| |
| |||||||
Log-Analyse und Auswertung: Windows XP startet auch nicht im abgesichtern ModusWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
29.01.2013, 19:04
| #1 |
| |  Windows XP startet auch nicht im abgesichtern Modus Guten Abend ich habe mich hier angemeldet, weil Windows XP nicht mehr startet *auch nicht im abesicherten Modus. Gestern ging noch alles, es kam beimSzstemstart nur so eine komische Aufforderung ingendetwas upzudaten, die ich weggeklickt habe. Ich bin nach Euren Vorschlaegen vorgegangen und habbe die div. Scans gemacht. Das Malwareprogramm laeuft allerdings nicht: es bricht mit einer Fehlermeldung ab:Fehler acces is denied.Ich versuche die logs otl.txt, extras.txt und defrogger einzubinden. Bitte habt Nachsicht mit mir, denn ich bin kein grosser Kenner der Materie und auch schon etwas angejahrt  Danke fuer Eure Hilfe Gruss Christian Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:44 on 29/01/2013 (%username%)
Checking for autostart values...
HKCU\~\Run values retrieved.
Unable to open HKLM\~\Run key (2)
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter OTL Extras logfile created on: 1/29/2013 4:36:34 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 82.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 3070 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Programme
Drive D: | 135.01 Gb Total Space | 109.44 Gb Free Space | 81.06% Space Free | Partition Type: NTFS
Drive E: | 410.15 Gb Total Space | 311.89 Gb Free Space | 76.04% Space Free | Partition Type: NTFS
Drive F: | 404.17 Gb Total Space | 273.50 Gb Free Space | 67.67% Space Free | Partition Type: NTFS
Drive G: | 99.96 Gb Total Space | 81.88 Gb Free Space | 81.91% Space Free | Partition Type: NTFS
Drive H: | 100.73 Gb Total Space | 35.54 Gb Free Space | 35.28% Space Free | Partition Type: NTFS
Drive I: | 130.07 Gb Total Space | 26.45 Gb Free Space | 20.34% Space Free | Partition Type: NTFS
Drive K: | 31.23 Gb Total Space | 31.18 Gb Free Space | 99.84% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet005
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- D:\MOZILLA\MOZILL~2\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1"
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Programme\Internet Explorer\iexplore.exe" -nohome
htmlfile [opennew] -- "C:\Programme\Internet Explorer\iexplore.exe" %1
http [open] -- D:\MOZILLA\MOZILL~2\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1"
https [open] -- D:\MOZILLA\MOZILL~2\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1"
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Programme\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1"
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Programme\Internet Explorer\iexplore.exe" %1
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Programme\Internet Explorer\iexplore.exe"
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\System32\ZoneLabs\vsmon.exe" = C:\WINDOWS\System32\ZoneLabs\vsmon.exe:*:Enabled:TrueVector Service -- (Zone Labs, LLC)
"C:\Programme\Sony Ericsson\Update Service\ma3platform.exe" = C:\Programme\Sony Ericsson\Update Service\ma3platform.exe:*:Enabled:ma3platform
"C:\WINDOWS\System32\dpvsetup.exe" = C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\Programme\Active sync\wcescomm.exe" = D:\Programme\Active sync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager
"C:\WINDOWS\Temp\KD_installer.exe" = C:\WINDOWS\Temp\KD_installer.exe:*:Enabled:Kabel Deutschland Installer -- (mquadr.at software engineering, hxxp://www.mquadr.at)
"C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player
"D:\Mozilla\Mozilla Firefox(2)\Mozilla Firefox\firefox.exe" = D:\Mozilla\Mozilla Firefox(2)\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03A70F27-D80E-4A22-A1B4-1C878FC6056A}" = Sony Ericsson Mobile Networking Wizard
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{123D40B5-66EF-4F41-A2BA-0B74D0D1C8B3}" = Steuer 2006
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1E5007FA-DA5E-4EDD-BDE5-14D128D66887}" = PowerQuest PartitionMagic 7.0
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{238B8820-011B-11D6-9C28-0080C85A0C2D}" = Transparency Adaptor Calibrator
"{2C4A5877-21D1-4A15-9D20-24BA54A24093}" = Playlist tool
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java(TM) 6 Update 2
"{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer
"{345C90FB-FA10-11D5-9C2A-0080C85A0C2D}" = ABBYY FineReader OCR Engine
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A33D692-8679-4142-94C7-0BB784B9B3A3}" = DMX 6fire 24/96 ControlPanel
"{3B7458C7-3F03-4415-AC39-D51EDEACDCCC}" = Steuer 2007
"{4BC211DD-2BBC-4CDF-AB43-3B93444617E0}" = Steuer 2006
"{4D400407-6332-4101-8C78-506C85813506}" = Sony Ericsson OCS
"{53480520-7555-470E-8C69-750B0472B4BB}" = O&O Defrag Professional Edition
"{544FB392-069D-4BA5-9DC7-FFD47230AEE5}" = Photohands 1.0G
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59C95D15-5F24-435E-898D-3806961FC79D}" = Steuer 2006
"{5E8C42DD-7E43-462C-84CC-99E5BBE3E101}" = Steuer 2007
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{70B45586-B51E-4947-A258-A895596C5CED}" = Photo Loader 2.3G
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}" = Ulead VideoStudio 7 SE DVD
"{7AA828F3-BD67-495E-9742-BD9C3F196E78}" = PC Suite
"{81A60A13-224D-4637-8203-3EAC03B121A4}" = Maxtor*MaxBlast
"{8FBC9407-713D-4B8A-98D2-57210DA56049}" = MSN Toolbar
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9075FCA2-7B7E-46A3-841A-52519270C1B2}" = PowerQuest Drive Image 5.0
"{909B62B0-8ACA-4061-A83B-09CAEF609619}" = MSXML 6.0 Parser
"{95E0E6DC-C308-4C96-BEDB-68C75A32FAF8}_is1" = Tetris
"{97A4D873-47B9-454A-A567-8AFF41C07155}" = EasyRecovery DataRecovery
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{A074DE55-29EB-459C-99C9-3F26C5669ECB}" = EasyRecovery DataRecovery Trial
"{A0E2CD91-BC77-411F-BD5D-5ABCA8C7C5B8}" = Sony Ericsson Mobile Phone Monitor
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{AC76BA86-1033-F400-7760-000000000002}" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch
"{B08D262E-D902-11D5-9C28-0080C85A0C2D}" = ScanWizard 5
"{B754B683-E23C-4583-9312-50AD86836B42}" = Steuer Hilfesammlung
"{C00FAC7F-DAF5-4FD8-83E7-5959C882A811}" = Sony Ericsson File Manager
"{CBA04F21-D46C-46FC-9A8A-A5360F58CF94}" = Sony Ericsson Sync Station
"{D777130E-86A9-428C-B7E6-9EFBCAB4E4CC}" = Steuer Hilfesammlung
"{E03EE3F8-F081-4EF5-BE18-CC849459B070}" = Sony Ericsson Capability Manager
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{EA9FAF16-0E5C-42C4-9742-9AF8D5F6D69B}" = ATI Catalyst Control Center
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{FDDC37C3-B2FC-4B5E-A854-1E69B2FFCA71}" = Steuer Update 14.01
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Acrobat 7.0 Professional - EFG" = Adobe Acrobat 7.0 Professional - English, Français, Deutsch
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"All ATI Software" = ATI - Software Uninstall Utility
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal – Free Antivirus
"AsusUpdate" = AsusUpdate
"ATI Display Driver" = ATI Display Driver
"BetaPlayer" = BetaPlayer
"Digital Image Recovery_is1" = Digital Image Recovery 1.47
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FFMPEG" = FFMPEG
"FLAC" = FLAC
"FTDICOMM" = SEMC DSS SyncStation Driver
"Google Updater" = Google Updater
"Hard Disk Low Level Format Tool_is1" = Hard Disk Low Level Format Tool 2.36 build 1181
"HijackThis" = HijackThis 1.99.1
"ImTOO 3GP Video Converter" = ImTOO 3GP Video Converter
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{97A4D873-47B9-454A-A567-8AFF41C07155}" = EasyRecovery DataRecovery
"InstallShield_{A074DE55-29EB-459C-99C9-3F26C5669ECB}" = EasyRecovery DataRecovery Trial
"KlickTel99" = klickTel Mai 99 - 32-Bit
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.8.0 Full
"Language pack for Ad-Aware SE" = Language pack for Ad-Aware SE
"MAGIX Fotos auf CD & DVD 7 deluxe D" = MAGIX Fotos auf CD & DVD 7 deluxe 7.0.2.0 (D)
"MediaCoder" = MediaCoder 0.6.2
"MediaInfo" = MediaInfo 0.7.6.1BETA
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (2.0.0.12)" = Mozilla Firefox (2.0.0.12)
"Need For Speed III" = Need For Speed III
"OEMaster-Daten-ExportfürOutlookExpress" = OEMaster - DBX-Reader und Daten-Export für Outlook Express
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"S4Uninst" = Die Siedler IV
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"ST6UNST #1" = Outlook Express Quick Backup
"VLC media player" = VLC media player 0.9.6
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinRAR archiver" = WinRAR Archivierer
"ZoneAlarm" = ZoneAlarm
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\gast_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dr. Hardware 2008_is1" = Dr. Hardware 2008 9.0.0d
"JAP" = JAP
"Mozilla Firefox (2.0)" = Mozilla Firefox (2.0)
"Stellar Phoenix DMR_is1" = Stellar Phoenix DMR 1.0
< End of report >
Code:
ATTFilter OTL logfile created on: 1/29/2013 4:36:27 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 82.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 3070 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Programme
Drive D: | 135.01 Gb Total Space | 109.44 Gb Free Space | 81.06% Space Free | Partition Type: NTFS
Drive E: | 410.15 Gb Total Space | 311.89 Gb Free Space | 76.04% Space Free | Partition Type: NTFS
Drive F: | 404.17 Gb Total Space | 273.50 Gb Free Space | 67.67% Space Free | Partition Type: NTFS
Drive G: | 99.96 Gb Total Space | 81.88 Gb Free Space | 81.91% Space Free | Partition Type: NTFS
Drive H: | 100.73 Gb Total Space | 35.54 Gb Free Space | 35.28% Space Free | Partition Type: NTFS
Drive I: | 130.07 Gb Total Space | 26.45 Gb Free Space | 20.34% Space Free | Partition Type: NTFS
Drive K: | 31.23 Gb Total Space | 31.18 Gb Free Space | 99.84% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet005
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled] -- -- (FirebirdServerMAGIXInstance)
SRV - [2008/04/15 10:15:24 | 000,147,201 | ---- | M] (Avira GmbH) [Disabled] -- D:\Programme\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2008/04/15 10:15:24 | 000,068,865 | ---- | M] (Avira GmbH) [Disabled] -- D:\Programme\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2007/08/23 07:52:50 | 000,410,904 | ---- | M] (Acronis) [Disabled] -- D:\Programme\Gemeinsame Dateien\Maxtor\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007/03/08 17:01:58 | 000,075,568 | ---- | M] (Zone Labs, LLC) [Auto] -- D:\WINDOWS\System32\ZONELABS\vsmon.exe -- (vsmon)
SRV - [2006/09/20 12:44:10 | 000,069,632 | ---- | M] (Adobe Systems) [On_Demand] -- D:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2006/02/28 19:10:20 | 000,069,632 | ---- | M] (CrypKey (Canada) Ltd.) [Disabled] -- D:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)
SRV - [2004/10/21 19:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [Disabled] -- D:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/05/17 07:57:00 | 000,184,320 | ---- | M] (O&O Software GmbH) [Auto] -- D:\WINDOWS\system32\oodag.exe -- (O&O Defrag)
SRV - [2003/07/28 05:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2001/08/08 19:01:00 | 000,090,112 | ---- | M] (SEIKO EPSON CORPORATION) [Disabled] -- D:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe -- (EPSONStatusAgent2)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WINFOXIO)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (TSMPacket)
DRV - File not found [Kernel | On_Demand] -- -- (SANDRA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (MEMSWEEP2)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (CrystalSysInfo)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2008/11/20 12:49:04 | 000,400,864 | ---- | M] (Acronis) [Kernel | Boot] -- D:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2008/11/20 12:49:04 | 000,032,768 | ---- | M] (Acronis) [File_System | Auto] -- D:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2008/11/20 12:48:54 | 000,120,992 | ---- | M] (Acronis) [Kernel | Boot] -- D:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2008/04/15 10:15:24 | 000,079,424 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2008/04/15 10:15:24 | 000,049,472 | ---- | M] (Avira GmbH) [File_System | On_Demand] -- D:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2008/04/15 10:15:24 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007/10/28 10:35:14 | 000,583,128 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- D:\WINDOWS\system32\drivers\ACEDRV10.sys -- (acedrv10)
DRV - [2007/10/26 08:53:46 | 000,250,560 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- D:\WINDOWS\system32\drivers\acehlp10.sys -- (acehlp10)
DRV - [2007/08/31 15:07:50 | 000,407,328 | ---- | M] (Sensaura) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\dmxsens.sys -- (dmxsens)
DRV - [2007/08/31 15:07:40 | 000,099,680 | ---- | M] (Terratec Electronic GmbH) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\dmx6fire.sys -- (dmxfire)
DRV - [2007/08/21 21:07:40 | 002,417,664 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007/06/14 06:41:00 | 000,466,048 | R--- | M] (LITEON) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\Ltn_stk7070P.sys -- (Ltn_stk7070P)
DRV - [2007/06/13 11:30:20 | 000,013,440 | R--- | M] (LITEON) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\Ltn_stkrc.sys -- (Ltn_stkrc)
DRV - [2007/04/22 02:06:36 | 000,011,840 | ---- | M] (Avira GmbH) [Kernel | System] -- D:\Programme\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2007/03/08 17:02:10 | 000,394,192 | ---- | M] (Zone Labs, LLC) [Kernel | System] -- D:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2007/03/01 04:27:26 | 004,484,608 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/01/17 22:39:20 | 000,050,416 | ---- | M] (Zone Labs, LLC) [Kernel | Boot] -- D:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan)
DRV - [2006/10/17 07:22:26 | 000,009,216 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot] -- D:\WINDOWS\system32\drivers\videX32.sys -- (videX32)
DRV - [2006/10/11 07:10:30 | 000,008,864 | ---- | M] () [Kernel | Auto] -- D:\WINDOWS\system32\drivers\CDAC15BA.SYS -- (CdaC15BA)
DRV - [2006/01/25 09:14:06 | 000,472,644 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\HCWBT8xx.sys -- (HCWBT8XX)
DRV - [2006/01/09 20:47:28 | 000,031,846 | ---- | M] () [Kernel | System] -- D:\WINDOWS\system32\ckldrv.sys -- (NetworkX)
DRV - [2004/08/03 20:08:36 | 000,013,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC)
DRV - [2004/08/03 20:08:30 | 000,105,984 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx)
DRV - [2004/08/03 16:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2004/08/03 16:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/03 16:07:46 | 000,223,616 | ---- | M] (Microsoft Corporation) [Kernel | System] -- D:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2004/08/03 15:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - [2004/03/22 09:40:38 | 000,040,448 | R--- | M] (Susteen Inc.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\SUSCOM.SYS -- (SUSCOM)
DRV - [2003/09/16 04:00:10 | 000,019,153 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2003/09/16 04:00:02 | 000,006,828 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ftlund.sys -- (FTLUND)
DRV - [2003/09/16 03:59:54 | 000,050,396 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2003/09/05 10:30:32 | 000,011,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- D:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Bilder\ATI BIOS\WinFlash\ATIXPGAA.SYS -- (ATIXPGAA)
DRV - [2002/08/13 08:27:22 | 000,074,338 | ---- | M] (3Com Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\el90Xbc5.SYS -- (EL90Xbc)
DRV - [2001/08/17 07:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 06:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
DRV - [2001/08/10 00:00:00 | 000,003,252 | ---- | M] () [Kernel | System] -- D:\WINDOWS\System32\drivers\PQNTDRV.SYS -- (PQNTDrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\gast_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\ich_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\ich_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\systemprofile_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: D:\Programme\Google\Google Updater\2.4.1399.3742\npCIDetect13.dll (Google)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0\extensions\\Components: D:\Mozilla\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0\extensions\\Plugins: D:\Mozilla\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.12\extensions\\Components: D:\MOZILLA\MOZILL~2\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 2.0.0.12\extensions\\Plugins: D:\MOZILLA\MOZILL~2\Mozilla Firefox\plugins
[2006/06/22 06:44:58 | 002,078,344 | ---- | M] () -- D:\Programme\mozilla firefox\plugins\NPSWF32.dll
O1 HOSTS File: ([2001/09/04 10:34:58 | 000,000,820 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - File not found
O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Programme\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - D:\Programme\MSN\Toolbar\3.0.0744.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - D:\Programme\MSN\Toolbar\3.0.0744.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - File not found
O3 - HKU\ich_ON_D\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - File not found
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\gast_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\ich_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O7 - HKU\LocalService_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - File not found
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.169.184.161 83.169.184.225
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - D:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (relog_ap) - D:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/26 07:04:08 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - D:\WINDOWS\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/01/29 13:02:44 | 000,000,000 | ---D | C] -- D:\_OTL
[2008/03/14 09:18:02 | 000,089,680 | ---- | C] (Microsoft Corporation) -- D:\Dokumente und Einstellungen\ich\MSSSerif120.fon
[4 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[4 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
[3 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2008/12/23 13:01:33 | 000,502,784 | ---- | C] () -- D:\WINDOWS\x2.64.exe
[2008/12/23 13:01:33 | 000,240,128 | ---- | C] () -- D:\WINDOWS\System32\x.264.exe
[2008/12/23 13:01:33 | 000,217,073 | ---- | C] () -- D:\WINDOWS\meta4.exe
[2008/12/23 13:01:33 | 000,066,560 | ---- | C] () -- D:\WINDOWS\MOTA113.exe
[2008/12/23 13:01:33 | 000,027,648 | ---- | C] () -- D:\WINDOWS\System32\AVSredirect.dll
[2008/12/10 11:19:18 | 000,000,109 | ---- | C] () -- D:\WINDOWS\oodcnt.INI
[2008/12/10 10:49:55 | 000,000,223 | ---- | C] () -- D:\Dokumente und Einstellungen\ich\Goya.ini
[2008/12/10 10:49:23 | 000,000,046 | ---- | C] () -- D:\WINDOWS\Goya.INI
[2008/11/19 12:33:50 | 000,000,164 | ---- | C] () -- D:\WINDOWS\RECMGRUN.INI
[2008/11/19 12:32:53 | 000,003,455 | ---- | C] () -- D:\WINDOWS\RECVCALL.INI
[2008/11/18 11:53:32 | 000,000,004 | ---- | C] () -- D:\WINDOWS\vx86036.dat
[2008/11/18 11:53:23 | 000,000,067 | ---- | C] () -- D:\WINDOWS\Crypkey.ini
[2008/11/18 11:53:20 | 000,031,846 | ---- | C] () -- D:\WINDOWS\System32\Ckldrv.sys
[2008/11/18 11:53:20 | 000,027,648 | R--- | C] () -- D:\WINDOWS\Setup_ck.exe
[2008/11/18 11:53:20 | 000,018,432 | ---- | C] () -- D:\WINDOWS\Setup_ck.dll
[2008/11/18 11:53:20 | 000,011,776 | ---- | C] () -- D:\WINDOWS\Ckrfresh.exe
[2008/11/16 04:02:14 | 000,000,425 | ---- | C] () -- D:\WINDOWS\BRWMARK.INI
[2008/11/16 04:02:14 | 000,000,027 | ---- | C] () -- D:\WINDOWS\BRPP2KA.INI
[2008/11/16 03:59:10 | 000,000,050 | ---- | C] () -- D:\WINDOWS\System32\bridf07a.dat
[2008/11/16 03:58:08 | 000,106,496 | ---- | C] () -- D:\WINDOWS\System32\BrMuSNMP.dll
[2008/05/17 10:49:05 | 000,077,460 | ---- | C] () -- D:\WINDOWS\DIHELP.DAT
[2008/05/17 10:49:05 | 000,038,450 | ---- | C] () -- D:\WINDOWS\PQDI.exe
[2008/05/12 13:39:53 | 000,120,200 | ---- | C] () -- D:\WINDOWS\System32\DLLDEV32i.dll
[2008/05/12 13:38:22 | 000,006,768 | ---- | C] () -- D:\WINDOWS\mgxoschk.ini
[2008/05/04 11:08:49 | 000,020,480 | ---- | C] () -- D:\WINDOWS\System32\CPUINFO2.DLL
[2008/04/19 04:24:24 | 000,049,152 | R--- | C] () -- D:\WINDOWS\System32\ChCfg.exe
[2008/04/11 11:00:16 | 000,036,864 | ---- | C] () -- D:\WINDOWS\Algoui.exe
[2008/04/10 12:14:51 | 000,049,152 | RH-- | C] () -- D:\WINDOWS\System32\CoInst.dll
[2008/03/15 02:50:36 | 000,164,352 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2008/03/15 02:50:35 | 000,755,027 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2008/03/15 02:50:34 | 000,159,839 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2008/03/15 02:50:33 | 000,007,680 | ---- | C] () -- D:\WINDOWS\System32\ff_vfw.dll
[2008/02/16 10:56:28 | 000,000,038 | ---- | C] () -- D:\WINDOWS\AviSplitter.INI
[2008/02/10 11:54:09 | 000,035,328 | ---- | C] () -- D:\WINDOWS\System32\cygz.dll
[2008/02/10 11:54:09 | 000,035,328 | ---- | C] () -- D:\WINDOWS\cygz.dll
[2007/12/24 04:43:11 | 000,363,520 | ---- | C] () -- D:\WINDOWS\System32\PsisDecd.dll
[2007/10/27 12:45:03 | 001,284,280 | ---- | C] () -- D:\WINDOWS\System32\XMNT2001.EXE
[2007/10/27 12:45:03 | 000,003,252 | ---- | C] () -- D:\WINDOWS\System32\drivers\PQNTDRV.SYS
[2007/10/16 11:26:41 | 000,069,632 | R--- | C] () -- D:\WINDOWS\System32\xmltok.dll
[2007/10/16 11:26:41 | 000,036,864 | R--- | C] () -- D:\WINDOWS\System32\xmlparse.dll
[2007/10/05 10:54:38 | 000,000,245 | ---- | C] () -- D:\WINDOWS\System32\regupdate.ini
[2007/09/18 20:21:28 | 000,009,384 | ---- | C] () -- D:\WINDOWS\Irremote.ini
[2007/09/18 19:50:55 | 000,593,920 | ---- | C] () -- D:\WINDOWS\System32\ati2sgag.exe
[2007/08/21 20:35:20 | 003,107,788 | ---- | C] () -- D:\WINDOWS\System32\ativvaxx.dat
[2007/08/21 20:35:20 | 003,107,788 | ---- | C] () -- D:\WINDOWS\System32\ativva5x.dat
[2007/08/21 20:35:20 | 000,972,072 | ---- | C] () -- D:\WINDOWS\System32\ativva6x.dat
[2007/08/03 05:28:35 | 000,002,508 | ---- | C] () -- D:\Dokumente und Einstellungen\gast\Anwendungsdaten\$_hpcst$.hpc
[2007/08/02 11:29:36 | 000,002,508 | ---- | C] () -- D:\Dokumente und Einstellungen\ich\Anwendungsdaten\$_hpcst$.hpc
[2007/07/05 10:48:35 | 000,000,092 | R--- | C] () -- D:\WINDOWS\System32\ftdiun2k.ini
[2007/06/07 14:10:48 | 000,020,480 | ---- | C] () -- D:\WINDOWS\System32\ac3config.exe
[2007/05/06 06:01:21 | 000,003,133 | ---- | C] () -- D:\WINDOWS\tm.ini
[2007/03/31 03:20:28 | 000,022,168 | ---- | C] () -- D:\WINDOWS\System32\imsinstall_loc0407.dll
[2007/03/31 03:20:28 | 000,018,072 | ---- | C] () -- D:\WINDOWS\System32\imslsp_install_loc0407.dll
[2007/02/14 12:21:26 | 000,796,584 | ---- | C] () -- D:\WINDOWS\System32\libeay32_0.9.6l.dll
[2007/02/13 10:00:56 | 000,233,868 | ---- | C] () -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firstlsp.reg.dat
[2007/02/07 06:30:09 | 000,000,161 | ---- | C] () -- D:\WINDOWS\wininit.ini
[2007/01/29 09:20:32 | 001,048,576 | ---- | C] () -- D:\WINDOWS\System32\SFMAN.DAT
[2006/12/19 03:50:26 | 002,244,084 | ---- | C] () -- D:\Dokumente und Einstellungen\gast\Gaggia Bedienungsanleitung.pdf
[2006/11/02 10:10:16 | 000,080,912 | ---- | C] () -- D:\WINDOWS\System32\sherlock2.exe
[2006/11/01 08:11:21 | 000,689,280 | ---- | C] () -- D:\WINDOWS\System32\aswBoot.exe
[2006/10/30 11:15:03 | 000,006,067 | ---- | C] () -- D:\WINDOWS\Unwise32.ini
[2006/10/30 11:15:02 | 000,148,992 | ---- | C] () -- D:\WINDOWS\Unwise32.exe
[2006/10/30 11:12:57 | 000,369,152 | ---- | C] () -- D:\Programme\Rufid.exe
[2006/10/30 11:12:01 | 000,000,092 | ---- | C] () -- D:\WINDOWS\KTEL.INI
[2006/10/11 07:10:29 | 000,008,864 | ---- | C] () -- D:\WINDOWS\System32\drivers\CDAC15BA.SYS
[2006/10/11 06:46:55 | 000,000,070 | ---- | C] () -- D:\WINDOWS\Ulead32.INI
[2006/09/20 03:19:12 | 000,000,116 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2006/09/07 07:34:16 | 000,154,624 | ---- | C] () -- D:\Dokumente und Einstellungen\ich\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/09/07 07:32:07 | 000,000,305 | ---- | C] () -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006/09/04 13:29:45 | 000,000,514 | ---- | C] () -- D:\WINDOWS\ODBC.INI
[2006/08/31 06:04:05 | 000,005,824 | ---- | C] () -- D:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2006/08/31 04:15:11 | 000,000,407 | ---- | C] () -- D:\Programme\Verknüpfung (2) mit Outlook Express.lnk
[2006/08/31 04:14:36 | 000,000,407 | ---- | C] () -- D:\Programme\Verknüpfung mit Outlook Express.lnk
[2006/08/30 12:36:08 | 000,285,216 | ---- | C] () -- D:\WINDOWS\System32\drivers\Onsio.sys
[2006/08/30 12:36:08 | 000,007,680 | ---- | C] () -- D:\WINDOWS\System32\drivers\Onsreged.sys
[2006/08/28 14:33:53 | 000,004,212 | -H-- | C] () -- D:\WINDOWS\System32\zllictbl.dat
[2006/08/28 12:12:04 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\ieencode.dll
[2006/08/26 13:05:53 | 000,000,552 | ---- | C] () -- D:\WINDOWS\System32\d3d8caps.dat
[2006/08/26 12:21:25 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2006/08/26 12:21:16 | 000,003,418 | ---- | C] () -- D:\WINDOWS\mozver.dat
[2006/08/26 11:08:52 | 000,004,831 | ---- | C] () -- D:\WINDOWS\Ascd_tmp.ini
[2006/08/26 07:07:34 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2006/08/26 07:00:51 | 000,021,740 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat
[2006/08/26 06:50:42 | 000,004,161 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2006/08/26 06:49:46 | 000,286,112 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2006/06/01 10:22:00 | 001,662,976 | ---- | C] () -- D:\WINDOWS\System32\nvwdmcpl.dll
[2006/06/01 10:22:00 | 001,519,616 | ---- | C] () -- D:\WINDOWS\System32\nwiz.exe
[2006/06/01 10:22:00 | 001,466,368 | ---- | C] () -- D:\WINDOWS\System32\nview.dll
[2006/06/01 10:22:00 | 001,339,392 | ---- | C] () -- D:\WINDOWS\System32\nvdspsch.exe
[2006/06/01 10:22:00 | 001,019,904 | ---- | C] () -- D:\WINDOWS\System32\nvwimg.dll
[2006/06/01 10:22:00 | 000,581,632 | ---- | C] () -- D:\WINDOWS\System32\nvhwvid.dll
[2006/06/01 10:22:00 | 000,466,944 | ---- | C] () -- D:\WINDOWS\System32\nvShell.dll
[2006/06/01 10:22:00 | 000,442,368 | ---- | C] () -- D:\WINDOWS\System32\nvAppBar.exe
[2006/06/01 10:22:00 | 000,425,984 | ---- | C] () -- D:\WINDOWS\System32\keystone.exe
[2006/06/01 10:22:00 | 000,286,720 | ---- | C] () -- D:\WINDOWS\System32\nvnt4cpl.dll
[2006/06/01 10:22:00 | 000,196,608 | ---- | C] () -- D:\WINDOWS\System32\NVAPI.DLL
[2006/04/28 15:05:14 | 000,156,671 | ---- | C] () -- D:\WINDOWS\System32\atiicdxx.dat
[2004/08/02 07:20:40 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat
[2003/02/20 10:53:42 | 000,005,702 | ---- | C] () -- D:\WINDOWS\System32\OUTLPERF.INI
[2001/10/10 01:57:58 | 000,073,786 | ---- | C] () -- D:\WINDOWS\System32\dntvmc23.dll
[2001/10/10 01:57:58 | 000,061,497 | ---- | C] () -- D:\WINDOWS\System32\dntvm23.dll
[2001/09/04 10:35:46 | 000,027,440 | ---- | C] () -- D:\WINDOWS\System32\drivers\secdrv.sys
[2001/09/04 10:35:36 | 000,408,618 | ---- | C] () -- D:\WINDOWS\System32\perfh007.dat
[2001/09/04 10:35:36 | 000,395,200 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat
[2001/09/04 10:35:36 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat
[2001/09/04 10:35:36 | 000,269,480 | ---- | C] () -- D:\WINDOWS\System32\perfi007.dat
[2001/09/04 10:35:36 | 000,034,478 | ---- | C] () -- D:\WINDOWS\System32\perfd007.dat
[2001/09/04 10:35:36 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat
[2001/09/04 10:35:35 | 000,071,598 | ---- | C] () -- D:\WINDOWS\System32\perfc007.dat
[2001/09/04 10:35:35 | 000,059,440 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat
[2001/09/04 10:35:33 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin
[2001/09/04 10:35:33 | 000,004,463 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat
[2001/09/04 10:35:26 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat
[2001/09/04 10:35:09 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat
[2001/09/04 10:35:08 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin
[2001/09/04 10:34:48 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat
[2001/09/04 10:34:21 | 000,001,788 | ---- | C] () -- D:\WINDOWS\System32\Dcache.bin
[2001/03/07 01:02:30 | 000,229,431 | ---- | C] () -- D:\WINDOWS\System32\dnt23.dll
[2000/09/13 19:03:00 | 000,000,145 | ---- | C] () -- D:\WINDOWS\System32\EBPPORT.DAT
========== LOP Check ==========
[2007/02/14 13:22:50 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic
[2008/12/06 11:49:02 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ashampoo
[2006/12/02 02:57:24 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avg7
[2007/04/20 01:57:10 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BTrieve
[2007/04/20 01:55:44 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Haufe
[2007/04/20 01:57:02 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware
[2008/05/12 13:45:42 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2008/11/20 12:53:04 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Maxtor
[2007/03/31 02:56:00 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\My Pictures
[2007/12/24 04:49:28 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2006/08/27 07:18:54 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-DSL SpeedManager
[2008/11/19 11:37:10 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2006/09/02 05:44:10 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
========== Purity Check ==========
========== Files - Unicode (All) ==========
*[Weitere] BeitragssymboleSie könn[2008/11/19 11:07:43 | 000,000,000 | ---D | C](D:\WINDOWS\System32\??????????) -- D:\WINDOWS\System32\粑۰粒??۫粒⁃睌 < End of report > en aus Geändert von paulibins (29.01.2013 um 19:11 Uhr) |
| Themen zu Windows XP startet auch nicht im abgesichtern Modus |
| angemeldet, aufforderung, bricht, chris, christian, euren, extras.txt, fehlermeldung, gemeldet, gestern, guten, heulen, komische, malwareprogramm, modus, nicht mehr, otl.txt, plug-in, scans, starte, startet, versuche, windows, windows xp |
Baum-Darstellung