|
Log-Analyse und Auswertung: Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
23.10.2012, 19:16 | #1 |
| Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht! Hallo, hab mir einen Polizei Trojaner eingefangen. Es schaltet sich auch die Webcam mit ein, so dass man ein Bild von sich selbst in einem kleinen Teil des Bildschirmes hat. Der abgesicherte Modus funktioniert ebenfalls nicht. Ich hab nun die Schritte laut diesem Thread http://www.trojaner-board.de/125118-...iert-mehr.html befolgt. Im Anhang sind die otl.txt-Datei die dabei rausgekommen ist, sowie die otl.txt-Datei nach dem Quickscan. Die extras.txt-Datei konnte ich leider nicht finden. Schon vielen Dank im Voraus. |
25.10.2012, 12:29 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht!Code:
ATTFilter Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutoCAD LT-Startbeschleuniger.lnk
__________________ |
25.10.2012, 19:53 | #3 |
| Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht! Hallo,
__________________nein ist mein Privat PC? Mfg |
25.10.2012, 21:58 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht! Du benutzt AutoCAD? PRIVAT?!
__________________ Logfiles bitte immer in CODE-Tags posten |
26.10.2012, 15:11 | #5 |
| Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht! Ja, für meinen Hausplan. Und zeitweise als Aushilfe für das Planungsbüro von meinem Vater. Mfg |
26.10.2012, 19:44 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht! Mach einen OTL-Fix über OTLPE, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL DRV - File not found [Kernel | Boot] -- -- (b9c46cb714254352) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Regedit32] File not found O4 - Startup: C:\Dokumente und Einstellungen\seb\Startmenü\Programme\Autostart\ctfmon.lnk = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lsass.exe (Microsoft Corporation) O4 - HKU\seb_ON_C..\Run: [] File not found O4 - HKU\seb_ON_C..\Run: [wwmy7shq7d] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 47747 = C:\DOKUME~1\ALLUSE~1\LOCALS~1\Temp\msdubmna.scr :Files C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\lsass.exe C:\Dokumente und Einstellungen\seb\Startmenü\Programme\Autostart\ctfmon.lnk :Commands [purity] [resethosts] Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann! Danach sollte Windows wieder normal starten - stell uns bitte den Quarantäneordner von OTL zur Verfügung. Dabei bitte so vorgehen: 1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinträchtigen! 2.) Ordner movedfiles in C:\_OTL in eine Datei zippen 3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! 4.) Wenns erfolgreich war Bescheid sagen 5.) Erst dann wieder den Virenscanner einschalten
__________________ --> Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht! |
29.10.2012, 20:11 | #7 |
| Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht! Dankesehr für die Hilfe, der Computer funktioniert wieder. Hab die Dateien hochgeladen, hoffe es hat funktioniert. Sollte noch etwas beachtet werden? Spezielle Dateien löschen, Computer neu aufsetzen? Mfg |
31.10.2012, 16:14 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht! 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!
__________________ Logfiles bitte immer in CODE-Tags posten |
01.11.2012, 08:53 | #9 |
| Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht! Anbei die beiden Log Dateien. Mfg |
01.11.2012, 14:44 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht! Sieht ok aus. Ok, eine Kontrolle bitte:
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ Logfiles bitte immer in CODE-Tags posten |
01.11.2012, 19:46 | #11 |
| Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht! Hallo, 1. OTL Log OTL Logfile: Code:
ATTFilter OTL logfile created on: 01.11.2012 19:26:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\seb\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 64,31% Memory free 3,84 Gb Paging File | 3,10 Gb Available in Paging File | 80,74% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 298,08 Gb Total Space | 280,58 Gb Free Space | 94,13% Space Free | Partition Type: NTFS Computer Name: SEBKO | User Name: seb | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\seb\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) PRC - C:\Programme\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Programme\TeamViewer\Version6\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Programme\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe (Hewlett-Packard Development Company L.P.) PRC - C:\Programme\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe (Hewlett-Packard Development Company L.P.) PRC - C:\Programme\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) PRC - C:\Programme\Hewlett-Packard\Shared\hpCaslNotification.exe (Hewlett-Packard Development Company L.P.) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\DisplayLink Core Software\DisplayLinkUI.exe (DisplayLink Corp.) PRC - C:\Programme\DisplayLink Core Software\DisplayLinkService.exe (DisplayLink Corp.) PRC - C:\Programme\DisplayLink Core Software\DisplayLinkManager.exe (DisplayLink Corp.) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Programme\LSI SoftModem\agrsmsvc.exe (Agere Systems) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e4ecfaaf5417aceecb7fa8abddf06113\PresentationFramework.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\f33e2a4d9b385234406fa2d662f78875\PresentationCore.ni.dll () MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll () MOD - C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\1c13b08593e99d6f5bef49ae7939c78b\System.Xml.Linq.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\41f6f6dd0c8427d4a8e6fd3915505a6b\System.Transactions.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\ca63096c1ecf977f509e2a565f4bcdac\System.Data.Entity.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Speech\5efb50c91f3c5e49be2079f625d933b7\System.Speech.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\38d07a5ac34b99d94fd14f42e779f625\System.Core.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8b873631a0855fb6aa0ad25f1d9de7fe\PresentationFramework.Luna.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\6d8bef0d008389874e55c0308f0c18e5\WindowsBase.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll () MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU () MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll () MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\hpcasl\3.5.1.1__9c6f83d5b7f3d097\hpcasl.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CaslShared\3.5.1.1__9c6f83d5b7f3d097\CaslShared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Data.Entity.resources\3.5.0.0_de_b77a5c561934e089\System.Data.Entity.resources.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_de_b77a5c561934e089\System.Xml.resources.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3321.40301__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3321.40319__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3321.40314__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3321.40317__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3321.40378__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3321.40343__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3321.40308__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3321.40399__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3321.40400__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3321.40318__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3321.40308__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3321.40357__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3321.40363__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3321.40318__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3321.40363__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3321.40362__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Dashboard\2.0.3321.40405__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Runtime\2.0.3321.40404__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3321.40346__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3321.40372__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3321.40320__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3321.40345__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3321.40310__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3321.40320__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3321.40324__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3321.40340__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3321.40356__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3321.40325__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3321.40343__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3321.40355__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3321.40344__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3321.40344__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3294.18709__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3294.18751__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3294.18787__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3294.18795__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3294.18747__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3294.18794__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3294.18701__90ba9c70f846762e\NEWAEM.Foundation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3294.18753__90ba9c70f846762e\DEM.OS.I0602.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3294.18735__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3294.18737__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3294.18731__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3294.18717__90ba9c70f846762e\CLI.Component.Client.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3294.18759__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3294.18787__90ba9c70f846762e\DEM.OS.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3294.18755__90ba9c70f846762e\DEM.Graphics.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3294.18727__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3294.18758__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3294.18755__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3294.18772__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3294.18767__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Shared\2.0.3294.18786__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3294.18769__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3294.18757__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3321.40431__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3294.18766__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3294.18765__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3294.18742__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3294.18756__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3294.18748__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3294.18746__90ba9c70f846762e\APM.Foundation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Server.Shared.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3321.40393__90ba9c70f846762e\MOM.Implementation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3321.40391__90ba9c70f846762e\LOG.Foundation.Implementation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3321.40409__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll () MOD - C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3321.40297__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3321.40314__90ba9c70f846762e\CLI.Component.Wizard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3321.40300__90ba9c70f846762e\CLI.Component.SkinFactory.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3294.18750__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3294.18714__90ba9c70f846762e\CLI.Foundation.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3294.18748__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3321.40298__90ba9c70f846762e\CLI.Component.Runtime.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3294.18744__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3321.40305__90ba9c70f846762e\CLI.Component.Dashboard.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3294.18740__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3321.40392__90ba9c70f846762e\CCC.Implementation.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3294.18774__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3321.40299__90ba9c70f846762e\ATIDEMOS.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3321.40298__90ba9c70f846762e\APM.Server.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3321.40297__90ba9c70f846762e\AEM.Server.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll () MOD - C:\Programme\Hewlett-Packard\HP Connection Manager\sqlite3.dll () MOD - C:\Programme\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll () MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll () MOD - C:\WINDOWS\system32\btwicons.dll () MOD - C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll () MOD - C:\WINDOWS\system32\msdmo.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\WINDOWS\system32\pdfcmnnt.dll () ========== Services (SafeList) ========== SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Application Updater) -- C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (NAUpdate) -- C:\Programme\Nero\Update\NASvc.exe (Nero AG) SRV - (Autodesk Licensing Service) -- C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe (Autodesk) SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (hpCMSrv) -- C:\Programme\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe (Hewlett-Packard Development Company L.P.) SRV - (HPDrvMntSvc.exe) -- C:\Programme\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (yksvc) -- C:\WINDOWS\system32\yk51x86.dll (Marvell) SRV - (DisplayLinkService) -- C:\Programme\DisplayLink Core Software\DisplayLinkService.exe (DisplayLink Corp.) SRV - (AgereModemAudio) -- C:\Programme\LSI SoftModem\agrsmsvc.exe (Agere Systems) ========== Driver Services (SafeList) ========== DRV - (WDICA) -- File not found DRV - (PDRFRAME) -- File not found DRV - (PDRELI) -- File not found DRV - (PDFRAME) -- File not found DRV - (PDCOMP) -- File not found DRV - (PCIDump) -- File not found DRV - (lbrtfdc) -- File not found DRV - (i2omgmt) -- File not found DRV - (aswMBR) -- C:\DOKUME~1\seb\LOKALE~1\Temp\aswMBR.sys File not found DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (NETw5x32) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation) DRV - (HpqKbFiltr) -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell) DRV - (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys () DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.) DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.) DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.) DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.) DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems) DRV - (SFAUDIO) -- C:\WINDOWS\system32\drivers\sfaudio.sys (Sonic Focus, Inc) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.at IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.tuwien.ac.at IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.at IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.tuwien.ac.at IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.at IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.tuwien.ac.at IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.at IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.tuwien.ac.at IE - HKU\S-1-5-21-1993962763-220523388-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.at IE - HKU\S-1-5-21-1993962763-220523388-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/ IE - HKU\S-1-5-21-1993962763-220523388-725345543-1003\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.) IE - HKU\S-1-5-21-1993962763-220523388-725345543-1003\..\SearchScopes,DefaultScope = {A2DF6012-BB0E-4A0E-A5F4-654C3E80E3F1} IE - HKU\S-1-5-21-1993962763-220523388-725345543-1003\..\SearchScopes\{A2DF6012-BB0E-4A0E-A5F4-654C3E80E3F1}: "URL" = hxxp://findgala.com/?&uid=3127&q={searchTerms} IE - HKU\S-1-5-21-1993962763-220523388-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1993962763-220523388-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\GEMEIN~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) O1 HOSTS File: ([2012.10.30 03:46:36 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\6.5\pdfforgeToolbarIE.dll (Spigot, Inc.) O3 - HKU\S-1-5-21-1993962763-220523388-725345543-1003\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [HPConnectionManager] C:\Programme\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.) O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [SearchSettings] C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AutoCAD LT-Startbeschleuniger.lnk = C:\Programme\Gemeinsame Dateien\Autodesk Shared\acstart17.exe (Autodesk, Inc) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Bluetooth.lnk = C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) O4 - Startup: C:\Dokumente und Einstellungen\seb\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1993962763-220523388-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send To Bluetooth - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Web-Suche - C:\Programme\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CCB958F4-7080-4294-985D-F91CFF8680F9}: DhcpNameServer = 10.0.0.138 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\mdhcp32: DllName - (mdhcp32.dll) - File not found O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011.07.24 14:07:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.11.01 19:24:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\seb\Desktop\OTL.exe [2012.11.01 08:43:43 | 002,213,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\seb\Desktop\tdsskiller.exe [2012.11.01 07:39:01 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Dokumente und Einstellungen\seb\Desktop\aswMBR.exe [2012.10.30 03:46:35 | 000,000,000 | ---D | C] -- C:\_OTL [2012.10.20 07:11:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\seb\Anwendungsdaten\Search Settings [2012.10.20 07:11:40 | 000,000,000 | ---D | C] -- C:\Programme\Application Updater [2012.10.20 07:11:39 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Spigot [2012.10.20 07:11:39 | 000,000,000 | ---D | C] -- C:\Programme\pdfforge Toolbar [2012.10.18 10:20:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\seb\Desktop\Einreichplan pdfs [2012.10.15 17:00:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\seb\Anwendungsdaten\Avira [2012.10.15 16:54:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira [2012.10.15 16:54:46 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2012.10.15 16:54:44 | 000,133,824 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys [2012.10.15 16:54:44 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2012.10.15 16:54:44 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys [2012.10.15 16:54:43 | 000,000,000 | ---D | C] -- C:\Programme\Avira [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.11.01 19:24:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\seb\Desktop\OTL.exe [2012.11.01 08:43:50 | 002,213,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\seb\Desktop\tdsskiller.exe [2012.11.01 08:19:54 | 000,000,512 | ---- | M] () -- C:\Dokumente und Einstellungen\seb\Desktop\MBR.dat [2012.11.01 07:39:13 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Dokumente und Einstellungen\seb\Desktop\aswMBR.exe [2012.11.01 07:27:46 | 000,121,808 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2012.11.01 07:27:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012.10.31 10:25:44 | 000,516,736 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2012.10.31 10:25:44 | 000,493,386 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2012.10.31 10:25:44 | 000,100,960 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2012.10.31 10:25:44 | 000,084,034 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2012.10.31 10:21:10 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012.10.30 10:17:18 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys [2012.10.23 17:46:23 | 083,023,306 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\emorhc.pad [2012.10.23 17:37:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.10.23 09:03:36 | 000,001,790 | -H-- | M] () -- C:\Dokumente und Einstellungen\seb\Eigene Dateien\Default.rdp [2012.10.23 08:38:07 | 000,029,582 | ---- | M] () -- C:\Dokumente und Einstellungen\seb\Desktop\20121023_Zalando, Lifelight.pdf [2012.10.15 16:54:55 | 000,001,671 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk [2012.10.10 12:27:25 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.01 08:19:54 | 000,000,512 | ---- | C] () -- C:\Dokumente und Einstellungen\seb\Desktop\MBR.dat [2012.10.23 15:27:34 | 083,023,306 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\emorhc.pad [2012.10.23 08:38:06 | 000,029,582 | ---- | C] () -- C:\Dokumente und Einstellungen\seb\Desktop\20121023_Zalando, Lifelight.pdf [2012.10.15 16:54:55 | 000,001,671 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk [2012.07.26 13:53:41 | 000,115,008 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat [2012.07.05 17:05:01 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\crt.dat [2012.07.05 17:04:58 | 000,295,006 | ---- | C] () -- C:\WINDOWS\System32\shimg.dll [2012.03.09 23:14:49 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2012.02.21 10:30:59 | 000,406,304 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1993962763-220523388-725345543-1003-0.dat [2012.02.20 19:04:20 | 000,182,694 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2012.02.15 09:23:22 | 000,155,607 | ---- | C] () -- C:\WINDOWS\hpoins27.dat [2012.02.15 09:23:22 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl27.dat [2012.02.15 06:56:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll [2012.01.15 19:36:06 | 000,006,656 | ---- | C] () -- C:\Dokumente und Einstellungen\seb\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.01.15 18:18:07 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2011.08.05 19:08:02 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll [2011.07.24 16:11:27 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\seb\Lokale Einstellungen\Anwendungsdaten\PUTTY.RND [2011.07.24 15:00:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2011.07.24 14:59:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2011.07.24 14:59:00 | 000,203,328 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.07.24 14:43:53 | 001,765,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys [2011.07.24 14:43:53 | 000,203,312 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll [2011.07.24 14:43:53 | 000,034,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys [2011.07.24 14:43:53 | 000,027,184 | ---- | C] () -- C:\WINDOWS\snuvcdsm.exe [2011.07.24 14:43:53 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini [2011.07.24 14:43:51 | 000,256,560 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll [2011.07.24 14:09:28 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2011.07.24 14:04:26 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2011.01.19 12:34:42 | 003,003,392 | ---- | C] () -- C:\Programme\openofficeorg33.msi [2011.01.19 12:33:04 | 000,475,016 | ---- | C] () -- C:\Programme\setup.exe [2011.01.19 12:30:10 | 142,700,671 | ---- | C] () -- C:\Programme\openofficeorg1.cab [2011.01.19 11:15:26 | 000,000,290 | ---- | C] () -- C:\Programme\setup.ini ========== ZeroAccess Check ========== [2011.07.24 15:32:48 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 06:52:26 | 001,499,136 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 06:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > 2. Extra Log OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 01.11.2012 19:26:16 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\seb\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 64,31% Memory free 3,84 Gb Paging File | 3,10 Gb Available in Paging File | 80,74% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 298,08 Gb Total Space | 280,58 Gb Free Space | 94,13% Space Free | Partition Type: NTFS Computer Name: SEBKO | User Name: seb | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Programme\TeamViewer\Version6\TeamViewer.exe" = C:\Programme\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH) "C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour" -- (Apple Inc.) "F:\Sebastian\utorrent.exe" = F:\Sebastian\utorrent.exe:*:Enabled:µTorrent "C:\Dokumente und Einstellungen\seb\Lokale Einstellungen\Temporary Internet Files\Content.IE5\H29BFMB2\SweetImSetup[1].exe" = C:\Dokumente und Einstellungen\seb\Lokale Einstellungen\Temporary Internet Files\Content.IE5\H29BFMB2\SweetImSetup[1].exe:*:Enabled:SweetIM Installer "C:\Programme\uTorrent\uTorrent.exe" = C:\Programme\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Programme\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Programme\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard) "C:\Dokumente und Einstellungen\seb\Lokale Einstellungen\Temporary Internet Files\Content.IE5\W18N2F1N\SweetImSetup[1].exe" = C:\Dokumente und Einstellungen\seb\Lokale Einstellungen\Temporary Internet Files\Content.IE5\W18N2F1N\SweetImSetup[1].exe:*:Enabled:SweetIM Installer "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.) "C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\WINDOWS\system32\svchost.exe" = C:\WINDOWS\system32\svchost.exe:*:Enabled:Microsoft Office -- (Microsoft Corporation) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended "{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox "{102AA3B3-50E8-DA55-86B4-D90F408ADA01}" = CCC Help Finnish "{147E265E-7C2C-D1A6-EAEA-5F91846F7710}" = Catalyst Control Center Graphics Full New "{169917C4-4A77-45F4-B20E-860703FD5E6F}" = pdfforge Toolbar v6.5 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{226CDCF1-BFDE-200B-1458-F89A9B5AF3E2}" = CCC Help English "{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes "{24A500E4-0B12-4D62-9973-2C7E23CCA750}" = Nero Kwik Media "{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32 "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3829E085-3C1B-0C86-678D-C76B23D5E890}" = ccc-core-static "{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver "{3A3100C2-050F-2762-5EC0-57915D92B677}" = CCC Help German "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E519EE9-437B-9687-D128-E4A3165EC14F}" = CCC Help Swedish "{3F3209D9-2545-CA8E-3C1B-2B7FA837960F}" = CCC Help Dutch "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{445D0F2B-9EBB-4FC1-B458-AA7A3443C494}" = DisplayLink Core Software "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B006905-F307-7EED-35EF-6AA50FE53887}" = CCC Help Portuguese "{4D168C64-DB4C-D9B1-05FD-AC6C9BF1EF63}" = Skins "{4D808F4B-E2AE-259C-937B-203ACDBB1CBC}" = ccc-utility "{4E8444C5-766E-4f4d-82F8-BB83E2FBB42A}" = HP Deskjet F2200 All-In-One Driver 10.0 Rel .3 "{5538375F-0A5A-CB58-9A83-9C58E9753BBC}" = Catalyst Control Center Graphics Light "{55595412-1859-109D-03F4-0C739CC208C0}" = CCC Help Polish "{5783F2D7-5009-0407-0002-0060B0CE6BBA}" = AutoCAD LT 2007 - Deutsch "{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic "{5CBAD8D9-42F1-46BA-6E14-8422EA2E74A3}" = CCC Help Danish "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update "{69A6DE42-B5CA-58C9-91B3-E01D82DCC4C4}" = ccc-core-preinstall "{6D048296-8267-F280-C4FF-288D04F89E1B}" = CCC Help Hungarian "{705A71BC-D8C6-BB57-ADA4-96A181084A9C}" = Catalyst Control Center Core Implementation "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7A6B4340-7090-418F-8976-EE9650B35550}" = HP Connection Manager "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime "{80041B17-8DC4-CC4F-B5B2-44F0565F1E17}" = CCC Help Russian "{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan "{82C6713B-7A36-EA78-01BF-9F25C32E2FEB}" = CCC Help Greek "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{84814E6B-2581-46EC-926A-823BD1C670F6}" = HP Integrated Module with Bluetooth wireless technology "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A5EE663-5085-572C-EAC9-E0EF94CF764C}" = CCC Help Chinese Standard "{8A9F72AA-5BA0-4667-5D9C-FB06FDF938D8}" = CCC Help Italian "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback "{93EEE3C6-608D-119C-C061-49703FF025F3}" = Catalyst Control Center Localization All "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A3276EED-22A1-4808-9AA3-88A451482E10}" = Catalyst Control Center - Branding "{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1 "{A7A1E2EB-C775-35E9-6ABE-7799F0984779}" = CCC Help Norwegian "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch "{B1D1BA13-6A5C-28F8-254B-56EF859529B0}" = CCC Help Chinese Traditional "{B993267B-C532-5C34-F396-A158D879030B}" = CCC Help Korean "{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM) "{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media "{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11 "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU "{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU "{C58037D4-BC28-5453-28CF-DB22613D14F8}" = CCC Help Czech "{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min "{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{DE915B98-B18B-DBAC-7A50-CF89E7A1A0F6}" = Catalyst Control Center Graphics Full Existing "{DFCAEFA6-4EDD-D97A-7966-F0274FA71561}" = CCC Help French "{E2E13FEE-4EA4-9565-7610-C48FDF17CF27}" = CCC Help Japanese "{E46AFE69-D97D-BBB3-DF93-E014A0952656}" = CCC Help Spanish "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EBB81ECD-1D19-968B-6985-90E2BC3B2B3F}" = CCC Help Turkish "{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer "{F402D9E8-0D08-0A6A-706C-1D82F38ABB67}" = CCC Help Thai "{F708890B-CADC-430D-9431-9A13F637257E}" = HP USB Docking Video "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F9A43C0C-F274-4EC0-B02E-202C15C09C00}" = HP Wireless Assistant "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Agere Systems Soft Modem" = Agere Systems HDA Modem "ATI Display Driver" = ATI Display Driver "Autodesk DWF Viewer" = Autodesk DWF Viewer "Avira AntiVir Desktop" = Avira Free Antivirus "BabylonToolbar" = Babylon toolbar on IE "EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v5.50 "ie8" = Windows Internet Explorer 8 "Marvell Miniport Driver" = Marvell Miniport Driver "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "SynTPDeinstKey" = Synaptics Pointing Device Driver "TeamViewer 6 Host" = TeamViewer 6 Host "uTorrent" = µTorrent "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinRAR archiver" = WinRAR "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1993962763-220523388-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "SB_ClipboardPath" = ClipboardPath (Aktueller Benutzer) ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 08.10.2012 01:13:31 | Computer Name = SEBKO | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung hpCMSrv.exe, Version 4.1.22.1, fehlgeschlagenes Modul kernel32.dll, Version 5.1.2600.5781, Fehleradresse 0x00012afb. Error - 29.10.2012 14:52:50 | Computer Name = SEBKO | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung hpCMSrv.exe, Version 4.1.22.1, fehlgeschlagenes Modul kernel32.dll, Version 5.1.2600.5781, Fehleradresse 0x00012afb. [ HP Connection Manager Events ] Error - 08.10.2012 01:14:57 | Computer Name = SEBKO | Source = HPConnectionManager | ID = 5 Description = 2012.10.08 07:14:57.187|00000D2C|Error |App::IsServiceNotRespondingException{bool(System.Exception)}|HP Connection Manager service has stopped responding: Die COM-Klassenfactory für die Komponente mit CLSID {24DB46C8-C842-4E91-9AC4-8A9525A5551D} konnte aufgrund des folgenden Fehlers nicht abgerufen werden: 80080005. Error - 08.10.2012 01:14:57 | Computer Name = SEBKO | Source = HPConnectionManager | ID = 5 Description = Error - 08.10.2012 01:14:57 | Computer Name = SEBKO | Source = HPConnectionManager | ID = 5 Description = 2012.10.08 07:14:57.343|00000D2C|Error |App::IsServiceNotRespondingException{bool(System.Exception)}|HP Connection Manager service has stopped responding: Die COM-Klassenfactory für die Komponente mit CLSID {24DB46C8-C842-4E91-9AC4-8A9525A5551D} konnte aufgrund des folgenden Fehlers nicht abgerufen werden: 80080005. Error - 09.10.2012 08:15:18 | Computer Name = SEBKO | Source = hpCMSrv | ID = 5 Description = 2012/10/09 14:15:18.781|000002B4|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged failed [hr:0x800706BA] Error - 09.10.2012 08:15:18 | Computer Name = SEBKO | Source = hpCMSrv | ID = 5 Description = 2012/10/09 14:15:18.796|000005C0|Error |CWLAN::SignalStrengthChanged|Fire_SignalStrengthChanged failed [hr:0x800706BA] Error - 29.10.2012 14:53:12 | Computer Name = SEBKO | Source = hpMobile | ID = 5 Description = 2012.10.29 19:53:12.209|00000F14|Error |[HP.Mobile]Wwan::.ctor{}|Die COM-Klassenfactory für die Komponente mit CLSID {24DB46C8-C842-4E91-9AC4-8A9525A5551D} konnte aufgrund des folgenden Fehlers nicht abgerufen werden: 80080005. Error - 29.10.2012 14:53:16 | Computer Name = SEBKO | Source = HPConnectionManager | ID = 5 Description = Error - 29.10.2012 14:53:16 | Computer Name = SEBKO | Source = HPConnectionManager | ID = 5 Description = 2012.10.29 19:53:16.350|00000F14|Error |App::IsServiceNotRespondingException{bool(System.Exception)}|HP Connection Manager service has stopped responding: Die COM-Klassenfactory für die Komponente mit CLSID {24DB46C8-C842-4E91-9AC4-8A9525A5551D} konnte aufgrund des folgenden Fehlers nicht abgerufen werden: 80080005. Error - 29.10.2012 14:53:16 | Computer Name = SEBKO | Source = HPConnectionManager | ID = 5 Description = Error - 29.10.2012 14:53:16 | Computer Name = SEBKO | Source = HPConnectionManager | ID = 5 Description = 2012.10.29 19:53:16.584|00000F14|Error |App::IsServiceNotRespondingException{bool(System.Exception)}|HP Connection Manager service has stopped responding: Die COM-Klassenfactory für die Komponente mit CLSID {24DB46C8-C842-4E91-9AC4-8A9525A5551D} konnte aufgrund des folgenden Fehlers nicht abgerufen werden: 80080005. [ System Events ] Error - 29.10.2012 14:52:59 | Computer Name = SEBKO | Source = Service Control Manager | ID = 7034 Description = Dienst "HP Connection Manager 4 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error - 29.10.2012 14:53:12 | Computer Name = SEBKO | Source = DCOM | ID = 10010 Description = Der Server "{24DB46C8-C842-4E91-9AC4-8A9525A5551D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error - 29.10.2012 15:31:47 | Computer Name = SEBKO | Source = Wechselmediendienst | ID = 262255 Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek Generic USB Flash Drive USB Device nicht laden. Error - 29.10.2012 15:31:47 | Computer Name = SEBKO | Source = Wechselmediendienst | ID = 262255 Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek Generic USB Flash Drive USB Device nicht laden. Error - 29.10.2012 15:35:34 | Computer Name = SEBKO | Source = Wechselmediendienst | ID = 262255 Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek Generic USB Flash Drive USB Device nicht laden. Error - 29.10.2012 15:35:34 | Computer Name = SEBKO | Source = Wechselmediendienst | ID = 262255 Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek Generic USB Flash Drive USB Device nicht laden. Error - 29.10.2012 15:36:49 | Computer Name = SEBKO | Source = Wechselmediendienst | ID = 262255 Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek Generic USB Flash Drive USB Device nicht laden. Error - 29.10.2012 15:36:49 | Computer Name = SEBKO | Source = Wechselmediendienst | ID = 262255 Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek Generic USB Flash Drive USB Device nicht laden. Error - 29.10.2012 16:15:10 | Computer Name = SEBKO | Source = Wechselmediendienst | ID = 262255 Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek Generic USB Flash Drive USB Device nicht laden. Error - 29.10.2012 16:15:10 | Computer Name = SEBKO | Source = Wechselmediendienst | ID = 262255 Description = Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek Generic USB Flash Drive USB Device nicht laden. < End of report > Mfg |
03.11.2012, 14:40 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht! Sollte ok sein, ich seh da aber noch Toolbars und Adware adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Polizei Trojaner inkl. Webcam, Abgesicherter Modus funktioniet nicht! |
abgesicherte, abgesicherter, abgesicherter modus, anhang, bild, ebenfalls, funktionier, funktioniert, kleine, kleinen, konnte, modus, polizei, polizei trojaner, schaltet, schritte, thread, troja, trojaner, webcam |