Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Bundes Trojaner, abgesicherter Modus geht nicht, OTLPE Scan durchgefuehrt

Bundes Trojaner, abgesicherter Modus geht nicht, OTLPE Scan durchgefuehrt


Log-Analyse und Auswertung: Bundes Trojaner, abgesicherter Modus geht nicht, OTLPE Scan durchgefuehrt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 09.02.2014, 17:07   #1
NewtonZ4
 
Bundes Trojaner, abgesicherter Modus geht nicht, OTLPE Scan durchgefuehrt - Standard

Bundes Trojaner, abgesicherter Modus geht nicht, OTLPE Scan durchgefuehrt


Hi, ich hab das Problem, dass sich beim Starten des PCs jedes mal der Bundestrojaner oeffnet. Habe den abgesicherten Modus probiert, jedoch startet der PC dann jedes mal neu und laesst sich somit nur normal starten.

Hab jetzt die OTLpe Anleitung befolgt und folgende LogFile>

HTML-Code:
OTL logfile created on: 2/9/2014 3:23:01 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186.15 Gb Total Space | 102.83 Gb Free Space | 55.24% Space Free | Partition Type: NTFS
Drive D: | 184.99 Gb Total Space | 179.59 Gb Free Space | 97.08% Space Free | Partition Type: NTFS
Drive E: | 953.73 Mb Total Space | 952.64 Mb Free Space | 99.89% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet001
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2013/11/16 09:08:46 | 000,174,592 | ---- | M] (Sato Corporation) [Auto] -- C:\ProgramData\gcl81ha.dss -- (Winmgmt)
SRV - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe -- (NIS)
SRV - [2012/05/12 02:53:24 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011/12/15 12:29:42 | 000,014,848 | ---- | M] () [On_Demand] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2011/04/20 03:17:28 | 004,896,720 | ---- | M] (ETU Software GmbH) [Auto] -- C:\Program Files\HSETU\ApplicationService\ApplicationService.exe -- (HSETUApplicationService)
SRV - [2009/12/02 11:09:54 | 000,246,272 | ---- | M] () [Auto] -- C:\Program Files\Mobile Partner Manager\AssistantServices.exe -- (UI Assistant Service)
SRV - [2009/11/13 06:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2008/10/01 10:38:46 | 000,554,264 | ---- | M] (Acronis) [Auto] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2008/08/26 08:26:44 | 000,099,720 | ---- | M] (Toshiba Europe GmbH) [Auto] -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe -- (TempoMonitoringService)
SRV - [2008/08/25 02:58:20 | 000,077,824 | ---- | M] (Toshiba) [On_Demand] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/04/16 17:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/16 08:53:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2008/04/10 17:51:58 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/17 09:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/03 10:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 10:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2006/08/23 09:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - [2012/07/05 21:17:57 | 000,574,112 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\Windows\System32\Drivers\NIS\1309010.00E\SRTSP.SYS -- (SRTSP)
DRV - [2012/07/05 21:17:57 | 000,032,928 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1309010.00E\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2012/06/06 23:43:43 | 000,132,768 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1309010.00E\ccSetx86.sys -- (ccSet_NIS)
DRV - [2012/05/30 21:15:18 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/05/30 21:15:18 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/05/25 14:45:09 | 001,589,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120604.033\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/05/25 14:45:09 | 000,087,928 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120604.033\NAVENG.SYS -- (NAVENG)
DRV - [2012/05/21 20:37:12 | 000,924,320 | ---- | M] (Symantec Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\NIS\1309010.00E\symefa.sys -- (SymEFA)
DRV - [2012/04/27 19:18:22 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120602.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012/04/17 21:13:32 | 000,345,208 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\Drivers\NIS\1309010.00E\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2012/04/17 20:42:14 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\NIS\1309010.00E\Ironx86.SYS -- (SymIRON)
DRV - [2012/04/02 18:38:08 | 000,821,880 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120517.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/03/26 15:20:30 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/12/15 12:29:42 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)
DRV - [2011/07/25 13:18:36 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\NIS\1309010.00E\symds.sys -- (SymDS)
DRV - [2009/10/29 12:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - [2009/10/29 12:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - [2009/10/29 12:28:24 | 000,105,088 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - [2009/10/29 12:28:24 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - [2009/10/12 09:22:56 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009/09/10 08:55:58 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/07/15 13:05:56 | 000,967,168 | ---- | M] (Acronis) [Kernel | Boot] -- C:\Windows\System32\drivers\tdrpm139.sys -- (tdrpman139) Acronis Try&Decide and Restore Points filter (build 139)
DRV - [2009/07/15 13:05:42 | 000,540,000 | ---- | M] (Acronis) [Kernel | Boot] -- C:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV - [2009/07/15 13:05:42 | 000,044,704 | ---- | M] (Acronis) [File_System | Auto] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/07/15 13:05:38 | 000,134,272 | ---- | M] (Acronis) [Kernel | Boot] -- C:\Windows\System32\drivers\snman380.sys -- (snapman380) Acronis Snapshots Manager (Build 380)
DRV - [2008/10/09 07:50:08 | 000,022,528 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad)
DRV - [2008/10/09 07:50:04 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2008/07/28 22:05:04 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/15 12:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2008/05/02 03:58:28 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/05/02 03:58:14 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/05/02 03:58:14 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008/05/02 03:58:12 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008/04/28 09:59:18 | 000,020,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2008/04/22 17:36:32 | 003,551,232 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/04/15 03:05:08 | 000,118,784 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/04/10 14:25:30 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008/02/27 12:36:02 | 000,141,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/01/20 21:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/11/09 07:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/10/17 16:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/11/20 07:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/10/30 04:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006/10/18 04:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
 
 
[color=#E56717]========== Standard Registry (All) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEE&bmod=TSEE;
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEE&bmod=TSEE
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\kohls_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEE&bmod=TSEE;
IE - HKU\kohls_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\kohls_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\kohls_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\kohls_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\kohls_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\kohls_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\kohls_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\LocalService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
 
IE - HKU\NetworkService_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 20:01:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/01/31 21:18:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2014/02/09 08:16:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/05/12 02:53:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/10 17:07:16 | 000,000,000 | ---D | M]
 
[2009/12/25 09:50:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kohls\AppData\Roaming\Mozilla\Extensions
[2009/07/17 05:41:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kohls\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/12/25 09:50:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kohls\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2010/02/05 15:57:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kohls\AppData\Roaming\Mozilla\Firefox\Profiles\322w2j1y.default\extensions
[2009/09/03 06:05:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kohls\AppData\Roaming\Mozilla\Firefox\Profiles\322w2j1y.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/07/20 07:52:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kohls\AppData\Roaming\Mozilla\Firefox\Profiles\322w2j1y.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2010/12/18 10:33:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kohls\AppData\Roaming\Mozilla\Firefox\Profiles\v0l0pold.default\extensions
[2010/07/06 11:20:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kohls\AppData\Roaming\Mozilla\Firefox\Profiles\v0l0pold.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/09/17 16:18:29 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Users\kohls\AppData\Roaming\Mozilla\Firefox\Profiles\v0l0pold.default\extensions\toolbar@ask.com
[2011/12/14 10:58:38 | 000,002,449 | ---- | M] () -- C:\Users\kohls\AppData\Roaming\Mozilla\Firefox\Profiles\v0l0pold.default\searchplugins\safesearch.xml
[2011/12/20 13:38:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/05/12 02:53:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/10/14 10:55:52 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
File not found (No name found) -- 
[2012/05/12 02:53:24 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/07/06 11:57:38 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/08/30 15:33:42 | 000,095,672 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2011/01/02 06:18:00 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2011/01/02 06:18:00 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2011/01/02 06:18:00 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2011/01/02 06:18:00 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2011/01/02 06:18:00 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2011/01/02 06:18:00 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2011/01/02 06:18:00 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2012/05/12 02:53:21 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/05/12 02:53:21 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/05/12 02:53:21 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/05/12 02:53:21 | 000,003,413 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2012/05/12 02:53:20 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/05/12 02:53:20 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/05/12 02:53:20 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\kohls_ON_C\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\kohls_ON_C\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [cfFncEnabler.exe]  File not found
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [jswtrayutil]  File not found
O4 - HKLM..\Run: [NDSTray.exe]  File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UIExec] C:\Program Files\Mobile Partner Manager\UIExec.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\kohls_ON_C..\Run: [{69A9AEA7-6DD1-E35B-636F-989B6C4F1C1B}]  File not found
O4 - HKU\kohls_ON_C..\Run: [avupdate]  File not found
O4 - HKU\kohls_ON_C..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKU\kohls_ON_C..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKU\kohls_ON_C..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\kohls_ON_C..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\kohls\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ah18lcg.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\kohls_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.76\AMVConverter\grab.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} -  File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} -  File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.179.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Desert Landscape.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Desert Landscape.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{15ecd2ce-eecf-11de-85eb-001e33a39b3a}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe
O33 - MountPoints2\{6e230ee0-0d48-11e0-8b48-001e33a39b3a}\Shell - "" = AutoRun
O33 - MountPoints2\{6e230ee0-0d48-11e0-8b48-001e33a39b3a}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{6e230ee4-0d48-11e0-8b48-001e33a39b3a}\Shell - "" = AutoRun
O33 - MountPoints2\{6e230ee4-0d48-11e0-8b48-001e33a39b3a}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{6e230ee7-0d48-11e0-8b48-001e33a39b3a}\Shell - "" = AutoRun
O33 - MountPoints2\{6e230ee7-0d48-11e0-8b48-001e33a39b3a}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O36 - AppCertDlls: bcdeplay - (C:\Windows\system32\cleamapi.dll) -  File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/11/16 09:08:46 | 000,174,592 | ---- | C] (Sato Corporation) -- C:\ProgramData\gcl81ha.dss
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014/02/09 08:17:09 | 000,002,591 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaufmann.lnk
[2014/02/09 08:17:04 | 095,025,368 | ---- | M] () -- C:\ProgramData\ah18lcg.bxx
[2014/02/09 08:16:59 | 000,000,000 | ---- | M] () -- C:\ProgramData\ah18lcg.fvv
[2014/02/09 08:16:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/09 08:16:25 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/09 08:16:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2014/02/09 08:16:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/08 11:49:07 | 002,546,616 | -H-- | M] () -- C:\Users\kohls\AppData\Local\IconCache.db
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/11/16 09:09:30 | 000,000,279 | ---- | C] () -- C:\ProgramData\ah18lcg.reg
[2013/11/16 09:08:50 | 000,000,000 | ---- | C] () -- C:\ProgramData\ah18lcg.fvv
[2013/11/16 09:08:47 | 095,025,368 | ---- | C] () -- C:\ProgramData\ah18lcg.bxx
[2011/10/12 20:07:29 | 000,000,206 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/05/02 03:49:35 | 000,129,348 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/03/15 10:52:16 | 000,131,917 | ---- | C] () -- C:\Windows\unstall.exe
[2010/10/06 10:00:30 | 000,000,000 | ---- | C] () -- C:\Windows\ToDisc.INI
[2009/09/24 12:55:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 12:55:24 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/24 12:55:07 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll
[2009/07/23 07:09:55 | 000,000,680 | ---- | C] () -- C:\Users\kohls\AppData\Local\d3d9caps.dat
[2009/07/21 09:34:21 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009/07/20 09:23:32 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2009/07/17 05:41:02 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/07/16 09:13:30 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/07/15 06:52:37 | 000,039,936 | ---- | C] () -- C:\Users\kohls\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/15 04:10:34 | 002,546,616 | -H-- | C] () -- C:\Users\kohls\AppData\Local\IconCache.db
[2009/07/15 04:04:25 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2009/07/15 04:04:25 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2009/07/15 04:04:25 | 000,009,480 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2009/07/15 04:04:25 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2009/07/15 03:38:02 | 000,097,752 | ---- | C] () -- C:\Users\kohls\AppData\Local\GDIPFONTCACHEV1.DAT
[2008/10/07 10:02:35 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/10/07 10:02:35 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/10/07 10:02:35 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/10/07 10:02:35 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/10/07 10:02:35 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/10/07 10:02:35 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/10/07 09:54:03 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/10/07 09:43:07 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/10/07 08:54:49 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/10/07 08:40:10 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/10/07 08:38:21 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/10/07 08:38:21 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/10/07 08:38:20 | 000,168,883 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/10/07 08:38:20 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/01/21 02:16:22 | 001,601,828 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI
[2008/01/21 02:15:58 | 000,689,462 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/01/21 02:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/01/21 02:15:58 | 000,151,368 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/01/21 02:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008/01/20 21:24:38 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,368,016 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:37:35 | 000,037,665 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/02 07:37:35 | 000,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 07:37:35 | 000,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 07:37:35 | 000,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 07:34:41 | 000,197,632 | ---- | C] () -- C:\Windows\System32\ir32_32.dll
[2006/11/02 05:33:01 | 000,645,858 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,122,806 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:24:31 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2006/11/02 05:23:31 | 000,000,240 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 05:23:31 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 02:10:37 | 000,053,536 | ---- | C] () -- C:\Windows\System32\dosx.exe
[2006/11/02 02:10:02 | 000,000,718 | ---- | C] () -- C:\Windows\System32\mscdexnt.exe
[2006/11/02 02:10:00 | 000,002,842 | ---- | C] () -- C:\Windows\System32\redir.exe
[2006/11/02 02:09:59 | 000,069,886 | ---- | C] () -- C:\Windows\System32\edit.com
[2006/11/02 02:09:59 | 000,019,694 | ---- | C] () -- C:\Windows\System32\GRAPHICS.COM
[2006/11/02 02:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\share.exe
[2006/11/02 02:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\fastopen.exe
[2006/11/02 02:09:57 | 000,014,710 | ---- | C] () -- C:\Windows\System32\KB16.COM
[2006/11/02 02:09:56 | 000,007,052 | ---- | C] () -- C:\Windows\System32\nlsfunc.exe
[2006/11/02 02:09:55 | 000,039,274 | ---- | C] () -- C:\Windows\System32\mem.exe
[2006/11/02 02:09:55 | 000,001,131 | ---- | C] () -- C:\Windows\System32\LOADFIX.COM
[2006/11/02 02:09:53 | 000,011,753 | ---- | C] () -- C:\Windows\System32\setver.exe
[2006/11/02 02:09:52 | 000,020,634 | ---- | C] () -- C:\Windows\System32\debug.exe
[2006/11/02 02:09:51 | 000,008,424 | ---- | C] () -- C:\Windows\System32\exe2bin.exe
[2006/11/02 02:09:50 | 000,012,642 | ---- | C] () -- C:\Windows\System32\edlin.exe
[2006/11/02 02:09:49 | 000,050,648 | ---- | C] () -- C:\Windows\System32\COMMAND.COM
[2006/11/02 02:09:49 | 000,012,498 | ---- | C] () -- C:\Windows\System32\append.exe
[2006/11/02 02:09:45 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys
[2006/11/02 02:09:44 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS
[2006/11/02 02:09:44 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS
[2006/11/02 02:09:42 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS
[2006/11/02 02:09:41 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS
[2006/11/02 02:09:40 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS
[2006/11/02 02:09:38 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS
[2006/11/02 02:09:35 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS
[2006/11/02 02:09:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS
[2006/11/02 02:09:29 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS
[2006/11/02 02:09:26 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS
[2006/11/02 02:09:24 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS
[2006/11/02 02:09:23 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS
[2006/11/02 02:09:22 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS
[2006/11/02 02:09:20 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS
[2006/11/02 01:25:08 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll
[2004/09/16 07:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\System32\drivers\ADFUUD.SYS
[2004/09/16 07:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\ADFUUD.SYS
[2003/02/20 10:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009/07/15 13:16:48 | 000,000,000 | ---D | M] -- C:\Users\kohls\AppData\Roaming\Acronis
[2010/06/28 01:50:59 | 000,000,000 | ---D | M] -- C:\Users\kohls\AppData\Roaming\Acwu
[2012/02/27 09:27:00 | 000,000,000 | ---D | M] -- C:\Users\kohls\AppData\Roaming\HSETU
[2009/11/06 10:17:25 | 000,000,000 | ---D | M] -- C:\Users\kohls\AppData\Roaming\ICQ
[2012/03/02 08:43:34 | 000,000,000 | ---D | M] -- C:\Users\kohls\AppData\Roaming\InstalSoft
[2011/08/14 02:55:52 | 000,000,000 | ---D | M] -- C:\Users\kohls\AppData\Roaming\Loeros
[2011/08/11 16:10:14 | 000,000,000 | ---D | M] -- C:\Users\kohls\AppData\Roaming\Qewito
[2010/06/24 03:43:17 | 000,000,000 | ---D | M] -- C:\Users\kohls\AppData\Roaming\Subaag
[2010/12/28 14:54:10 | 000,000,000 | ---D | M] -- C:\Users\kohls\AppData\Roaming\T-Mobile
[2010/12/27 15:26:40 | 000,000,000 | ---D | M] -- C:\Users\kohls\AppData\Roaming\T-Mobile Internet Manager
[2009/12/25 09:50:17 | 000,000,000 | ---D | M] -- C:\Users\kohls\AppData\Roaming\TomTom
[2009/07/15 05:07:19 | 000,000,000 | ---D | M] -- C:\Users\kohls\AppData\Roaming\Toshiba
[2009/07/15 13:16:14 | 000,000,000 | ---D | M] -- C:\ProgramData\Acronis
[2009/07/15 03:32:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/07/15 03:32:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2009/07/15 03:32:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/02/27 10:50:20 | 000,000,000 | ---D | M] -- C:\ProgramData\HSETU
[2009/07/21 14:41:48 | 000,000,000 | ---D | M] -- C:\ProgramData\IsolatedStorage
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2009/07/15 03:32:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2009/12/25 09:56:15 | 000,000,000 | ---D | M] -- C:\ProgramData\TomTom
[2008/10/07 10:04:17 | 000,000,000 | ---D | M] -- C:\ProgramData\Toshiba
[2009/07/15 03:38:07 | 000,000,000 | ---D | M] -- C:\ProgramData\ToshibaEurope
[2008/10/07 10:01:33 | 000,000,000 | ---D | M] -- C:\ProgramData\Ulead Systems
[2009/07/15 03:32:55 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2009/12/16 10:23:44 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2011/01/02 06:19:23 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2014/02/08 11:49:46 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
< End of report >
HTML-Code:
OTL Extras logfile created on: 2/9/2014 3:23:01 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186.15 Gb Total Space | 102.83 Gb Free Space | 55.24% Space Free | Partition Type: NTFS
Drive D: | 184.99 Gb Total Space | 179.59 Gb Free Space | 97.08% Space Free | Partition Type: NTFS
Drive E: | 953.73 Mb Total Space | 952.64 Mb Free Space | 99.89% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet001
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1476183312-564281682-92577615-1000]
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}" = Toshiba TEMPRO
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{079F8518-81AA-45A2-BA0C-A2E2A74118C8}" = Kaufmann
"{07C9627A-CA0B-2AA2-062E-204359DF7BA1}" = Catalyst Control Center Core Implementation
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{0EFB2016-41D2-5F30-8F60-25250F6DABDD}" = CCC Help Thai
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1C971EE3-B4C4-4367-9676-57549919C6CE}" = TOSHIBA Benutzerhandbücher
"{1D1D8ADC-BF08-4E61-9393-5FA305B16864}" = Microsoft SQL Server Native Client
"{1E57A11B-AB65-C6D1-F999-B3B37AB2298E}" = Catalyst Control Center Localization Japanese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{27265B80-303E-EFFF-6052-B11F91B634C3}" = Catalyst Control Center Localization Italian
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{2920435D-CE92-5024-1694-DFD43A5FF074}" = Catalyst Control Center Localization Greek
"{2CD6D3D2-1EFC-F0B4-1761-FD4FA7F8750F}" = CCC Help Finnish
"{358004B9-3A16-87FF-4487-4D6F0C70E52F}" = Catalyst Control Center Localization Russian
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{37C8899D-FD70-481F-94AA-1F1B08765E22}" = Acronis*True*Image*Home
"{38A3E884-313A-7AE0-11BC-482DE0C8766A}" = CCC Help Czech
"{3BB12DBC-0A8E-ECE2-F179-D06B99B8CD02}" = Catalyst Control Center Localization Czech
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E0E28DC-DA90-1BA2-FA36-AA3C2E4FB74A}" = Catalyst Control Center Graphics Previews Vista
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{4C90501F-864B-5AC4-867D-6AC35BE50721}" = ccc-utility
"{55398A75-13E0-570F-BD16-2EE5D9E5523D}" = Catalyst Control Center Localization Norwegian
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5C759B74-34F4-43C6-A5D9-039CB754C5E9}" = Microsoft SQL Server VSS Writer
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5F131988-3326-AD64-1817-D76A2FE3C2D3}" = CCC Help Chinese Traditional
"{5FBF37CD-B7F9-564C-BDFC-73D970CF7AF2}" = CCC Help Italian
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61C63422-E5E2-8576-2B82-0E01F5AD2538}" = CCC Help English
"{61F90A4F-AD49-7FFB-F027-5B2CB64F0A70}" = Catalyst Control Center Graphics Light
"{629044C7-745A-64B8-467F-2F93ED50008B}" = CCC Help Chinese Standard
"{65BF23C0-4EF9-27CC-7B6F-190F4008A569}" = Catalyst Control Center Localization Polish
"{65D602E4-DCDE-0743-6A0A-F1A203449F47}" = CCC Help German
"{69E5255D-9D43-4CFF-8984-843ABD7753B7}" = Catalyst Control Center - Branding
"{6B4874CA-13CF-2477-B697-B448201B56B6}" = CCC Help Norwegian
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D172D0A-B9F1-4046-AFAB-8599288545BF}" = Safari
"{6EB0B23B-AA51-6F4E-C94C-C1015ED61EEC}" = CCC Help Japanese
"{70495081-1DC8-AD4B-C197-12138B8FBC9E}" = CCC Help Danish
"{71B929E2-3556-93DB-DEC0-FD56D3EFB473}" = Catalyst Control Center Localization Chinese Traditional
"{71C47830-182D-79FA-0790-0366E6E2C2EB}" = Catalyst Control Center Localization Spanish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{7784A172-61F1-445E-8368-601607E0DD22}" = MP3 Player Utilities 3.76
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{77CAD946-C573-6647-B222-B6870C072932}" = CCC Help Korean
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7E83516C-931B-870F-5CDF-01FDF9A4AEF0}" = Catalyst Control Center Localization Turkish
"{86728841-C151-B8E4-43C6-DD289DE570B6}" = Catalyst Control Center Localization Swedish
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{86DBA852-5D5E-1856-D828-620E792EDC0D}" = Catalyst Control Center Localization Chinese Standard
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{88BA2601-8A62-7AB7-DB8A-7AA2840B7C87}" = Catalyst Control Center Localization Thai
"{8B587895-7716-1B99-5D85-3CA4AAF8A0F4}" = Catalyst Control Center Localization Dutch
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{9244F321-0BBD-9D4A-C1FB-6437E3D0550D}" = Catalyst Control Center Localization German
"{93F3EBDD-4007-C233-7320-977AC0941054}" = CCC Help Turkish
"{94AB6CE0-DB26-7048-2A5B-4647EA1FC693}" = ccc-core-static
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A103C127-2168-4493-8D01-4BF180BED12C}" = CCC Help Portuguese
"{A7F27ADB-3C56-0F2B-6B4B-0B8E02A49186}" = ATI Catalyst Install Manager
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Mobile Partner Manager
"{AC2EE52D-05CD-8140-5D29-5AA29590971E}" = CCC Help French
"{AC76BA86-7AD7-1031-7B44-A83000000003}" = Adobe Reader 8.3.1 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B02A78AE-EA3B-8261-AEBC-8221E22DCC1E}" = CCC Help Polish
"{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}" = Atheros Wi-Fi Protected Setup Library
"{B1D67B62-35A8-A9A1-AA74-F6A495C8271A}" = Catalyst Control Center Localization Danish
"{B3276CB1-20B6-4AF9-AAEC-E72C83816495}" = IKEA Home Planner
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}" = Free DWG Viewer 6.2
"{BBAAAD82-6242-420F-86D4-BD72BB5E6C86}" = Tools für Microsoft SQL Server 2005 Express Edition
"{BC2EA92A-A5A9-A137-5204-F150EDB05DB3}" = CCC Help Hungarian
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BC713970-8C3C-852B-4139-636F21114B7F}" = CCC Help Dutch
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C5F1A9C4-C041-2E95-5D7E-EF56CED2B522}" = Skins
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D32D873B-71AC-4BD5-813E-C11B590D58C8}" = Uponor HSE-san 4.9 DE
"{D7CC05AF-067D-0D1A-1E4D-9DCBCDCC2D41}" = Catalyst Control Center Graphics Full New
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E0FC3A5D-CF52-ABA7-92EF-D9794F372121}" = Catalyst Control Center Graphics Full Existing
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{EA7D1919-A6BF-979A-E3A2-F753E23D45FA}" = Catalyst Control Center Localization Hungarian
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED2BC5D9-20EE-FBB6-8483-240F19EFCAA5}" = CCC Help Swedish
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0345A2F-1D78-0AEA-7CBB-CEF48622EB44}" = Catalyst Control Center Localization Portuguese
"{F0646787-1A2F-34E9-A61D-9DAD69F606F8}" = CCC Help Spanish
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F50E4D66-5280-FDF8-7F55-2E47FCF23E7D}" = Catalyst Control Center Localization Korean
"{F67E6AE5-F87B-025F-2D6B-26491304393F}" = CCC Help Russian
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9DAAC4B-5E3F-1D39-9D4B-6998664EF402}" = Catalyst Control Center Localization Finnish
"{F9F66B99-C1B3-ACEA-1F80-404CC4DD96BF}" = Catalyst Control Center Localization French
"{FA493449-3E34-4E05-8CA7-26A42E9F180E}" = CCC Help Greek
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"CNXT_MODEM_PCI_VEN_14F1&DEV_2C06&SUBSYS_14F10000" = HDAUDIO Soft Data Fax Modem with SmartCP
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Heimeier EasyPlan" = Heimeier EasyPlan 3.0.1 
"Heimeier Ventilauslegung" = Heimeier Ventilauslegung 1.4.0 
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"myphotobook" = myphotobook 3.6
"NIS" = Norton Internet Security
"OpenVPN" = OpenVPN 2.2.2
"OVplan" = OVplan 3.1.4 
"OVselect" = OVselect 3.2.0 
"OVsim" = OVsim 2.0.2 
"Picasa 3" = Picasa 3
"ST6UNST #1" = DELTA
"ST6UNST #2" = DELTA (C:\GHFakt\)
"ST6UNST #3" = DELTA (C:\GHFakt\) #3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"T-Mobile Internet Manager" = T-Mobile Internet Manager
"TomTom HOME" = TomTom HOME 2.7.3.1894
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinRAR archiver" = WinRAR
 
< End of report >
Besten Dank im Voraus

 

Themen zu Bundes Trojaner, abgesicherter Modus geht nicht, OTLPE Scan durchgefuehrt
32 bit, avira, bho, error, excel, flash player, format, install.exe, installation, java/exploit.agent.nao, java/exploit.cve-2008-5353.i, logfile, malware.trace, mp3, problem, registry, rundll, schannel.dll, security, software, symantec, trojan.agent.gen, trojan.winlock.reveton, trojan.zbotr.gen, trojaner


« LogFile MalwareBytes, Problem: "Search Assistant" | Schon wieder 3 Funde mit Emsisoft (Adware.Win32.Adlop) »


Ähnliche Themen: Bundes Trojaner, abgesicherter Modus geht nicht, OTLPE Scan durchgefuehrt


  1. GVU-Trojaner abgesicherter Modus in Win 7 geht nicht
    Plagegeister aller Art und deren Bekämpfung - 01.05.2014 (13)
  2. GVU Trojaner WinXP Abgesicherter Modus geht nicht
    Log-Analyse und Auswertung - 26.11.2013 (7)
  3. Bundes Trojaner, abgesicherter Modus geht nicht, OTLPE Scan durchgefuehrt
    Log-Analyse und Auswertung - 04.11.2013 (3)
  4. gvu trojaner - abgesicherter modus geht nicht
    Plagegeister aller Art und deren Bekämpfung - 23.10.2013 (2)
  5. Landespolizeidirection virus abgesicherter modus funkt nicht otlpe ok
    Log-Analyse und Auswertung - 21.10.2013 (7)
  6. GVU Trojaner - Kein abgesicherter Modus geht nicht
    Plagegeister aller Art und deren Bekämpfung - 20.10.2013 (3)
  7. Windows XP: GVU Trojaner, abgesicherter Modus geht nicht
    Plagegeister aller Art und deren Bekämpfung - 06.09.2013 (3)
  8. GVU Trojaner - Abgesicherter Modus geht nicht
    Log-Analyse und Auswertung - 27.07.2013 (15)
  9. GVU Trojaner - Abgesicherter Modus geht nicht
    Plagegeister aller Art und deren Bekämpfung - 08.07.2013 (13)
  10. GVU Trojaner (abgesicherter modus geht nicht)
    Plagegeister aller Art und deren Bekämpfung - 21.06.2013 (38)
  11. GVU-Trojaner Win7 32Bit (Abgesicherter Modus geht nicht)
    Plagegeister aller Art und deren Bekämpfung - 17.06.2013 (49)
  12. GVU Trojaner abgesicherter Modus geht nicht
    Log-Analyse und Auswertung - 30.05.2013 (5)
  13. WinXP - weißer Startscreen (Maus da) - abgesicherter Modus nicht möglich, startet neu - OTLpe Scan ok, was nun
    Log-Analyse und Auswertung - 29.05.2013 (13)
  14. GVU-Trojaner blockt PC - abgesicherter Modus geht nicht
    Plagegeister aller Art und deren Bekämpfung - 21.05.2013 (7)
  15. GVU Trojaner - F8 abgesicherter Modus geht nicht
    Plagegeister aller Art und deren Bekämpfung - 10.03.2013 (4)
  16. GVU Trojaner - Computer gesperrt - Abgesicherter Modus nicht nutzbar - Scan mit OTL eingefügt
    Plagegeister aller Art und deren Bekämpfung - 01.03.2013 (12)
  17. Bundespolizei-Trojaner: Abgesicherter Modus geht nicht mehr
    Log-Analyse und Auswertung - 05.12.2012 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bundes Trojaner, abgesicherter Modus geht nicht, OTLPE Scan durchgefuehrt - Hi, ich hab das Problem, dass sich beim Starten des PCs jedes mal der Bundestrojaner oeffnet. Habe den abgesicherten Modus probiert, jedoch startet der PC dann jedes mal neu und - Bundes Trojaner, abgesicherter Modus geht nicht, OTLPE Scan durchgefuehrt...
Archiv
Du betrachtest: Bundes Trojaner, abgesicherter Modus geht nicht, OTLPE Scan durchgefuehrt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131