| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Links werden umgeleitet, AV Webseiten und Programme funktionieren nicht mehr, Homepage gehacktWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
03.07.2010, 19:22
| #7 |
 |  Links werden umgeleitet, AV Webseiten und Programme funktionieren nicht mehr, Homepage gehackt Hallo, weil die Ursachen schon solange zurückliegen, habe ich die Zeit auf 60 Tage gesetzt: OTL.txt Code:
ATTFilter OTL logfile created on: 03.07.2010 17:21:09 - Run 3 OTL by OldTimer - Version 3.2.7.0 Folder = C:\Dokumente und Einstellungen\***\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.014,00 Mb Total Physical Memory | 656,00 Mb Available Physical Memory | 65,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free Paging file location(s): c:\pagefile.sys 1524 3048 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 64,00 Gb Total Space | 29,99 Gb Free Space | 46,85% Space Free | Partition Type: NTFS Drive D: | 85,02 Gb Total Space | 54,79 Gb Free Space | 64,44% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: TOUGHBOOK Current User Name: *** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 60 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Secunia\PSI\psi.exe (Secunia) PRC - C:\Programme\Sandboxie\SbieCtrl.exe (tzuk) PRC - C:\Programme\Sandboxie\SbieSvc.exe (tzuk) PRC - C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET) PRC - C:\Programme\ESET\ESET NOD32 Antivirus\egui.exe (ESET) PRC - C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Panasonic\WSwitch\WSwitch.exe (Matsushita Electric Industrial Co., Ltd.) PRC - C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation) PRC - C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation) PRC - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) PRC - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company) PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company) PRC - C:\Programme\Panasonic\Hotkey Appendix\hkeyapp.exe (Matsushita Electric Industrial Co., Ltd.) PRC - C:\Programme\Nero\Nero 7\InCD\NBHGui.exe (Nero AG) PRC - C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe (Nero AG) PRC - C:\Programme\Nero\Nero 7\InCD\InCD.exe (Nero AG) PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) PRC - C:\WINDOWS\system32\pctspk.exe () PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\***\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) MOD - C:\WINDOWS\system32\SynTPFcs.dll (Synaptics, Inc.) ========== Win32 Services (SafeList) ========== SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (tzuk) SRV - (EhttpSrv) -- C:\Programme\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET) SRV - (ekrn) -- C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET) SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (S24EventMonitor) Intel(R) -- C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) SRV - (RegSrvc) Intel(R) -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company) SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe (Nero AG) SRV - (InCDsrv) -- C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe (Nero AG) ========== Driver Services (SafeList) ========== DRV - (PSI) -- C:\WINDOWS\system32\drivers\psi_mf.sys (Secunia) DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (tzuk) DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET) DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET) DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET) DRV - (epmntdrv) -- C:\WINDOWS\system32\epmntdrv.sys () DRV - (EuGdiDrv) -- C:\WINDOWS\system32\EuGdiDrv.sys () DRV - (Uim_IM) -- C:\WINDOWS\system32\drivers\Uim_IM.sys (Paragon) DRV - (UimBus) -- C:\WINDOWS\system32\drivers\UimBus.sys (Windows (R) 2000 DDK provider) DRV - (hotcore3) -- C:\WINDOWS\system32\DRIVERS\hotcore3.sys (Paragon Software Group) DRV - (WMDrive) -- C:\WINDOWS\system32\drivers\WMDrive.sys () DRV - (VClone) -- C:\WINDOWS\system32\drivers\VClone.sys (Elaborate Bytes AG) DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV - (Aspi32) -- C:\WINDOWS\system32\drivers\aspi32.sys (Adaptec) DRV - (NewMisc) -- C:\WINDOWS\system32\drivers\newmisc.sys (Matsushita Electric Industrial Co., Ltd.) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (w29n51) Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation) DRV - (incdrm) -- C:\WINDOWS\system32\drivers\InCDRm.sys (Nero AG) DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\InCDPass.sys (Nero AG) DRV - (InCDfs) -- C:\WINDOWS\system32\drivers\InCDfs.sys (Nero AG) DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (pcinfo) -- C:\Programme\Panasonic\PCINFO\PCINFO.sys (Matsushita Electric Industrial Co., Ltd.) DRV - (brecal) -- C:\Programme\Panasonic\BRECAL\Brecal.sys (Matsushita Electric Industrial Co., Ltd.) DRV - (Vmodem) -- C:\WINDOWS\system32\DRIVERS\vmodem.sys (PCTEL, INC.) DRV - (Vpctcom) -- C:\WINDOWS\system32\DRIVERS\vpctcom.sys (PCtel, Inc.) DRV - (Ptserial) -- C:\WINDOWS\system32\drivers\ptserial.sys (PCTEL, INC.) DRV - (Vvoice) -- C:\WINDOWS\system32\DRIVERS\vvoice.sys (PCtel, Inc.) DRV - (RTL8023) -- C:\WINDOWS\system32\drivers\Rtlnic51.sys (Realtek Semiconductor Corporation ) DRV - (STAC97) Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\stac97.sys (SigmaTel, Inc.) DRV - (HOTKEY) -- C:\WINDOWS\system32\drivers\HOTKEY.SYS (Matsushita Electric Industrial Co.,Ltd.) DRV - (fpcmbase) -- C:\WINDOWS\system32\drivers\fpcmbase.sys (AVM GmbH) DRV - (AVMWAN) -- C:\WINDOWS\system32\drivers\avmwan.sys (AVM GmbH) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1957994488-1580818891-842925246-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-1957994488-1580818891-842925246-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Programme\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.06.14 13:51:58 | 000,000,000 | ---D | M] [2010.01.31 18:38:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions [2010.01.31 18:38:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\yasearch@yandex.ru [2010.01.31 18:38:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\yasearch@yandex.ru\chrome\skin\extensions-hacks O1 HOSTS File: ([2010.06.25 23:58:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [egui] C:\Programme\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP) O4 - HKLM..\Run: [InCD] C:\Programme\Nero\Nero 7\InCD\InCD.exe (Nero AG) O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [Panasonic Hotkey Manager] C:\Programme\Panasonic\Hotkey Appendix\hkeyapp.exe (Matsushita Electric Industrial Co., Ltd.) O4 - HKLM..\Run: [PCinfo] C:\Programme\Panasonic\PCINFO\SetDiag.exe (Matsushita Electric Industrial Co.,Ltd.) O4 - HKLM..\Run: [PCTVOICE] C:\WINDOWS\System32\pctspk.exe () O4 - HKLM..\Run: [SecurDisc] C:\Programme\Nero\Nero 7\InCD\NBHGui.exe (Nero AG) O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.) O4 - HKLM..\Run: [VirtualCloneDrive] C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) O4 - HKLM..\Run: [WSwitch] C:\Programme\Panasonic\WSwitch\WSwitch.exe (Matsushita Electric Industrial Co., Ltd.) O4 - HKU\S-1-5-21-1957994488-1580818891-842925246-1004..\Run: [LightScribe Control Panel] C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company) O4 - HKU\S-1-5-21-1957994488-1580818891-842925246-1004..\Run: [SandboxieControl] C:\Programme\Sandboxie\SbieCtrl.exe (tzuk) O4 - HKU\.DEFAULT..\RunOnce: [ShowDeskFix] File not found O4 - HKU\S-1-5-18..\RunOnce: [ShowDeskFix] File not found O4 - Startup: C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Secunia PSI.lnk = C:\Programme\Secunia\PSI\psi.exe (Secunia) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1957994488-1580818891-842925246-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1957994488-1580818891-842925246-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1957994488-1580818891-842925246-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1957994488-1580818891-842925246-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_06\bin\npjpi160_06.dll (Sun Microsystems, Inc.) O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll () O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll () O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1276015979588 (WUWebControl Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1276015904580 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\***\Anwendungsdaten\Opera\Opera\profile\skin\1-4_step_in_eternity.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\***\Anwendungsdaten\Opera\Opera\profile\skin\1-4_step_in_eternity.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.08.27 00:40:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2010.06.08 17:01:38 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Programme\Gemeinsame Dateien\LightScribe\LSRunOnce.exe" ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - Microsoft NetShow Player ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0 ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9309DD7E-EBFE-3C95-8B47-30D3A012F606} - .NET Framework ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ActiveX: Microsoft Base Smart Card Crypto Provider Package - Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.imc - C:\WINDOWS\System32\IMC32.acm (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3codecp - C:\WINDOWS\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.i263 - C:\WINDOWS\System32\I263_32.drv (Intel Corporation) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: VIDC.IV40 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.MP42 - Mpg4c32.dll File not found Drivers32: vidc.MP43 - Mpg4c32.dll File not found Drivers32: vidc.MPG4 - Mpg4c32.dll File not found Drivers32: VIDC.VP70 - C:\WINDOWS\System32\vp7vfw.dll (On2.com) Drivers32: VIDC.wmv3 - C:\WINDOWS\System32\WMV9VCM.dll (Microsoft Corporation) Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll () CREATERESTOREPOINT Restore point Set: OTL Restore Point (16902109354000384) ========== Files/Folders - Created Within 60 Days ========== [2010.07.03 17:16:25 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe [2010.06.28 23:17:57 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010.06.28 23:16:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp [2010.06.28 13:40:27 | 000,000,000 | ---D | C] -- C:\Programme\Secunia [2010.06.27 20:55:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\ESET [2010.06.25 23:58:12 | 000,000,000 | ---D | C] -- C:\Programme\xerox [2010.06.25 23:58:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom [2010.06.25 23:58:03 | 000,000,000 | ---D | C] -- C:\Programme\microsoft frontpage [2010.06.25 23:47:40 | 000,000,000 | RHSD | C] -- C:\cmdcons [2010.06.25 23:44:12 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010.06.25 23:44:12 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010.06.25 23:44:12 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010.06.25 23:44:12 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010.06.25 23:44:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2010.06.25 23:43:20 | 000,000,000 | ---D | C] -- C:\Qoobox [2010.06.20 21:01:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes [2010.06.20 21:01:15 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010.06.20 21:01:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2010.06.20 21:01:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010.06.20 21:01:11 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.06.19 20:33:32 | 000,000,000 | ---D | C] -- C:\Programme\Sophos [2010.06.19 20:08:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Meine empfangenen Dateien [2010.06.18 13:17:29 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro [2010.06.15 02:28:04 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2010.06.14 16:00:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\ESET [2010.06.14 13:51:56 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2010.06.14 13:51:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ESET [2010.06.11 12:13:33 | 000,285,696 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll [2010.06.11 12:13:26 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmfilt.dll [2010.06.11 12:13:26 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpapi.dll [2010.06.11 12:13:25 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\http.sys [2010.06.11 00:20:31 | 000,000,000 | ---D | C] -- C:\Meine Webseiten [2010.06.11 00:16:51 | 000,000,000 | ---D | C] -- C:\Programme\WinHTTrack [2010.06.08 19:10:18 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll [2010.06.08 19:09:59 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll [2010.06.08 19:09:25 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll [2010.06.08 19:09:00 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2010.06.08 19:08:50 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe [2010.06.08 19:08:35 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe [2010.06.08 19:08:25 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2010.06.08 19:08:17 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll [2010.06.08 19:08:17 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll [2010.06.08 19:08:17 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidc32.dll [2010.06.08 19:08:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll [2010.06.08 19:08:17 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll [2010.06.08 19:07:59 | 001,297,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll [2010.06.08 19:07:59 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll [2010.06.08 19:07:44 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll [2010.06.08 19:07:33 | 000,474,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll [2010.06.08 19:07:22 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll [2010.06.08 19:07:21 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll [2010.06.08 19:07:21 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll [2010.06.08 19:07:21 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll [2010.06.08 19:07:21 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll [2010.06.08 19:07:21 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakui.dll [2010.06.08 19:07:21 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll [2010.06.08 19:07:21 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll [2010.06.08 19:07:21 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010.06.08 19:07:21 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll [2010.06.08 19:07:20 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui [2010.06.08 19:07:20 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll [2010.06.08 19:07:20 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll [2010.06.08 19:07:20 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll [2010.06.08 19:07:20 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll [2010.06.08 19:07:20 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll [2010.06.08 19:07:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll [2010.06.08 19:07:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll [2010.06.08 19:07:19 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat [2010.06.08 19:07:19 | 000,841,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2010.06.08 19:07:19 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010.06.08 19:07:18 | 000,634,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexplore.exe [2010.06.08 19:07:18 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010.06.08 19:07:18 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll [2010.06.08 19:07:18 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll [2010.06.08 19:07:18 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll [2010.06.08 19:07:18 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll [2010.06.08 19:07:18 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe [2010.06.08 19:07:18 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll [2010.06.08 19:07:18 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll [2010.06.08 19:07:18 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe [2010.06.08 19:07:17 | 001,830,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl [2010.06.08 19:07:17 | 001,171,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2010.06.08 19:07:16 | 006,071,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2010.06.08 19:06:17 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll [2010.06.08 19:06:17 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll [2010.06.08 19:05:49 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll [2010.06.08 19:05:33 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll [2010.06.08 19:04:03 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kerberos.dll [2010.06.08 19:04:03 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdigest.dll [2010.06.08 19:04:02 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msv1_0.dll [2010.06.08 19:04:01 | 000,092,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksecdd.sys [2010.06.08 19:03:43 | 001,441,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll [2010.06.08 19:03:18 | 000,247,326 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmdll.dll [2010.06.08 19:03:06 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll [2010.06.08 19:02:08 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll [2010.06.08 19:01:49 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wkssvc.dll [2010.06.08 19:01:36 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll [2010.06.08 19:01:23 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe [2010.06.08 19:01:23 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe [2010.06.08 19:01:09 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl.dll [2010.06.08 18:59:45 | 000,585,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll [2010.06.08 18:59:33 | 000,348,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localspl.dll [2010.06.08 18:59:22 | 001,063,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll [2010.06.08 18:59:22 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secur32.dll [2010.06.08 18:59:11 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll [2010.06.08 18:59:00 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll [2010.06.08 18:59:00 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll [2010.06.08 18:59:00 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll [2010.06.08 18:59:00 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxclu.dll [2010.06.08 18:59:00 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll [2010.06.08 18:58:45 | 000,737,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll [2010.06.08 18:58:44 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2010.06.08 18:58:44 | 002,069,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2010.06.08 18:58:43 | 002,027,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2010.06.08 18:58:04 | 008,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll [2010.06.08 18:57:42 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll [2010.06.08 18:57:18 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll [2010.06.08 18:57:06 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2010.06.08 18:56:52 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll [2010.06.08 18:56:42 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2010.06.08 18:56:28 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\es.dll [2010.06.08 18:56:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscms.dll [2010.06.08 18:56:06 | 000,361,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys [2010.06.08 18:56:06 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll [2010.06.08 18:56:06 | 000,226,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys [2010.06.08 18:56:06 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll [2010.06.08 18:56:06 | 000,138,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys [2010.06.08 18:55:49 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2010.06.08 18:55:06 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll [2010.06.08 18:55:04 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll [2010.06.08 18:52:06 | 000,015,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui [2010.06.08 18:50:18 | 000,159,744 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll [2010.06.08 18:32:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010.06.08 17:06:54 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscomctl.ocx [2010.06.08 17:06:54 | 001,066,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscomctl32.ocx [2010.06.08 17:06:54 | 000,275,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatgrd.ocx [2010.06.08 17:06:54 | 000,260,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msflxgrd.ocx [2010.06.08 17:06:54 | 000,232,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatlst.ocx [2010.06.08 17:06:54 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tabctl32.ocx [2010.06.08 17:06:54 | 000,212,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\richtx32.ocx [2010.06.08 17:06:54 | 000,166,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msmask32.ocx [2010.06.08 17:06:54 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinet.ocx [2010.06.08 17:06:54 | 000,124,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswinsck.ocx [2010.06.08 17:06:54 | 000,103,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscomm32.ocx [2010.06.08 17:06:54 | 000,083,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\picclp32.ocx [2010.06.08 17:06:54 | 000,067,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysinfo.ocx [2010.06.08 17:06:53 | 002,887,680 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\libmmd.dll [2010.06.08 17:06:53 | 001,872,666 | ---- | C] (Red Hat) -- C:\WINDOWS\System32\dllcache\cygwin1.dll [2010.06.08 17:06:53 | 001,351,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.ocx [2010.06.08 17:06:53 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc71.dll [2010.06.08 17:06:53 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc71u.dll [2010.06.08 17:06:53 | 001,024,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc70.dll [2010.06.08 17:06:53 | 001,017,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc70u.dll [2010.06.08 17:06:53 | 001,015,808 | ---- | C] (The OpenSSL Project, hxxp://www.openssl.org/) -- C:\WINDOWS\System32\dllcache\libeay32.dll [2010.06.08 17:06:53 | 000,898,048 | ---- | C] (GNU <www.gnu.org>) -- C:\WINDOWS\System32\dllcache\libiconv2.dll [2010.06.08 17:06:53 | 000,722,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vb40032.dll [2010.06.08 17:06:53 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscomct2.ocx [2010.06.08 17:06:53 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcp71.dll [2010.06.08 17:06:53 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcp70.dll [2010.06.08 17:06:53 | 000,416,528 | ---- | C] (Microsoft Corporation ) -- C:\WINDOWS\System32\dllcache\comct332.ocx [2010.06.08 17:06:53 | 000,413,696 | ---- | C] (Creative Labs) -- C:\WINDOWS\System32\dllcache\wrap_oal.dll [2010.06.08 17:06:53 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usp10.dll [2010.06.08 17:06:53 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcr71.dll [2010.06.08 17:06:53 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcr70.dll [2010.06.08 17:06:53 | 000,294,920 | ---- | C] (AutoIt Team) -- C:\WINDOWS\System32\dllcache\autoitx3.dll [2010.06.08 17:06:53 | 000,200,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dblist32.ocx [2010.06.08 17:06:53 | 000,198,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mci32.ocx [2010.06.08 17:06:53 | 000,196,608 | ---- | C] (The OpenSSL Project, hxxp://www.openssl.org/) -- C:\WINDOWS\System32\dllcache\ssleay32.dll [2010.06.08 17:06:53 | 000,196,608 | ---- | C] (The OpenSSL Project, hxxp://www.openssl.org/) -- C:\WINDOWS\System32\dllcache\libssl32.dll [2010.06.08 17:06:53 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comct232.ocx [2010.06.08 17:06:53 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comdlg32.ocx [2010.06.08 17:06:53 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msstdfmt.dll [2010.06.08 17:06:53 | 000,101,888 | ---- | C] (GNU <www.gnu.org>) -- C:\WINDOWS\System32\dllcache\libintl3.dll [2010.06.08 17:06:53 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msstkprp.dll [2010.06.08 17:06:53 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl71.dll [2010.06.08 17:06:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atl70.dll [2010.06.08 17:06:53 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvci70.dll [2010.06.08 17:06:53 | 000,021,504 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\openal32.dll [2010.06.08 17:03:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache [2010.06.08 16:57:04 | 000,000,000 | ---D | C] -- C:\Programme\ComPlus Applications [2010.06.08 16:38:34 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [2010.06.08 16:38:33 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2010.05.28 13:04:52 | 000,014,896 | ---- | C] (Secunia) -- C:\WINDOWS\System32\drivers\psi_mf.sys [2010.05.21 01:14:36 | 000,000,000 | ---D | C] -- C:\Programme\satmap_v2.3.7 [2010.05.15 19:25:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\tom [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 60 Days ========== [2010.07.03 17:16:35 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe [2010.07.03 11:47:50 | 000,000,572 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Opera.lnk [2010.07.03 11:40:28 | 008,126,464 | -H-- | M] () -- C:\Dokumente und Einstellungen\***\NTUSER.DAT [2010.07.03 10:06:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.07.03 10:06:07 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010.07.03 10:06:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.07.03 03:05:50 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\***\ntuser.ini [2010.07.02 21:31:28 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010.07.01 21:43:32 | 170,106,880 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\winpe.iso [2010.07.01 07:58:34 | 002,979,350 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\ESET_EAV4_User_Guide_DEU.pdf [2010.06.30 14:34:49 | 006,135,225 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\FTool_User_Guide_215.pdf [2010.06.28 23:13:58 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2010.06.28 13:40:57 | 000,000,700 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Secunia PSI.lnk [2010.06.28 10:25:20 | 000,000,065 | ---- | M] () -- C:\WINDOWS\control.ini [2010.06.28 02:22:32 | 000,232,960 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.25 23:58:23 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010.06.25 23:47:47 | 000,000,281 | -HS- | M] () -- C:\boot.ini [2010.06.25 15:37:54 | 000,002,437 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\HiJackThis.lnk [2010.06.24 03:20:16 | 001,025,340 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010.06.24 03:20:16 | 000,459,050 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2010.06.24 03:20:16 | 000,441,018 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010.06.24 03:20:16 | 000,084,908 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2010.06.24 03:20:16 | 000,071,336 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010.06.21 03:52:51 | 000,002,000 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini [2010.06.20 21:01:19 | 000,000,676 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010.06.20 20:44:55 | 000,077,312 | ---- | M] () -- C:\mbr.exe [2010.06.12 12:18:32 | 000,099,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.06.12 03:37:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010.06.11 00:17:06 | 000,000,630 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\HTTrack Website Copier.lnk [2010.06.08 18:49:40 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak [2010.06.08 17:08:39 | 000,000,287 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010.06.08 17:04:03 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010.06.08 17:04:03 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010.06.08 17:03:18 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2010.06.08 17:00:47 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010.06.08 17:00:47 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010.06.08 17:00:40 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010.06.08 17:00:40 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010.06.08 17:00:40 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010.06.08 17:00:40 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010.06.08 17:00:40 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010.06.08 17:00:40 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010.06.08 17:00:19 | 000,000,639 | ---- | M] () -- C:\WINDOWS\win.ini [2010.06.08 16:57:20 | 000,023,504 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010.06.08 16:54:11 | 000,000,211 | ---- | M] () -- C:\Boot.bak [2010.06.08 14:26:32 | 000,269,947 | ---- | M] () -- C:\WINDOWS\setupapi.old [2010.06.08 14:25:30 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF [2010.06.06 17:06:00 | 000,000,579 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Desktop\Touratech QV 4.lnk [2010.05.28 13:04:52 | 000,014,896 | ---- | M] (Secunia) -- C:\WINDOWS\System32\drivers\psi_mf.sys [2010.05.04 18:48:46 | 000,841,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll [2010.05.04 18:48:45 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\webcheck.dll [2010.05.04 18:48:44 | 001,171,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll [2010.05.04 18:48:43 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll [2010.05.04 18:48:43 | 000,671,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll [2010.05.04 18:48:43 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll [2010.05.04 18:48:43 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll [2010.05.04 18:48:43 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll [2010.05.04 18:48:43 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\pngfilt.dll [2010.05.04 18:48:43 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pngfilt.dll [2010.05.04 18:48:41 | 000,477,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll [2010.05.04 18:48:41 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msrating.dll [2010.05.04 18:48:41 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrating.dll [2010.05.04 18:48:40 | 003,603,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll [2010.05.04 18:48:36 | 000,459,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll [2010.05.04 18:48:36 | 000,459,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010.05.04 18:48:36 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll [2010.05.04 18:48:36 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010.05.04 18:48:35 | 001,830,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl [2010.05.04 18:48:35 | 001,830,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl [2010.05.04 18:48:35 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll [2010.05.04 18:48:35 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll [2010.05.04 18:48:33 | 000,268,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010.05.04 18:48:33 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll [2010.05.04 18:48:33 | 000,193,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll [2010.05.04 18:48:33 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iernonce.dll [2010.05.04 18:48:33 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iernonce.dll [2010.05.04 18:48:32 | 006,071,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2010.05.04 18:48:29 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll [2010.05.04 18:48:29 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieencode.dll [2010.05.04 18:48:28 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll [2010.05.04 18:48:28 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll [2010.05.04 18:48:28 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieapfltr.dll [2010.05.04 18:48:28 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll [2010.05.04 18:48:27 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieaksie.dll [2010.05.04 18:48:27 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieaksie.dll [2010.05.04 18:48:27 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ieakeng.dll [2010.05.04 18:48:27 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieakeng.dll [2010.05.04 18:48:26 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtmsft.dll [2010.05.04 18:48:26 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtmsft.dll [2010.05.04 18:48:26 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dxtrans.dll [2010.05.04 18:48:26 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxtrans.dll [2010.05.04 18:48:26 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extmgr.dll [2010.05.04 18:48:26 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll [2010.05.04 18:48:25 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advpack.dll [2010.05.04 18:48:25 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\corpol.dll [2010.05.04 18:48:25 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\corpol.dll [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.07.02 14:55:46 | 006,135,225 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\FTool_User_Guide_215.pdf [2010.07.01 23:22:51 | 170,106,880 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\winpe.iso [2010.07.01 07:58:33 | 002,979,350 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\ESET_EAV4_User_Guide_DEU.pdf [2010.06.28 13:40:57 | 000,000,700 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Secunia PSI.lnk [2010.06.25 23:47:47 | 000,000,211 | ---- | C] () -- C:\Boot.bak [2010.06.25 23:47:42 | 000,262,448 | ---- | C] () -- C:\cmldr [2010.06.25 23:44:12 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010.06.25 23:44:12 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010.06.25 23:44:12 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010.06.25 23:44:12 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010.06.25 23:44:12 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010.06.20 21:01:19 | 000,000,676 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010.06.20 20:44:55 | 000,077,312 | ---- | C] () -- C:\mbr.exe [2010.06.18 13:17:31 | 000,002,437 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\HiJackThis.lnk [2010.06.11 00:17:06 | 000,000,630 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Desktop\HTTrack Website Copier.lnk [2010.06.08 17:06:53 | 000,394,752 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cygwinb19.dll [2010.06.08 17:00:47 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010.06.08 17:00:40 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010.06.08 17:00:40 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2010.06.08 17:00:40 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010.06.08 17:00:40 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010.06.08 17:00:40 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010.04.16 03:00:23 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll [2010.04.16 03:00:22 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys [2010.04.16 03:00:22 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys [2009.12.08 00:41:10 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\PROTOCOL.INI [2008.10.31 18:44:22 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008.10.24 14:11:34 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2008.10.20 13:24:14 | 000,088,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\WMDrive.sys [2008.10.10 03:19:34 | 000,002,000 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini [2008.09.12 12:17:56 | 000,340,021 | ---- | C] () -- C:\WINDOWS\System32\jpeg.dll [2008.09.03 22:47:08 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008.09.03 22:47:07 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008.09.03 22:47:07 | 001,110,016 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll [2008.09.03 22:47:07 | 000,978,944 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll [2008.09.03 22:47:07 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008.09.03 22:47:07 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll [2008.09.03 22:47:06 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll [2008.09.03 22:47:06 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll [2008.08.28 15:12:37 | 000,000,048 | ---- | C] () -- C:\WINDOWS\DMIVIEW.INI [2008.08.27 00:48:21 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\zlib1.dll [2008.08.27 00:48:20 | 000,394,752 | ---- | C] () -- C:\WINDOWS\System32\cygwinb19.dll [2008.06.18 10:37:36 | 000,000,182 | ---- | C] () -- C:\WINDOWS\System32\AIO-Auswahl.ini [2008.06.18 10:36:07 | 001,800,192 | ---- | C] () -- C:\WINDOWS\System32\hmtcdres.dll [2008.06.18 10:36:06 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\hmtcd.dll ========== LOP Check ========== [2010.06.14 13:51:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ESET [2008.10.18 22:05:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LightScribe [2010.03.18 04:33:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Paragon [2009.10.09 14:44:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PhotoME [2010.01.15 05:01:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2008.10.09 01:15:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\COMPAREIT [2010.01.17 20:58:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\GeoSetter [2010.06.27 03:01:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\GlobalMapper [2008.10.09 14:40:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ImgBurn [2009.12.26 01:21:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\LizardTech [2009.01.15 20:00:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\NewsLeecher [2008.08.28 04:33:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Opera [2008.10.09 01:06:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\SteelBytes [2008.11.10 02:04:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\WinMount [2010.04.10 19:37:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\XnView [2010.01.31 18:40:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Yandex [2010.02.10 05:34:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Zoner ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.04.01 14:41:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Adobe [2008.10.18 22:05:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Ahead [2008.10.09 01:15:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\COMPAREIT [2010.01.17 20:58:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\GeoSetter [2010.06.27 03:01:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\GlobalMapper [2008.08.28 17:32:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Google [2008.10.04 00:20:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Help [2008.08.27 00:53:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Identities [2008.10.09 14:40:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ImgBurn [2008.08.28 14:24:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\InstallShield [2008.08.28 14:10:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Intel [2009.12.26 01:21:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\LizardTech [2008.08.27 17:56:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Macromedia [2010.06.20 21:01:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes [2010.03.16 16:08:39 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft [2010.01.31 18:38:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla [2009.01.15 20:00:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\NewsLeecher [2008.08.28 04:33:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Opera [2008.10.09 01:06:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\SteelBytes [2008.09.09 21:24:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Sun [2008.11.10 02:04:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\WinMount [2008.09.10 13:26:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\WinRAR [2010.04.10 19:37:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\XnView [2010.01.31 18:40:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Yandex [2010.02.10 05:34:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Zoner < %APPDATA%\*.exe /s > [2010.01.10 08:08:58 | 004,080,905 | ---- | M] (Phil Harvey) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\GeoSetter\tools\exiftool.exe [2010.06.18 13:17:31 | 000,388,096 | R--- | M] (Trend Micro Inc.) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe [2008.09.21 20:59:43 | 000,022,486 | R--- | M] () -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft\Installer\{80540DA3-E60A-4F80-A719-E327B01F8A0F}\_B5D1645CC40FE72E4048EC.exe < %SYSTEMDRIVE%\*.exe > [2010.06.20 20:44:55 | 000,077,312 | ---- | M] () -- C:\mbr.exe < MD5 for: AGP440.SYS > [2008.06.18 10:40:37 | 018,922,364 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2008.04.13 19:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\AGP440.SYS [2008.04.13 19:36:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS < MD5 for: ATAPI.SYS > [2008.06.18 10:40:37 | 018,922,364 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys [2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ERDNT\cache\eventlog.dll [2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll < MD5 for: NETLOGON.DLL > [2008.06.18 10:35:51 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B4D6D344EACDA356D4AAAC7757955F0C -- C:\WINDOWS\ERDNT\cache\netlogon.dll [2008.06.18 10:35:51 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=B4D6D344EACDA356D4AAAC7757955F0C -- C:\WINDOWS\system32\netlogon.dll < MD5 for: SCECLI.DLL > [2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ERDNT\cache\scecli.dll [2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll < MD5 for: USERINIT.EXE > [2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ERDNT\cache\userinit.exe [2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe < MD5 for: WS2IFSL.SYS > [2007.10.29 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2010.06.08 16:15:15 | 000,421,888 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2010.06.08 14:16:32 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav [2010.06.08 18:35:57 | 023,330,816 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2010.06.08 18:35:57 | 005,505,024 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2010.05.04 18:48:26 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll [2010.05.04 18:48:26 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll [3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] ========== Alternate Data Streams ========== @Alternate Data Stream - 147 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:5F64C164 @Alternate Data Stream - 114 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:806222FC @Alternate Data Stream - 106 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:592EFD93 < End of report > Extras.txt Code:
ATTFilter OTL Extras logfile created on: 03.07.2010 17:21:09 - Run 3
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.014,00 Mb Total Physical Memory | 656,00 Mb Available Physical Memory | 65,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): c:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 64,00 Gb Total Space | 29,99 Gb Free Space | 46,85% Space Free | Partition Type: NTFS
Drive D: | 85,02 Gb Total Space | 54,79 Gb Free Space | 64,44% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TOUGHBOOK
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Programme\Opera\opera.exe (Opera Software)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Opera\opera.exe" "%1" (Opera Software)
https [open] -- "C:\Programme\Opera\opera.exe" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Betrachten mit XnView] -- "C:\Programme\XnView\xnview.exe" "%1" (XnView, hxxp://www.xnview.com)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Java\jre1.6.0_06\bin\java.exe" = C:\Programme\Java\jre1.6.0_06\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\eMule0.49b\emule.exe" = C:\Programme\eMule0.49b\emule.exe:*:Enabled:eMule -- (hxxp://www.emule-project.net)
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programme\Java\jre1.6.0_06\launch4j-tmp\JDownloader.exe" = C:\Programme\Java\jre1.6.0_06\launch4j-tmp\JDownloader.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Programme\WinSCP\WinSCP.exe" = C:\Programme\WinSCP\WinSCP.exe:*:Enabled:WinSCP: SFTP, FTP and SCP client -- (Martin Prikryl)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0DEE890C-BC1C-49DC-BF41-33DC26D41031}" = Nero 7 Essentials
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{110EB5C4-E995-4CFB-AB80-A5F315BEA9E8}" = Python 2.6
"{1D2C96C3-A3F3-49E7-B839-95279DED837F}" = Opera 10.60
"{211E8730-5681-49ED-BC6A-78C9F88E95F5}" = Adobe Shockwave Player
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{30348D0E-37F0-41EE-869B-F0441A87FFEC}" = PC Information Viewer
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{406ECB40-9B45-459D-9E97-ADFEA4610FBA}" = Panasonic Misc Driver
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{5639BE8E-33DA-402A-B414-1FBED9CC50E1}" = DMI Viewer
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59046D29-2E6B-4224-BF0D-64F3E7A93F7B}" = LightScribe System Software 1.10.19.1
"{5E08B15D-7C97-4FC9-8500-BD7EDA18C66A}" = MICRODEM Freeware GIS
"{6DAA0AF0-3B51-4EE0-83CC-47A3582DFA51}" = Loupe Utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{80540DA3-E60A-4F80-A719-E327B01F8A0F}" = Kali map2cal Converter
"{880A90B0-3783-4D92-A0A3-080B00BC8B24}" = Memory-Map OS Edition Version 5
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{917F080C-F7A3-41CE-AF03-40163647851C}" = ESET NOD32 Antivirus
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{93994589-6A13-49BE-8AF6-12AAC9A28529}" = Icon Enlarger
"{943622A3-F5E9-464F-A025-90D02F3B8ACE}" = Hotkey Appendix
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{993A94A9-DCE3-4774-B35D-D8C74FC1E0BE}" = Royale Remixed Theme
"{99733131-7B00-4E5C-8991-113CD61D8E2F}" = Panasonic Common Components
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E9CAC61-DB2E-11DE-BE15-005056C00008}" = Paragon Backup and Recovery™ 10 Compact Edition
"{A05CF147-BEED-4880-BF9B-4EAF22C77FFD}" = Microsoft Pro Photo Tools
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{AD044254-C8D2-4866-9449-890EF278617B}" = CPU Idle Setting
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD5C2205-7BAD-4B87-BF9A-2BAC626B29C8}" = Battery Recalibration
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DEEFA812-64A6-4083-BB38-87F68B6BA820}" = Hotkey Settings
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F2A58903-E54D-4F8D-AC1D-55DEAF64A7E2}" = Global Mapper 11
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FD95D9B1-CD01-4240-BE5F-A2CA21B553BC}" = Wireless Switch Utility
"7-Zip" = 7-Zip 4.60 beta
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AmoKExifSorter2" = AmoK Exif Sorter 2.5.4 (nur deinstallieren)
"BDE Information Utility" = BDE Information Utility
"cGPSmapper Free_is1" = cGPSmapper Free 0099a
"EASEUS Data Recovery Wizard 5.0.1_is1" = EASEUS Data Recovery Wizard 5.0.1
"EASEUS Partition Master Professional Edition_is1" = EASEUS Partition Master 5.5.1 Professional
"ECW ActiveX Controls" = ECW ActiveX Controls 3.1.0.229
"ECW Header Editor" = ECW Header Editor 2.52
"ER Viewer 7.3" = ERDAS ER Viewer 7.3 & Microsoft Office Plugin
"GeoTiffExaime" = GeoTiffExaime
"GPS-Track-Analyse.NET_is1" = 5.0.1
"hp deskjet 930c series_Driver" = hp deskjet 930c series
"ImgBurn" = ImgBurn
"Installing HSP56 MicroModem Drivers" = Panasonic V.92 MDC Modem Drivers
"InstallShield_{99733131-7B00-4E5C-8991-113CD61D8E2F}" = Panasonic Common Components
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 2.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MasterSplitter" = MasterSplitter Program
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NewsLeecher_is1" = NewsLeecher v3.9 Final
"OziExplorer 3.95_is1" = OziExplorer 3.95
"OziMrSid Dll_is1" = OziMrSid Dll Version 3.00
"PanasonicHotkeyDriver" = Hotkey Driver for Panasonic PC
"PhotoME_is1" = PhotoME
"ProInst" = Intel(R) PROSet/Wireless Software
"QuickPar" = QuickPar 0.9
"rarslave_is1" = rarslave 0.1.9 build 11 BETA
"Runtimes" = Allgemeine Runtime Dateien
"Sandboxie" = Sandboxie 3.442
"Secunia PSI" = Secunia PSI
"Snapshot" = Snapshot (remove only)
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Touratech QV 4_is1" = Touratech QV 4
"ttkCAL_is1" = TatukGIS Calculator 2.0.4.176
"ttkVWR_is1" = TatukGIS Viewer 1.13.1.370
"VirtualCloneDrive" = VirtualCloneDrive
"WinDjView" = WinDjView 1.0.3
"WinHTTrack Website Copier_is1" = WinHTTrack Website Copier 3.43-9C
"WinMount3_is1" = WinMount V3.1.0 Beta 0925
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.5
"WMV9APDMOE" = Windows Media Video 9 Advanced Profile Codec
"XnView_is1" = XnView 1.96.5
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"XPSP3UPPACK" = Sereby's XP SP3 Updatepack Version 3.8.6
"ZonerPhotoStudio12_EN_is1" = Zoner Photo Studio 12
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1957994488-1580818891-842925246-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"602272bddadc0877" = LizardTech GeoViewer
"T4A Maps Ethiopia/Sudan/Egypt/Somalia 8,10 (Routable)" = T4A Maps Ethiopia/Sudan/Egypt/Somalia 8,10 (Routable)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.05.2010 18:47:13 | Computer Name = TOUGHBOOK | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung i_view32.exe, Version 4.2.5.0, fehlgeschlagenes
Modul ntdll.dll, Version 5.1.2600.5755, Fehleradresse 0x0000100b.
Error - 08.06.2010 11:08:39 | Computer Name = TOUGHBOOK | Source = Windows Product Activation | ID = 1012
Description = Aufgrund von Hardwareänderungen auf diesem Computer, müssen Sie Windows
erneut aktivieren.
Error - 08.06.2010 12:37:57 | Computer Name = TOUGHBOOK | Source = Windows Product Activation | ID = 1009
Description = Sie haben dieses Produkt nicht fristgerecht aktiviert. Wenden Sie
sich telefonisch an den Kundendienst, um Windows zu aktivieren.
Error - 15.06.2010 15:55:40 | Computer Name = TOUGHBOOK | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung opera.exe, Version 9.52.10108.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 18.06.2010 05:40:17 | Computer Name = TOUGHBOOK | Source = EventSystem | ID = 4609
Description = Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während
der internen Verarbeitung erkannt. HRESULT war 800706BF von Zeile 44 von d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Wenden Sie sich an den Microsoft-Produktsuppor
Error - 18.06.2010 09:44:35 | Computer Name = TOUGHBOOK | Source = EventSystem | ID = 4609
Description = Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während
der internen Verarbeitung erkannt. HRESULT war 800706BA von Zeile 44 von d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Wenden Sie sich an den Microsoft-Produktsuppor
Error - 19.06.2010 11:40:52 | Computer Name = TOUGHBOOK | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung opera.exe, Version 9.52.10108.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 20.06.2010 13:57:31 | Computer Name = TOUGHBOOK | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung opera.exe, Version 9.52.10108.0, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x100019e1.
Error - 21.06.2010 06:18:17 | Computer Name = TOUGHBOOK | Source = EventSystem | ID = 4609
Description = Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während
der internen Verarbeitung erkannt. HRESULT war 800706BA von Zeile 44 von d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Wenden Sie sich an den Microsoft-Produktsuppor
Error - 21.06.2010 06:43:22 | Computer Name = TOUGHBOOK | Source = EventSystem | ID = 4609
Description = Das COM+-Ereignissystem hat einen ungültigen Rückgabecode während
der internen Verarbeitung erkannt. HRESULT war 800706BF von Zeile 44 von d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.
Wenden Sie sich an den Microsoft-Produktsuppor
[ System Events ]
Error - 20.06.2010 18:48:12 | Computer Name = TOUGHBOOK | Source = Service Control Manager | ID = 7034
Description = Dienst "Intel(R) PROSet/Wireless Event Log" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 20.06.2010 18:48:12 | Computer Name = TOUGHBOOK | Source = Service Control Manager | ID = 7034
Description = Dienst "LightScribeService Direct Disc Labeling Service" wurde unerwartet
beendet. Dies ist bereits 1 Mal passiert.
Error - 20.06.2010 18:48:12 | Computer Name = TOUGHBOOK | Source = Service Control Manager | ID = 7034
Description = Dienst "Intel(R) PROSet/Wireless Registry Service" wurde unerwartet
beendet. Dies ist bereits 1 Mal passiert.
Error - 20.06.2010 18:48:12 | Computer Name = TOUGHBOOK | Source = Service Control Manager | ID = 7034
Description = Dienst "Sandboxie Service" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 20.06.2010 18:48:14 | Computer Name = TOUGHBOOK | Source = Service Control Manager | ID = 7034
Description = Dienst "InCD Helper" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 21.06.2010 06:17:16 | Computer Name = TOUGHBOOK | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Remoteprozeduraufruf (RPC)" wurde unerwartet beendet.
Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000
Millisekunden durchgeführt: Starten Sie den Computer neu..
Error - 21.06.2010 06:42:16 | Computer Name = TOUGHBOOK | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Remoteprozeduraufruf (RPC)" wurde unerwartet beendet.
Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000
Millisekunden durchgeführt: Starten Sie den Computer neu..
Error - 28.06.2010 16:51:53 | Computer Name = TOUGHBOOK | Source = sr | ID = 1
Description = Beim Verarbeiten der Datei "A0001235.SRC" auf Volume "HarddiskVolume4"
ist im Wiederherstellungsfilter der unerwartete Fehler "0xC000007F" aufgetreten.
Die Volumeüberwachung wurde angehalten.
Error - 02.07.2010 06:45:52 | Computer Name = TOUGHBOOK | Source = Service Control Manager | ID = 7038
Description = Der Dienst "SSDPSRV" konnte sich nicht als "NT AUTHORITY\LocalService"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%5 Vergewissern
Sie
sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 02.07.2010 06:45:52 | Computer Name = TOUGHBOOK | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SSDP-Suchdienst" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1069
< End of report >
|
| Themen zu Links werden umgeleitet, AV Webseiten und Programme funktionieren nicht mehr, Homepage gehackt |
| absturz, adobe, antivirus, askbar, aufrufe, avira, bho, bluescree, browser, browseui preloader, computer, dateien gelöscht, einstellungen, eset nod32, explorer, forbidden, google, hkus\s-1-5-18, homepage, internet, internet explorer, malwarebytes' anti-malware, microsoft, ntdll.dll, opera, problem, programme, registry, rundll, scan, sekunden, software, sophos anti-rootkit, systemreparatur, temp, win32k.sys, windows, windows xp |
Baum-Darstellung