxy.type: 0 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.01 13:32:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.15 19:59:02 | 000,000,000 | ---D | M] [2012.01.10 21:24:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lydia\Application Data\mozilla\Extensions [2012.09.01 13:47:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lydia\Application Data\mozilla\Firefox\Profiles\ajzs463t.default\extensions [2012.08.03 16:49:52 | 000,000,000 | ---D | M] (Rikaichan) -- C:\Documents and Settings\Lydia\Application Data\mozilla\Firefox\Profiles\ajzs463t.default\extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82} [2012.08.13 23:26:10 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Lydia\Application Data\mozilla\Firefox\Profiles\ajzs463t.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2012.01.21 18:57:10 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\Lydia\Application Data\mozilla\Firefox\Profiles\ajzs463t.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2012.01.10 22:11:47 | 000,000,000 | ---D | M] (Remove It Permanently) -- C:\Documents and Settings\Lydia\Application Data\mozilla\Firefox\Profiles\ajzs463t.default\extensions\{1dbc4a33-ea62-4330-966c-7bdad3455322} [2012.09.01 13:32:15 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Lydia\Application Data\mozilla\Firefox\Profiles\ajzs463t.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(2) [2012.03.30 09:19:35 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Lydia\Application Data\mozilla\Firefox\Profiles\ajzs463t.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.08.26 10:06:20 | 000,000,000 | ---D | M] (FoxClocks) -- C:\Documents and Settings\Lydia\Application Data\mozilla\Firefox\Profiles\ajzs463t.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1} [2012.05.18 10:57:22 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Documents and Settings\Lydia\Application Data\mozilla\Firefox\Profiles\ajzs463t.default\extensions\ich@maltegoetz.de [2012.01.10 22:11:56 | 000,000,000 | ---D | M] (Rikaichan Japanese-German Dictionary File) -- C:\Documents and Settings\Lydia\Application Data\mozilla\Firefox\Profiles\ajzs463t.default\extensions\rikaichan-jpde@polarcloud.com [2012.01.10 22:11:55 | 000,000,000 | ---D | M] (Rikaichan Japanese-English Dictionary File) -- C:\Documents and Settings\Lydia\Application Data\mozilla\Firefox\Profiles\ajzs463t.default\extensions\rikaichan-jpen@polarcloud.com [2012.01.10 22:11:54 | 000,000,000 | ---D | M] (Rikaichan Japanese Names Dictionary File) -- C:\Documents and Settings\Lydia\Application Data\mozilla\Firefox\Profiles\ajzs463t.default\extensions\rikaichan-jpnames@polarcloud.com [2012.09.02 11:04:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lydia\Application Data\Mozilla\Firefox\Profiles\ajzs463t.default\searchplugins\icqplugin-2.xml [2011.08.31 19:52:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lydia\Application Data\Mozilla\Firefox\Profiles\ajzs463t.default\searchplugins\icqplugin-3.xml [2011.09.07 19:16:34 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lydia\Application Data\Mozilla\Firefox\Profiles\ajzs463t.default\searchplugins\icqplugin-4.xml [2011.09.30 23:15:04 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lydia\Application Data\Mozilla\Firefox\Profiles\ajzs463t.default\searchplugins\icqplugin-5.xml [2011.11.09 14:23:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Lydia\Application Data\Mozilla\Firefox\Profiles\ajzs463t.default\searchplugins\icqplugin-6.xml [2011.06.16 23:17:18 | 000,001,056 | ---- | M] () -- C:\Documents and Settings\Lydia\Application Data\Mozilla\Firefox\Profiles\ajzs463t.default\searchplugins\icqplugin.xml [2012.03.11 23:45:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012.03.11 23:45:59 | 000,000,000 | ---D | M] (QuickStores-Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\quickstores@quickstores.de [2012.08.27 09:36:04 | 000,222,566 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\LYDIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\AJZS463T.DEFAULT\EXTENSIONS\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.XPI [2012.08.31 10:18:22 | 000,527,328 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\LYDIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\AJZS463T.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI [2011.10.30 11:52:48 | 000,434,392 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\LYDIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\AJZS463T.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI [2012.06.21 09:55:17 | 000,109,964 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\LYDIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\AJZS463T.DEFAULT\EXTENSIONS\ADBLOCKPOPUPS@JESSEHAKANEN.NET.XPI [2012.08.12 16:02:42 | 000,122,406 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\LYDIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\AJZS463T.DEFAULT\EXTENSIONS\GIORGIO@GILESTRO.TK.XPI [2012.06.20 00:29:04 | 000,330,316 | ---- | M] () (No name found) -- C:\DOCUMENTS AND SETTINGS\LYDIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\AJZS463T.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI [2012.07.19 02:05:51 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.12.09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012.02.12 14:26:45 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.30 08:41:36 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.02.12 14:26:45 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.02.12 14:26:45 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.12 14:26:45 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.12 14:26:45 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2008.04.14 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe File not found O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\BTTray.lnk = C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk = C:\WINDOWS\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1645522239-1078081533-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Senden an &Bluetooth-Gerät... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Senden an Bluetooth - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{17F9C030-17A1-4380-B6D3-5F6FD4A1DE90}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Lydia\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Lydia\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.01.10 15:50:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.09.02 19:21:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012.09.02 19:17:01 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012.09.02 19:16:52 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012.09.02 19:16:51 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012.09.02 19:16:51 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012.09.02 17:13:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lydia\My Documents\Kaspersky Log [2012.09.02 17:05:55 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2012.09.02 14:25:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lydia\Desktop\rescue [2012.09.02 14:25:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lydia\Desktop\boot [2012.09.02 13:50:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lydia\Desktop\usb [2012.09.01 13:50:05 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lydia\Desktop\OTL.exe [2012.09.01 13:39:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lydia\Local Settings\Application Data\WMTools Downloaded Files [2012.09.01 13:39:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Lydia\My Documents\My Videos [2012.09.01 02:28:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lydia\My Documents\Originalsjzu [2012.08.14 22:24:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lydia\My Documents\Originals [2012.08.12 16:27:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Lydia\Recent [2012.08.10 12:06:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lydia\My Documents\Any Video Converter [2012.08.10 12:06:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lydia\Application Data\AnvSoft [2012.08.10 12:04:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AnvSoft [2012.08.10 12:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft [2012.08.08 18:36:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Avira [2012.08.08 10:35:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lydia\My Documents\Eigene Scans [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.09.02 22:33:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012.09.02 22:18:32 | 000,002,447 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VPN Client.lnk [2012.09.02 22:18:29 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012.09.02 22:18:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.09.02 21:46:01 | 000,001,096 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012.09.02 19:16:32 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2012.09.02 19:16:30 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2012.09.02 19:16:30 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2012.09.02 19:16:30 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2012.09.02 19:16:30 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2012.09.02 19:16:30 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2012.09.02 19:16:30 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2012.09.02 13:06:36 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2012.09.02 12:55:59 | 000,379,463 | ---- | M] () -- C:\Documents and Settings\Lydia\Desktop\GVU-Trojaner entfernen - Trojaner-Board.pdf [2012.09.02 12:41:48 | 000,459,970 | ---- | M] () -- C:\Documents and Settings\Lydia\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten_ - Trojaner-Board.pdf [2012.09.01 13:50:09 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lydia\Desktop\OTL.exe [2012.09.01 12:12:47 | 004,503,728 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\nud0repor.pad [2012.09.01 12:10:49 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.09.01 11:48:31 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.09.01 02:28:47 | 000,435,066 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_la2yba9Np31qbyea4.png [2012.08.31 13:19:53 | 000,060,475 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\291899_10151028556225172_445594245_n.jpg [2012.08.31 00:23:58 | 000,062,975 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\Two-faced-cat.jpg [2012.08.31 00:23:52 | 000,066,877 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\venus.jpg [2012.08.31 00:23:48 | 000,161,563 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\chimera-cat-1.jpg [2012.08.31 00:23:44 | 000,047,440 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\funny-cat-two-face-different-eyes-color.jpg [2012.08.31 00:23:37 | 000,033,882 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\R48VD.jpg [2012.08.31 00:23:34 | 000,042,493 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\Z7WZH.jpg [2012.08.28 23:39:48 | 000,159,490 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\screen-capture.png [2012.08.28 11:15:49 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2012.08.28 11:15:49 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2012.08.27 19:24:11 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2012.08.27 10:50:23 | 000,035,707 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\555699_256452831124691_928408394_n.jpg [2012.08.27 10:50:14 | 000,032,610 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\417426_255870754516232_1500006814_n.jpg [2012.08.21 16:11:19 | 000,401,637 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\hq3~3.jpg [2012.08.19 23:08:08 | 000,104,492 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\awwww.jpg [2012.08.18 20:33:32 | 000,459,743 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\bellbum.jpg [2012.08.18 20:30:04 | 000,242,509 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\cumberbum.jpg [2012.08.18 20:25:54 | 001,386,580 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0615.jpg [2012.08.18 20:25:47 | 001,378,794 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0614.jpg [2012.08.18 20:25:37 | 001,341,214 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0613.jpg [2012.08.17 18:59:11 | 001,034,143 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0612.jpg [2012.08.17 18:59:07 | 001,132,934 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0611.jpg [2012.08.17 17:32:55 | 004,885,066 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\paul_banks_the_base.mp3 [2012.08.17 10:11:48 | 000,199,344 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.08.17 01:58:45 | 000,000,584 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012.08.16 00:37:47 | 000,048,161 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\jawn.jpg [2012.08.15 22:26:02 | 000,243,167 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\attimo.jpg [2012.08.15 22:20:23 | 000,297,493 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\bett.jpg [2012.08.15 22:12:40 | 001,949,646 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\lampe.jpg [2012.08.15 22:08:12 | 002,107,495 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\po3.jpg [2012.08.15 22:06:27 | 001,561,723 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\po2.jpg [2012.08.15 22:04:43 | 001,476,461 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\po.jpg [2012.08.15 22:02:57 | 000,128,000 | -H-- | M] () -- C:\Documents and Settings\Lydia\My Documents\photothumb.db [2012.08.15 20:31:46 | 000,045,646 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_m3smixIauj1rrnlpso1_400.jpg [2012.08.15 19:20:10 | 001,147,337 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0608.jpg [2012.08.15 19:20:07 | 001,156,919 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0607.jpg [2012.08.15 19:20:01 | 001,141,189 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0606.jpg [2012.08.15 19:19:50 | 001,119,664 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0605.jpg [2012.08.15 19:19:36 | 001,038,347 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0604.jpg [2012.08.15 18:49:03 | 001,179,979 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0603.jpg [2012.08.15 18:48:56 | 001,192,781 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0602.jpg [2012.08.15 16:36:19 | 001,199,169 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0601.jpg [2012.08.15 16:36:11 | 001,247,444 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0600.jpg [2012.08.15 16:36:04 | 001,131,401 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0599.jpg [2012.08.15 16:00:52 | 001,197,371 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0598.jpg [2012.08.15 16:00:43 | 001,064,837 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0597.jpg [2012.08.15 16:00:19 | 001,149,501 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0596.jpg [2012.08.15 15:59:52 | 000,968,934 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0595.jpg [2012.08.15 15:59:23 | 001,096,711 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0594.jpg [2012.08.15 15:59:09 | 001,116,252 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0593.jpg [2012.08.15 15:58:41 | 001,210,666 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0592.jpg [2012.08.15 15:58:34 | 001,229,667 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0591.jpg [2012.08.15 00:32:00 | 000,797,793 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_m8ql8wo17N1qffmheo5_1280.jpg [2012.08.15 00:31:56 | 000,603,918 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_m8ql8wo17N1qffmheo3_1280.jpg [2012.08.14 22:24:35 | 000,640,177 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\Sherlock Holmes Museum.jpg [2012.08.14 22:22:35 | 000,210,937 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\sherlockbild.jpg [2012.08.14 21:55:10 | 000,497,193 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_m6877lP11i1rwcc6bo1_400.gif [2012.08.12 20:34:36 | 000,327,273 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\druckula.jpg [2012.08.12 20:32:17 | 001,701,448 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\schirm.jpg [2012.08.12 15:19:32 | 000,002,523 | ---- | M] () -- C:\Documents and Settings\Lydia\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk [2012.08.12 14:19:20 | 002,334,485 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\mieze.jpg [2012.08.12 12:58:52 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\Lydia\Application Data\Microsoft\Internet Explorer\Quick Launch\ Malwarebytes Anti-Malware .lnk [2012.08.11 17:58:21 | 001,206,094 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0590.jpg [2012.08.11 17:02:57 | 001,013,475 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0585.jpg [2012.08.11 15:04:59 | 001,135,935 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0584.jpg [2012.08.10 01:06:41 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Lydia\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.08.09 23:30:21 | 000,851,879 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_lzrxobCCXv1r2bb3n.gif [2012.08.09 22:57:54 | 000,362,662 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_m4tpnxNfCI1qivy0do1_1280.jpg [2012.08.09 22:49:12 | 000,683,670 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_m6k0ostrJw1rn6992.gif [2012.08.08 14:59:09 | 001,753,053 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0568_2.jpg [2012.08.08 12:07:56 | 001,790,333 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0568.jpg [2012.08.08 12:01:58 | 001,051,636 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\Sherlock Rahmen.jpg [2012.08.08 12:01:13 | 000,169,064 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\Sherlock Profil.jpg [2012.08.08 11:00:28 | 000,378,157 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\kartemaria.jpg [2012.08.08 10:38:53 | 000,747,550 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0573.jpg [2012.08.08 10:38:34 | 001,009,056 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0572.jpg [2012.08.08 10:38:13 | 001,060,117 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0571.jpg [2012.08.08 10:38:04 | 001,034,445 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0570.jpg [2012.08.08 10:37:56 | 001,031,531 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0569.jpg [2012.08.08 10:37:41 | 000,900,096 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0567.jpg [2012.08.08 10:37:14 | 000,934,000 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0566.jpg [2012.08.07 22:44:34 | 000,298,961 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\miezerbein.jpg [2012.08.07 17:35:40 | 001,131,438 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0565.jpg [2012.08.07 17:35:26 | 000,984,109 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0564.jpg [2012.08.07 17:35:16 | 001,115,536 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0563.jpg [2012.08.07 17:35:03 | 001,128,852 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0562.jpg [2012.08.07 17:34:56 | 001,010,725 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0561.jpg [2012.08.07 10:11:12 | 000,326,997 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\miezerbett.jpg [2012.08.07 09:38:06 | 001,198,275 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0559.jpg [2012.08.07 09:38:00 | 001,132,396 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0558.jpg [2012.08.07 09:37:47 | 000,985,870 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0557.jpg [2012.08.06 21:28:31 | 000,607,639 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\hegdehog jawn.gif [2012.08.06 21:14:46 | 000,465,489 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\miezerbusch.jpg [2012.08.06 20:07:53 | 000,043,361 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_m8bjalGZFM1rvixgpo1_500.jpg [2012.08.06 10:16:07 | 001,007,398 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0555.jpg [2012.08.06 10:15:56 | 001,221,809 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0554.jpg [2012.08.06 09:12:51 | 001,522,433 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0553.jpg [2012.08.06 09:12:35 | 001,088,224 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0552.jpg [2012.08.06 09:12:05 | 001,672,817 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0542.jpg [2012.08.06 09:11:50 | 001,495,154 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0544.jpg [2012.08.06 09:10:55 | 001,072,884 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0551.jpg [2012.08.06 09:08:54 | 001,562,529 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0550.jpg [2012.08.06 09:08:48 | 001,839,671 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0549.jpg [2012.08.06 09:08:25 | 001,548,246 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0548.jpg [2012.08.06 09:08:21 | 001,829,276 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0547.jpg [2012.08.06 09:08:05 | 001,797,029 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0546.jpg [2012.08.06 09:07:51 | 001,804,413 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0545.jpg [2012.08.06 09:07:42 | 001,380,350 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0543.jpg [2012.08.06 09:07:27 | 001,657,605 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0541.jpg [2012.08.06 09:07:24 | 001,648,416 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0540.jpg [2012.08.06 09:07:10 | 001,556,239 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0539.jpg [2012.08.06 09:06:47 | 001,311,042 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0538.jpg [2012.08.06 09:06:37 | 001,697,451 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0537.jpg [2012.08.06 09:06:31 | 001,858,131 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0536.jpg [2012.08.05 21:34:39 | 001,073,682 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0535.jpg [2012.08.05 21:34:21 | 001,126,886 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0534.jpg [2012.08.05 21:34:12 | 001,078,608 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0533.jpg [2012.08.04 13:57:34 | 001,477,997 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0532.jpg [2012.08.04 13:57:27 | 001,239,177 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0531.jpg [2012.08.04 13:57:11 | 001,197,879 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0530.jpg [2012.08.04 13:57:06 | 001,245,278 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0529.jpg [2012.08.04 13:56:58 | 001,299,582 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0528.jpg [2012.08.04 13:56:49 | 001,296,811 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0527.jpg [2012.08.04 10:11:50 | 001,214,273 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0526.jpg [2012.08.04 10:11:46 | 001,233,527 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0525.jpg [2012.08.04 10:11:28 | 001,205,411 | ---- | M] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0524.jpg [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.09.02 14:25:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Lydia\Desktop\livecd [2012.09.02 12:55:58 | 000,379,463 | ---- | C] () -- C:\Documents and Settings\Lydia\Desktop\GVU-Trojaner entfernen - Trojaner-Board.pdf [2012.09.02 12:41:46 | 000,459,970 | ---- | C] () -- C:\Documents and Settings\Lydia\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten_ - Trojaner-Board.pdf [2012.09.01 12:03:21 | 004,503,728 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\nud0repor.pad [2012.09.01 02:27:50 | 000,435,066 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_la2yba9Np31qbyea4.png [2012.08.31 13:19:51 | 000,060,475 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\291899_10151028556225172_445594245_n.jpg [2012.08.31 00:23:58 | 000,062,975 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\Two-faced-cat.jpg [2012.08.31 00:23:52 | 000,066,877 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\venus.jpg [2012.08.31 00:23:48 | 000,161,563 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\chimera-cat-1.jpg [2012.08.31 00:23:43 | 000,047,440 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\funny-cat-two-face-different-eyes-color.jpg [2012.08.31 00:23:37 | 000,033,882 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\R48VD.jpg [2012.08.31 00:23:27 | 000,042,493 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\Z7WZH.jpg [2012.08.28 23:39:46 | 000,159,490 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\screen-capture.png [2012.08.27 10:50:22 | 000,035,707 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\555699_256452831124691_928408394_n.jpg [2012.08.27 10:50:07 | 000,032,610 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\417426_255870754516232_1500006814_n.jpg [2012.08.21 16:11:18 | 000,401,637 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\hq3~3.jpg [2012.08.19 23:08:08 | 000,104,492 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\awwww.jpg [2012.08.18 20:33:32 | 000,459,743 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\bellbum.jpg [2012.08.18 20:30:03 | 000,242,509 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\cumberbum.jpg [2012.08.18 20:25:54 | 001,386,580 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0615.jpg [2012.08.18 20:25:47 | 001,378,794 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0614.jpg [2012.08.18 20:25:37 | 001,341,214 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0613.jpg [2012.08.17 18:59:11 | 001,034,143 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0612.jpg [2012.08.17 18:59:07 | 001,132,934 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0611.jpg [2012.08.17 17:32:17 | 004,885,066 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\paul_banks_the_base.mp3 [2012.08.17 01:52:05 | 000,000,584 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2012.08.16 00:37:46 | 000,048,161 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\jawn.jpg [2012.08.15 22:26:02 | 000,243,167 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\attimo.jpg [2012.08.15 22:20:23 | 000,297,493 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\bett.jpg [2012.08.15 22:12:40 | 001,949,646 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\lampe.jpg [2012.08.15 22:08:11 | 002,107,495 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\po3.jpg [2012.08.15 22:06:27 | 001,561,723 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\po2.jpg [2012.08.15 22:04:43 | 001,476,461 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\po.jpg [2012.08.15 22:02:41 | 000,128,000 | -H-- | C] () -- C:\Documents and Settings\Lydia\My Documents\photothumb.db [2012.08.15 20:31:43 | 000,045,646 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_m3smixIauj1rrnlpso1_400.jpg [2012.08.15 19:20:10 | 001,147,337 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0608.jpg [2012.08.15 19:20:07 | 001,156,919 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0607.jpg [2012.08.15 19:20:01 | 001,141,189 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0606.jpg [2012.08.15 19:19:50 | 001,119,664 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0605.jpg [2012.08.15 19:19:36 | 001,038,347 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0604.jpg [2012.08.15 18:49:03 | 001,179,979 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0603.jpg [2012.08.15 18:48:56 | 001,192,781 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0602.jpg [2012.08.15 16:36:19 | 001,199,169 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0601.jpg [2012.08.15 16:36:11 | 001,247,444 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0600.jpg [2012.08.15 16:36:04 | 001,131,401 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0599.jpg [2012.08.15 16:00:52 | 001,197,371 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0598.jpg [2012.08.15 16:00:43 | 001,064,837 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0597.jpg [2012.08.15 16:00:19 | 001,149,501 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0596.jpg [2012.08.15 15:59:52 | 000,968,934 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0595.jpg [2012.08.15 15:59:23 | 001,096,711 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0594.jpg [2012.08.15 15:59:09 | 001,116,252 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0593.jpg [2012.08.15 15:58:41 | 001,210,666 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0592.jpg [2012.08.15 15:58:34 | 001,229,667 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0591.jpg [2012.08.15 00:31:59 | 000,797,793 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_m8ql8wo17N1qffmheo5_1280.jpg [2012.08.15 00:31:55 | 000,603,918 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_m8ql8wo17N1qffmheo3_1280.jpg [2012.08.14 22:22:35 | 000,210,937 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\sherlockbild.jpg [2012.08.14 21:55:07 | 000,497,193 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_m6877lP11i1rwcc6bo1_400.gif [2012.08.12 20:34:36 | 000,327,273 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\druckula.jpg [2012.08.12 14:19:19 | 002,334,485 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\mieze.jpg [2012.08.12 13:26:06 | 001,701,448 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\schirm.jpg [2012.08.11 17:58:21 | 001,206,094 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0590.jpg [2012.08.11 17:02:57 | 001,013,475 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0585.jpg [2012.08.11 15:04:59 | 001,135,935 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0584.jpg [2012.08.09 23:30:12 | 000,851,879 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_lzrxobCCXv1r2bb3n.gif [2012.08.09 22:57:53 | 000,362,662 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_m4tpnxNfCI1qivy0do1_1280.jpg [2012.08.09 22:49:08 | 000,683,670 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_m6k0ostrJw1rn6992.gif [2012.08.08 14:59:05 | 001,753,053 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0568_2.jpg [2012.08.08 12:01:13 | 000,169,064 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\Sherlock Profil.jpg [2012.08.08 11:58:33 | 001,051,636 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\Sherlock Rahmen.jpg [2012.08.08 11:54:56 | 000,640,177 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\Sherlock Holmes Museum.jpg [2012.08.08 11:00:28 | 000,378,157 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\kartemaria.jpg [2012.08.08 10:38:53 | 000,747,550 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0573.jpg [2012.08.08 10:38:34 | 001,009,056 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0572.jpg [2012.08.08 10:38:13 | 001,060,117 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0571.jpg [2012.08.08 10:38:04 | 001,034,445 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0570.jpg [2012.08.08 10:37:56 | 001,031,531 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0569.jpg [2012.08.08 10:37:46 | 001,790,333 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0568.jpg [2012.08.08 10:37:41 | 000,900,096 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0567.jpg [2012.08.08 10:37:14 | 000,934,000 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0566.jpg [2012.08.07 22:44:34 | 000,298,961 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\miezerbein.jpg [2012.08.07 17:35:40 | 001,131,438 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0565.jpg [2012.08.07 17:35:26 | 000,984,109 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0564.jpg [2012.08.07 17:35:16 | 001,115,536 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0563.jpg [2012.08.07 17:35:03 | 001,128,852 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0562.jpg [2012.08.07 17:34:56 | 001,010,725 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0561.jpg [2012.08.07 10:11:12 | 000,326,997 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\miezerbett.jpg [2012.08.07 09:38:06 | 001,198,275 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0559.jpg [2012.08.07 09:38:00 | 001,132,396 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0558.jpg [2012.08.07 09:37:47 | 000,985,870 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0557.jpg [2012.08.06 21:28:30 | 000,607,639 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\hegdehog jawn.gif [2012.08.06 21:14:45 | 000,465,489 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\miezerbusch.jpg [2012.08.06 20:07:53 | 000,043,361 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\tumblr_m8bjalGZFM1rvixgpo1_500.jpg [2012.08.06 10:16:07 | 001,007,398 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0555.jpg [2012.08.06 10:15:56 | 001,221,809 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0554.jpg [2012.08.06 09:12:51 | 001,522,433 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0553.jpg [2012.08.06 09:12:35 | 001,088,224 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0552.jpg [2012.08.06 09:12:05 | 001,672,817 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0542.jpg [2012.08.06 09:11:48 | 001,495,154 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0544.jpg [2012.08.06 09:10:55 | 001,072,884 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0551.jpg [2012.08.06 09:08:54 | 001,562,529 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0550.jpg [2012.08.06 09:08:48 | 001,839,671 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0549.jpg [2012.08.06 09:08:23 | 001,548,246 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0548.jpg [2012.08.06 09:08:19 | 001,829,276 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0547.jpg [2012.08.06 09:08:05 | 001,797,029 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0546.jpg [2012.08.06 09:07:51 | 001,804,413 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0545.jpg [2012.08.06 09:07:40 | 001,380,350 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0543.jpg [2012.08.06 09:07:27 | 001,657,605 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0541.jpg [2012.08.06 09:07:24 | 001,648,416 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0540.jpg [2012.08.06 09:07:10 | 001,556,239 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0539.jpg [2012.08.06 09:06:47 | 001,311,042 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0538.jpg [2012.08.06 09:06:37 | 001,697,451 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0537.jpg [2012.08.06 09:06:31 | 001,858,131 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0536.jpg [2012.08.05 21:34:39 | 001,073,682 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0535.jpg [2012.08.05 21:34:21 | 001,126,886 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0534.jpg [2012.08.05 21:34:12 | 001,078,608 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0533.jpg [2012.08.04 13:57:34 | 001,477,997 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0532.jpg [2012.08.04 13:57:27 | 001,239,177 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0531.jpg [2012.08.04 13:57:11 | 001,197,879 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0530.jpg [2012.08.04 13:57:06 | 001,245,278 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0529.jpg [2012.08.04 13:56:58 | 001,299,582 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0528.jpg [2012.08.04 13:56:49 | 001,296,811 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0527.jpg [2012.08.04 10:11:50 | 001,214,273 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0526.jpg [2012.08.04 10:11:46 | 001,233,527 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0525.jpg [2012.08.04 10:11:28 | 001,205,411 | ---- | C] () -- C:\Documents and Settings\Lydia\My Documents\IMG_0524.jpg [2012.07.08 15:11:44 | 000,002,755 | ---- | C] () -- C:\Documents and Settings\Lydia\Local Settings\Application Data\recently-used.xbel [2012.05.20 11:58:33 | 000,078,196 | ---- | C] () -- C:\WINDOWS\hpqins05.dat [2012.05.15 19:11:02 | 000,035,364 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2012.03.05 10:28:03 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Lydia\Ÿ=Ÿ= [2012.03.04 16:26:59 | 000,010,567 | R--- | C] () -- C:\WINDOWS\hpwscr19.dat [2012.03.04 16:19:05 | 000,203,103 | ---- | C] () -- C:\WINDOWS\hpwins19.dat [2012.03.04 16:19:05 | 000,000,997 | R--- | C] () -- C:\WINDOWS\hpwmdl19.dat [2012.03.02 20:44:00 | 000,233,838 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1645522239-1078081533-1417001333-1003-0.dat [2012.02.27 23:27:34 | 000,233,838 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat [2012.02.15 12:05:47 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2012.01.14 01:19:35 | 000,011,776 | ---- | C] () -- C:\Documents and Settings\Lydia\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.10 17:27:21 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2012.01.10 17:27:21 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe [2012.01.10 17:12:00 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\syndata.bin [2012.01.10 17:08:47 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.01.10 16:39:55 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2012.01.10 16:38:15 | 000,199,344 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2012.01.10 16:17:35 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll [2012.01.10 16:17:35 | 000,262,216 | ---- | C] () -- C:\WINDOWS\System32\IPTests.dll [2012.01.10 16:17:35 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll [2012.01.10 15:52:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012.01.10 15:46:38 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011.11.09 15:12:01 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\FontReg.exe [2010.09.27 13:03:08 | 000,201,512 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll [2010.09.27 12:57:26 | 000,197,416 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll [2010.09.22 15:18:56 | 002,860,384 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll ========== LOP Check ========== [2012.01.11 20:21:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm [2012.02.27 18:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung [2012.07.11 00:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\www.rene-zeidler.de [2012.04.28 14:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2012.08.10 12:06:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\AnvSoft [2012.06.26 20:59:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\Audacity [2012.01.21 18:57:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\Garmin [2012.03.06 13:57:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\Geot [2012.03.06 14:11:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\Oqoz [2012.06.25 14:41:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\Oracle [2012.07.11 19:12:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\pdfforge [2012.04.04 09:55:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\PhotoScape [2012.03.10 11:13:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\Puudr [2012.03.16 00:38:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\QuickStoresToolbar [2012.02.27 18:09:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\Samsung [2012.08.30 19:52:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\Spotify [2012.03.11 23:31:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\Tap [2012.03.04 22:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\Ubseu [2012.03.11 23:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\Ugi [2012.08.12 16:27:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\uTorrent [2012.07.11 00:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\www.rene-zeidler.de [2012.03.05 18:47:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\Ydte [2012.03.09 09:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lydia\Application Data\Ynfy ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 02.09.2012 22:30:08 - Run 2
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Lydia\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
1014,36 Mb Total Physical Memory | 276,34 Mb Available Physical Memory | 27,24% Memory free
2,38 Gb Paging File | 1,63 Gb Available in Paging File | 68,59% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,89 Gb Total Space | 3,89 Gb Free Space | 6,96% Space Free | Partition Type: NTFS
Computer Name: MIEZER | User Name: Lydia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1645522239-1078081533-1417001333-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\explorer.exe" = %windir%\explorer.exe -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Winamp\winamp.exe" = C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp -- (Nullsoft, Inc.)
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"%windir%\explorer.exe" = %windir%\explorer.exe -- (Microsoft Corporation)
"C:\Documents and Settings\Lydia\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\Lydia\Application Data\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A5825FD-0FB7-4e45-9037-858D463F2943}" = BPDSoftware
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = Dienstprogramm "ThinkPad UltraNav"
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{1CE60928-8325-49A8-8B06-633E48DD2B67}" = Cisco Systems VPN Client 5.0.07.0410
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20F71B17-008C-43B4-8097-58FB62EA7AB8}" = Nero Kwik Media
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{2951A232-69BA-4925-BB9A-CEEB72B18B4F}" = BPDSoftware_Ini
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{398E8625-6F3A-4C54-B54C-28F0ABB89774}" = BPD_HPSU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FE3D6A5-2F5E-4870-A3AC-D1D88E0B2797}" = Intel(R) PROSet/Wireless WiFi-Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{572F2A62-70CD-4429-8758-6D4D6DC696E1}" = 4500_Help
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5A9AA2C0-972F-4239-AA41-E409434194D5}" = MobileMe Control Panel
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6697D99E-E550-4498-B793-4A8DD8A1821F}" = ProductContext
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.6.0
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = ThinkPad Bluetooth with Enhanced Data Rate Software
"{8675339C-128C-44DD-83BF-0A5D6ABD8297}" = System Update
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90140000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FAC9E5C-0D20-4DBF-AFE5-2E09C52A95A2}" = ThinkPad 11a/b/g/n Wireless LAN Mini-PCI Express Adapter
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AC76BA86-7AD7-5760-0000-A00000000003}" = Japanese Fonts Support For Adobe Reader X
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B334D9AE-1393-423E-97C0-3BDC3360E692}" = Sonic Icons for Lenovo
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD0773D5-C18E-495c-B39B-21A96415EDD5}" = HP Officejet J4500 Series
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}" = J4500
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Any Video Converter_is1" = Any Video Converter 3.4.2
"Audacity_is1" = Audacity 2.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"CNXT_MODEM_HDA_HSF" = ThinkPad Modem
"Defraggler" = Defraggler
"FFmpeg for Audacity_is1" = FFmpeg v0.6.2 for Audacity
"GIMP-2_is1" = GIMP 2.8.0
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Document Manager" = HP Document Manager 1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"LAME_is1" = LAME v3.99.3 (for Windows)
"LastFM_is1" = Last.fm 1.5.4.27091
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PhotoScape" = PhotoScape
"Power Management Driver" = ThinkPad Power Management Driver
"ProInst" = Intel PROSet Wireless
"PROSet" = Intel(R) Network Connections Drivers
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.2
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1645522239-1078081533-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"Winamp Detect" = Winamp Detector Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 01.09.2012 11:04:35 | Computer Name = MIEZER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1953
Error - 01.09.2012 11:04:35 | Computer Name = MIEZER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1953
Error - 01.09.2012 11:04:37 | Computer Name = MIEZER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 01.09.2012 11:04:37 | Computer Name = MIEZER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3938
Error - 01.09.2012 11:04:37 | Computer Name = MIEZER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3938
Error - 01.09.2012 11:04:39 | Computer Name = MIEZER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 01.09.2012 11:04:39 | Computer Name = MIEZER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5938
Error - 01.09.2012 11:04:39 | Computer Name = MIEZER | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5938
Error - 02.09.2012 16:28:52 | Computer Name = MIEZER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.59.1, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 02.09.2012 16:28:55 | Computer Name = MIEZER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.59.1, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
[ System Events ]
Error - 02.09.2012 16:06:57 | Computer Name = MIEZER | Source = Service Control Manager | ID = 7034
Description = Dienst "Java Quick Starter" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 02.09.2012 16:06:58 | Computer Name = MIEZER | Source = Service Control Manager | ID = 7034
Description = Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 02.09.2012 16:06:58 | Computer Name = MIEZER | Source = Service Control Manager | ID = 7034
Description = Dienst "Intel(R) PROSet/Wireless Registry Service" wurde unerwartet
beendet. Dies ist bereits 1 Mal passiert.
Error - 02.09.2012 16:06:58 | Computer Name = MIEZER | Source = Service Control Manager | ID = 7034
Description = Dienst "System Update" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 02.09.2012 16:06:58 | Computer Name = MIEZER | Source = Service Control Manager | ID = 7034
Description = Dienst "ThinkVantage Registry Monitor Service" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 02.09.2012 16:06:58 | Computer Name = MIEZER | Source = Service Control Manager | ID = 7034
Description = Dienst "TVT Scheduler" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 02.09.2012 16:06:59 | Computer Name = MIEZER | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Bluetooth Service" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Starten Sie den Dienst neu..
Error - 02.09.2012 16:06:59 | Computer Name = MIEZER | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 02.09.2012 16:18:36 | Computer Name = MIEZER | Source = b57w2k | ID = 327699
Description = BCM5701 Gigabit Ethernet: Der Treiber unterstützt dieses Gerät nicht.
Akualisieren Sie den Treiber auf die neuste Version.
Error - 02.09.2012 16:20:28 | Computer Name = MIEZER | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht ordnungsgemäß
gestartet.
< End of report >
|
| Themen zu GVU Trojaner und Exploit.Drop.GS |
| 32 bit, antivir, avira, bildschirm, bonjour, entfernen, error, firefox, flash player, format, gvu trojaner entfernen windows xp, internet, kaspersky, langs, launch, lenovo, mozilla, officejet, plug-in, programm, realtek, registry, scan, security, senden, software, starten, system, trojaner |
Baum-Darstellung