| dobbi0815 | 02.01.2016 17:51 |
Hier sind die beiden Logfiles
OTL Logfile: Code:
OTL logfile created on: 02.01.2016 13:07:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Diana\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1013,02 Mb Total Physical Memory | 556,43 Mb Available Physical Memory | 54,93% Memory free
2,38 Gb Paging File | 2,04 Gb Available in Paging File | 85,64% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 138,05 Gb Total Space | 45,68 Gb Free Space | 33,09% Space Free | Partition Type: NTFS
Computer Name: PACKARD-32CE193 | User Name: Diana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Diana\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Comodo\Dragon\dragon_updater.exe (Comodo)
PRC - C:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Group)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - c:\Programme\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Programme\AVAST Software\Avast\defs\16010200\algo.dll ()
MOD - C:\Programme\AVAST Software\Avast\log.dll ()
MOD - C:\Programme\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\WINDOWS\system32\pdf995mon.dll ()
MOD - C:\Programme\Adobe\Reader 9.0\Reader\ViewerPS.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\pdfshell.DEU ()
========== Services (SafeList) ==========
SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (DragonUpdater) -- C:\Programme\Comodo\Dragon\dragon_updater.exe (Comodo)
SRV - (MBAMService) -- C:\Programme\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (Skype C2C Service) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (DsiWMIService) -- C:\Programme\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (GameConsoleService) -- C:\Programme\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (Updater Service) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Group)
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (AdobeActiveFileMonitor8.0) -- c:\Programme\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (WDICA) -- File not found
DRV - (SBRE) -- C:\WINDOWS\system32\drivers\SBREdrv.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\DOKUME~1\Diana\LOKALE~1\Temp\catchme.sys File not found
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswsp.sys (AVAST Software)
DRV - (aswSnx) -- C:\WINDOWS\system32\drivers\aswsnx.sys (AVAST Software)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes)
DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswVmm.sys (AVAST Software)
DRV - (aswStmXP) -- C:\WINDOWS\system32\drivers\aswStmXP.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys (AVAST Software)
DRV - (aswHwid) -- C:\WINDOWS\system32\drivers\aswHwid.sys (AVAST Software)
DRV - (L1c) -- C:\WINDOWS\system32\drivers\l1c51x86.sys (Atheros Communications, Inc.)
DRV - (NETwNx32) -- C:\WINDOWS\system32\drivers\Netwxn00.sys (Intel Corporation)
DRV - (cpudrv) -- C:\Programme\SystemRequirementsLab\cpudrv.sys ()
DRV - (EUCR) -- C:\WINDOWS\system32\drivers\EUCR6SK.sys (ENE Technology Inc.)
DRV - (NETw5x32) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (S6000KNT) -- C:\WINDOWS\system32\drivers\S6000KNT.sys (Windows (R) Win 7 DDK provider)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (RT73) -- C:\WINDOWS\system32\drivers\rt73.sys (Ralink Technology, Corp.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&m=dot_se&r=0xph0311v835l0454wui5f48i2g35q
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_deDE422DE422
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "DE"
FF - prefs.js..browser.search.defaultengine: "Google (avast)"
FF - prefs.js..browser.search.defaultenginename: "Google (avast)"
FF - prefs.js..browser.search.defaultthis.engineName: "Google (avast)"
FF - prefs.js..browser.search.defaulturl: "https://www.google.com/search/?trackid=sp-006"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: "Google (avast)"
FF - prefs.js..browser.search.region: "DE"
FF - prefs.js..browser.search.selectedEngine: "Google (avast)"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.google.com/?trackid=sp-006"
FF - prefs.js..extensions.enabledAddons: mailcheck%40web.de:3.1
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20151208
FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:1.79
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.9
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:43.0.2
FF - prefs.js..keyword.URL: "https://www.google.com/search/?trackid=sp-006"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Programme\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Programme\Siber Systems\AI RoboForm\Firefox [2015.08.05 15:32:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2015.12.10 11:19:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
[2011.06.05 10:50:33 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Extensions
[2016.01.01 23:51:55 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\extensions
[2015.12.11 10:22:07 | 000,000,000 | ---D | M] (WOT) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2015.12.31 13:55:41 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2015.10.19 09:38:37 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2015.08.12 15:58:35 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\extensions\abs@avira.com
[2013.05.31 09:26:15 | 000,000,000 | ---D | M] (Keynote Connector Extension) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\extensions\firefoxextensions@keynote.com
[2015.08.08 09:42:35 | 000,000,000 | ---D | M] (WEB.DE MailCheck) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\extensions\mailcheck@web.de
[2013.05.31 09:26:14 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\extensions\firefoxextensions@keynote.com\chrome
[2013.05.31 09:27:02 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\extensions\firefoxextensions@keynote.com\components
[2013.05.31 09:26:15 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\extensions\firefoxextensions@keynote.com\META-INF
[2015.05.29 09:23:10 | 000,029,746 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\extensions\add-to-searchbox@maltekraus.de.xpi
[2015.12.31 11:59:33 | 001,955,324 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\extensions\firefox@ghostery.com.xpi
[2015.10.31 09:37:45 | 000,557,897 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2016.01.01 23:51:55 | 000,563,446 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014.04.10 10:27:14 | 000,001,003 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\11-suche.undefined-a1n3.undefined
[2014.02.22 20:18:08 | 000,001,003 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\11-suche.undefined-d22b.undefined
[2013.11.13 20:33:57 | 000,001,003 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\11-suche.undefined.undefined
[2014.06.04 21:42:49 | 000,001,003 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\11-suche.xml
[2012.07.10 15:02:28 | 000,001,603 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\bildungsspender---einfach-helfen-gemeinntziges-fundraisingpo.xml
[2014.02.22 20:18:08 | 000,002,353 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\englische-ergebnisse.undefined-j43m.undefined
[2014.04.10 10:27:14 | 000,002,353 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\englische-ergebnisse.undefined-nrff.undefined
[2013.11.13 20:33:57 | 000,002,353 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\englische-ergebnisse.undefined.undefined
[2014.06.04 21:42:49 | 000,002,353 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\englische-ergebnisse.xml
[2014.02.22 20:18:08 | 000,002,822 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\gmx-suche.undefined-9ncz.undefined
[2014.04.10 10:27:14 | 000,002,822 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\gmx-suche.undefined-euu8.undefined
[2013.11.13 20:33:57 | 000,002,822 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\gmx-suche.undefined.undefined
[2014.06.04 21:42:49 | 000,002,822 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\gmx-suche.xml
[2015.08.14 12:02:03 | 000,002,428 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\google-avast.xml
[2014.04.10 10:27:14 | 000,002,432 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\lastminute.undefined-nui2.undefined
[2014.01.17 14:00:51 | 000,002,432 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\lastminute.undefined-xtxx.undefined
[2013.11.13 20:33:57 | 000,002,432 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\lastminute.undefined.undefined
[2014.05.13 10:34:41 | 000,002,432 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\lastminute.xml
[2014.02.22 20:18:08 | 000,005,637 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\webde-suche.undefined-ve65.undefined
[2014.01.17 14:00:51 | 000,005,637 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\webde-suche.undefined-w0ks.undefined
[2013.11.13 20:33:57 | 000,005,637 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\webde-suche.undefined.undefined
[2014.06.04 21:42:49 | 000,005,637 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\Mozilla\Firefox\Profiles\dd7nd0hi.default\searchplugins\webde-suche.xml
[2015.12.27 11:15:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2015.12.27 11:15:47 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2015.12.27 11:15:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2015.12.27 11:15:45 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2015.12.27 11:16:07 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - homepage: hxxp://www.google.com/
O1 HOSTS File: ([2015.08.30 21:15:34 | 000,450,037 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15474 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - No CLSID value found.
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AzMixerSel] C:\Programme\Realtek\Audio\Drivers\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [OMEA] c:\Programme\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe (Ours Technology Inc.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [S6000Mnt] Rundll32.exe S6000Rmv.dll ,WinMainRmv /StartStillMnt File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O8 - Extra context menu item: RF - Formular ausfüllen - C:\Programme\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: RF - Formular speichern - C:\Programme\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: RF - Menü anpassen - C:\Programme\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: RF - RoboForm-Leiste ein/aus - C:\Programme\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9 - Extra Button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Symbolleiste anzeigen - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Programme\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F668F3FE-BE7C-4821-97E9-6F1E802C4D66}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\Userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.10.07 13:41:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2015.12.31 13:06:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Diana\Eigene Dateien\Unterlagen Buchhaltung
[2015.12.27 11:15:44 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2015.12.27 10:56:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Temp
========== Files - Modified Within 30 Days ==========
[2016.01.02 12:55:47 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2016.01.02 12:55:35 | 000,796,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2016.01.02 12:55:34 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2016.01.02 12:46:36 | 000,000,356 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2016.01.02 12:45:45 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Ende des Supports für Microsoft Windows XP – Benachrichtigung – Anmeldung.job
[2016.01.02 12:45:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2016.01.02 12:45:25 | 1062,301,696 | -HS- | M] () -- C:\hiberfil.sys
[2016.01.02 12:21:00 | 000,000,946 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job
[2016.01.02 08:08:33 | 000,483,004 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\census.cache
[2016.01.02 08:08:21 | 000,192,240 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\ars.cache
[2016.01.01 11:55:42 | 000,170,200 | ---- | M] (Malwarebytes) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
[2015.12.31 15:52:29 | 000,097,886 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Desktop\Stadtwerke Herten GmbH.pdf
[2015.12.31 15:52:20 | 000,000,059 | ---- | M] () -- C:\WINDOWS\wpd99.drv
[2015.12.31 11:08:59 | 000,121,560 | ---- | M] (Malwarebytes) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2015.12.30 18:45:34 | 000,000,551 | ---- | M] () -- C:\WINDOWS\Diana.xlb
[2015.12.30 14:12:34 | 000,060,416 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015.12.27 16:42:48 | 000,601,697 | ---- | M] () -- C:\Dokumente und Einstellungen\Diana\Desktop\Sparkasse Vest Recklinghausen (42650150) - SEPA-Sammelüberweisung.pdf
[2015.12.08 15:00:01 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
========== Files Created - No Company Name ==========
[2015.12.31 15:52:17 | 000,097,886 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\Desktop\Stadtwerke Herten GmbH.pdf
[2015.12.31 11:44:15 | 000,000,080 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\Desktop\explorer.scf
[2015.12.27 16:42:35 | 000,601,697 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\Desktop\Sparkasse Vest Recklinghausen (42650150) - SEPA-Sammelüberweisung.pdf
[2015.12.12 10:50:22 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2015.09.28 22:55:03 | 000,311,296 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2015.09.28 22:55:03 | 000,290,918 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll
[2015.09.28 22:55:03 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt73.bin
[2014.08.08 17:30:41 | 000,247,314 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-4065617495-2589800181-2619313026-1006-0.dat
[2014.06.14 12:33:04 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2014.04.18 23:12:12 | 001,724,370 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-4065617495-2589800181-2619313026-1007-0.dat
[2014.04.18 23:12:06 | 000,247,314 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2013.12.02 20:19:13 | 000,000,174 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\Anwendungsdaten\wklnhst.dat
[2013.07.24 22:37:55 | 012,361,728 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\NTUSER.rhk
[2012.10.17 17:36:00 | 000,483,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\census.cache
[2012.10.17 17:34:47 | 000,192,240 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\ars.cache
[2012.10.17 10:58:00 | 000,000,036 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\housecall.guid.cache
[2011.10.09 13:07:00 | 000,001,276 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\FASTWiz.html
[2011.09.07 02:29:19 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\{F5B96BDD-8EE8-43E5-B012-3BB78DF8987B}
[2011.08.19 08:12:56 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\{4B0548C3-F187-4D86-AEC6-8F625DDDD5BD}
[2011.07.31 03:38:53 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\{E56C22EE-EE8D-4B71-B275-35FAC45E053D}
[2011.07.26 05:12:17 | 000,060,416 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.25 03:28:20 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\{D9981B11-6AB7-4071-A9CA-CDD13A18829A}
[2011.06.04 15:44:27 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Diana\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
========== ZeroAccess Check ==========
[2010.10.07 13:46:02 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 13:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Files - Unicode (All) ==========
[2013.11.19 09:09:03 | 105,029,326 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\兢唄7
[2013.11.19 09:09:03 | 105,029,326 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\兢唄7
[2013.11.18 21:23:17 | 104,986,035 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\≘嚩唄7
[2013.11.18 21:23:17 | 104,986,035 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\≘嚩唄7
[2013.11.18 09:46:07 | 104,837,737 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\飕롴唄7
[2013.11.18 09:46:07 | 104,837,737 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\飕롴唄7
[2013.11.17 20:06:59 | 104,760,117 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\풓邗唄7
[2013.11.17 20:06:59 | 104,760,117 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\풓邗唄7
[2013.11.16 23:02:33 | 104,637,397 | ---- | M] ()(C:\WINDOWS\System32\c??7) -- C:\WINDOWS\System32\čᏣ唄7
[2013.11.16 23:02:33 | 104,637,397 | ---- | C] ()(C:\WINDOWS\System32\c??7) -- C:\WINDOWS\System32\čᏣ唄7
[2013.11.16 09:56:09 | 104,513,208 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\嵵̞唄7
[2013.11.16 09:56:09 | 104,513,208 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\嵵̞唄7
[2013.11.15 23:47:51 | 104,496,569 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ᠫ唄7
[2013.11.15 23:47:51 | 104,496,569 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ᠫ唄7
[2013.11.15 11:16:42 | 104,371,820 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\処뉰唄7
[2013.11.15 09:40:59 | 104,371,820 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\処뉰唄7
[2013.11.14 23:24:35 | 104,278,918 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\됄唄7
[2013.11.14 23:24:35 | 104,278,918 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\됄唄7
[2013.11.14 09:51:01 | 104,179,408 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\�唄7
[2013.11.14 09:51:01 | 104,179,408 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\�唄7
[2013.11.13 21:51:41 | 104,137,907 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\؛ꯄ唄7
[2013.11.13 21:51:41 | 104,137,907 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\؛ꯄ唄7
[2013.11.13 15:52:09 | 104,010,312 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\︯唄7
[2013.11.13 15:52:09 | 104,010,312 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\︯唄7
[2013.11.12 09:27:08 | 103,837,334 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\Ḵ㷇唄7
[2013.11.12 09:27:08 | 103,837,334 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\Ḵ㷇唄7
[2013.11.11 17:13:59 | 103,716,811 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\᫈維唄7
[2013.11.11 17:13:59 | 103,716,811 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\᫈維唄7
[2013.11.11 09:39:17 | 103,681,534 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\᠌唄7
[2013.11.11 09:39:17 | 103,681,534 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\᠌唄7
[2013.11.09 16:13:41 | 103,387,443 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\▞殙唄7
[2013.11.09 16:13:41 | 103,387,443 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\▞殙唄7
[2013.11.08 09:54:05 | 103,075,526 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ຫ偓唄7
[2013.11.08 09:54:05 | 103,075,526 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ຫ偓唄7
[2013.11.07 10:06:42 | 102,894,578 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\讆ᤪ唄7
[2013.11.07 10:06:42 | 102,894,578 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\讆ᤪ唄7
[2013.11.06 09:48:02 | 105,172,122 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\砫⻭唄7
[2013.11.06 09:48:02 | 105,172,122 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\砫⻭唄7
[2013.11.05 16:46:31 | 105,048,247 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\虤鋜唄7
[2013.11.05 16:46:31 | 105,048,247 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\虤鋜唄7
[2013.11.04 23:47:22 | 105,007,987 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㨮䅲唄7
[2013.11.04 23:47:22 | 105,007,987 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㨮䅲唄7
[2013.11.04 09:51:03 | 104,845,822 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\﹢唄7
[2013.11.04 09:51:03 | 104,845,822 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\﹢唄7
[2013.11.03 20:40:21 | 104,814,100 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\펖녈唄7
[2013.11.03 20:40:21 | 104,814,100 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\펖녈唄7
[2013.11.02 20:40:19 | 104,684,788 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\졠唄7
[2013.11.02 20:40:19 | 104,684,788 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\졠唄7
[2013.11.01 21:03:00 | 104,569,497 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㬩웻唄7
[2013.11.01 21:03:00 | 104,569,497 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㬩웻唄7
[2013.11.01 10:27:38 | 104,493,738 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ᐢ�唄7
[2013.11.01 10:27:38 | 104,493,738 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ᐢ�唄7
[2013.10.31 15:49:48 | 104,348,737 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\鎙餚唄7
[2013.10.31 15:49:48 | 104,348,737 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\鎙餚唄7
[2013.10.30 09:39:47 | 104,098,187 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\䯂�唄7
[2013.10.30 09:39:47 | 104,098,187 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\䯂�唄7
[2013.10.29 09:44:35 | 103,932,228 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\╸夹唄7
[2013.10.29 09:44:35 | 103,932,228 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\╸夹唄7
[2013.10.28 17:02:23 | 103,746,026 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\讝詨唄7
[2013.10.28 17:02:23 | 103,746,026 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\讝詨唄7
[2013.10.28 09:30:58 | 103,622,390 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ᬬ唄7
[2013.10.28 09:30:58 | 103,622,390 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ᬬ唄7
[2013.10.27 22:11:18 | 103,533,600 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\윀蝥唌7
[2013.10.27 22:11:18 | 103,533,600 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\윀蝥唌7
[2013.10.27 13:09:30 | 103,334,033 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\쳿윐唄7
[2013.10.27 12:13:08 | 103,334,033 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\쳿윐唄7
[2013.10.26 14:38:14 | 103,108,672 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\쾦덌唄7
[2013.10.26 14:38:14 | 103,108,672 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\쾦덌唄7
[2013.10.25 08:51:07 | 102,895,398 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\征唄7
[2013.10.25 08:51:07 | 102,895,398 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\征唄7
[2013.10.24 20:17:13 | 102,837,954 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ඦꇊ唄7
[2013.10.24 20:17:13 | 102,837,954 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ඦꇊ唄7
[2013.10.24 08:31:37 | 102,758,948 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\判瓠唄7
[2013.10.24 08:31:37 | 102,758,948 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\判瓠唄7
[2013.10.23 20:28:05 | 102,674,996 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㶲圶唄7
[2013.10.23 20:28:05 | 102,674,996 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㶲圶唄7
[2013.10.23 14:28:07 | 102,551,358 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\寵簃唄7
[2013.10.23 14:28:07 | 102,551,358 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\寵簃唄7
[2013.10.23 09:30:34 | 102,541,796 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\鶡唄7
[2013.10.23 08:28:10 | 102,541,796 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\鶡唄7
[2013.10.22 20:28:31 | 102,488,124 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\�䐪唄7
[2013.10.22 20:28:31 | 102,488,124 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\�䐪唄7
[2013.10.22 14:18:37 | 102,329,055 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\▨㐾唄7
[2013.10.22 14:18:37 | 102,329,055 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\▨㐾唄7
[2013.10.22 08:18:32 | 102,303,549 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㡼唄7
[2013.10.22 08:18:32 | 102,303,549 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㡼唄7
[2013.10.21 20:55:13 | 102,211,354 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ㅛ䵽唄7
[2013.10.21 20:55:13 | 102,211,354 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ㅛ䵽唄7
[2013.10.20 19:38:30 | 102,068,998 | ---- | M] ()(C:\WINDOWS\System32\?) -- C:\WINDOWS\System32\飰
[2013.10.20 19:38:30 | 102,068,998 | ---- | C] ()(C:\WINDOWS\System32\?) -- C:\WINDOWS\System32\飰
[2013.10.20 09:10:53 | 101,983,560 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㘶唄7
[2013.10.20 09:10:53 | 101,983,560 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㘶唄7
[2013.10.19 09:16:31 | 101,890,677 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\쒩唄7
[2013.10.19 09:16:31 | 101,890,677 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\쒩唄7
[2013.10.18 20:40:41 | 101,813,202 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\돾唄7
[2013.10.18 20:40:41 | 101,813,202 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\돾唄7
[2013.10.18 14:41:42 | 101,760,430 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\֠샩唄7
[2013.10.18 14:41:42 | 101,760,430 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\֠샩唄7
[2013.10.17 20:45:47 | 101,604,844 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\䋜뤒唄7
[2013.10.17 20:45:47 | 101,604,844 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\䋜뤒唄7
[2013.10.17 14:46:02 | 101,544,623 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\娽㻉唄7
[2013.10.17 14:46:02 | 101,544,623 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\娽㻉唄7
[2013.10.16 18:14:26 | 101,406,750 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㓰车唄7
[2013.10.16 18:14:26 | 101,406,750 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㓰车唄7
[2013.10.16 09:17:07 | 101,288,804 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㘥ਲ਼唄7
[2013.10.16 09:17:07 | 101,288,804 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㘥ਲ਼唄7
[2013.10.15 21:22:22 | 101,237,240 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\툼唄7
[2013.10.15 21:22:22 | 101,237,240 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\툼唄7
[2013.10.15 15:22:46 | 101,148,298 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ᦺ⁇唄7
[2013.10.15 15:22:46 | 101,148,298 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ᦺ⁇唄7
[2013.10.14 16:23:14 | 100,910,526 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\팚섔唄7
[2013.10.14 16:23:14 | 100,910,526 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\팚섔唄7
[2013.10.14 08:59:40 | 100,838,232 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\鼉꽚唄7
[2013.10.14 08:59:40 | 100,838,232 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\鼉꽚唄7
[2013.10.13 15:55:39 | 100,717,913 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\醶䂾唄7
[2013.10.13 15:55:39 | 100,717,913 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\醶䂾唄7
[2013.10.13 09:05:16 | 100,651,105 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㏽辬唄7
[2013.10.13 09:05:16 | 100,651,105 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\㏽辬唄7
[2013.10.12 14:23:42 | 100,615,351 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\倻쇌唄7
[2013.10.12 14:23:42 | 100,615,351 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\倻쇌唄7
[2013.10.12 08:23:03 | 100,595,853 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ꐤ罄唄7
[2013.10.12 08:23:03 | 100,595,853 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ꐤ罄唄7
[2013.10.11 14:29:08 | 100,474,618 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\鱃唄7
[2013.10.11 14:29:08 | 100,474,618 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\鱃唄7
[2013.10.10 08:45:02 | 100,221,909 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\쌸唄7
[2013.10.10 08:45:02 | 100,221,909 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\쌸唄7
[2013.10.09 20:50:11 | 100,163,860 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\啐⡥唄7
[2013.10.09 20:50:11 | 100,163,860 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\啐⡥唄7
[2013.10.09 14:50:04 | 100,146,679 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\儫肋唄7
[2013.10.09 14:50:04 | 100,146,679 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\儫肋唄7
[2013.10.09 08:51:05 | 100,120,694 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\偆鍤唄7
[2013.10.09 08:51:05 | 100,120,694 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\偆鍤唄7
[2013.10.08 14:39:59 | 099,859,239 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\锗繴唄7
[2013.10.08 14:39:59 | 099,859,239 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\锗繴唄7
[2013.10.08 08:41:27 | 099,836,383 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\膿ʎ唄7
[2013.10.08 08:41:27 | 099,836,383 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\膿ʎ唄7
[2013.10.07 08:37:21 | 099,582,406 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ꕣ暟唄7
[2013.10.07 08:37:21 | 099,582,406 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ꕣ暟唄7
[2013.10.06 17:59:49 | 099,477,982 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\횒唄7
[2013.10.06 17:59:49 | 099,477,982 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\횒唄7
[2013.10.05 16:42:19 | 099,386,337 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\য�唄7
[2013.10.05 16:42:19 | 099,386,337 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\য�唄7
[2013.10.05 08:44:29 | 099,319,274 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\�唄7
[2013.10.05 08:44:29 | 099,319,274 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\�唄7
[2013.10.04 17:40:42 | 099,209,434 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\齯唄7
[2013.10.04 17:40:42 | 099,209,434 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\齯唄7
[2013.10.04 08:47:51 | 099,176,917 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\✭唄7
[2013.10.04 08:47:51 | 099,176,917 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\✭唄7
[2013.10.03 08:58:48 | 098,878,632 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\唄7
[2013.10.03 08:58:48 | 098,878,632 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\唄7
[2013.10.02 15:02:26 | 098,743,931 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\혶鵳唄7
[2013.10.02 15:02:26 | 098,743,931 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\혶鵳唄7
[2013.10.02 13:40:57 | 098,712,514 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\朄唄7
[2013.10.02 09:02:16 | 098,712,514 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\朄唄7
[2013.10.01 08:45:49 | 098,602,865 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\稇鴫唄7
[2013.10.01 08:45:49 | 098,602,865 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\稇鴫唄7
[2013.09.30 20:38:33 | 098,541,442 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\䷒ﰜ唄7
[2013.09.30 20:38:33 | 098,541,442 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\䷒ﰜ唄7
[2013.09.30 14:39:10 | 098,499,637 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\꧁驣唄7
[2013.09.30 14:39:10 | 098,499,637 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\꧁驣唄7
[2013.09.29 17:29:49 | 098,466,785 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\呕鍸唄7
[2013.09.29 17:29:49 | 098,466,785 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\呕鍸唄7
[2013.09.29 08:55:36 | 098,442,955 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ϻ覞唄7
[2013.09.29 08:55:36 | 098,442,955 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ϻ覞唄7
[2013.09.28 08:24:39 | 098,372,650 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\䫆⣨唄7
[2013.09.28 08:24:39 | 098,372,650 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\䫆⣨唄7
[2013.09.27 20:28:17 | 098,286,374 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\⣵뎿唄7
[2013.09.27 20:28:17 | 098,286,374 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\⣵뎿唄7
[2013.09.27 14:28:23 | 098,267,320 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\聻荑唄7
[2013.09.27 14:28:23 | 098,267,320 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\聻荑唄7
[2013.09.26 18:29:42 | 098,009,570 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ꊭ䐕唄7
[2013.09.26 18:29:42 | 098,009,570 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ꊭ䐕唄7
[2013.09.26 08:48:46 | 097,892,804 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ꔤ㳭唄7
[2013.09.26 08:48:46 | 097,892,804 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\ꔤ㳭唄7
[2013.09.25 21:03:21 | 097,858,179 | ---- | M] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\笕雪唄7
[2013.09.25 21:03:21 | 097,858,179 | ---- | C] ()(C:\WINDOWS\System32\???7) -- C:\WINDOWS\System32\笕雪唄7
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:5C321E34
< End of report >
--- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 02.01.2016 13:07:19 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Diana\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1013,02 Mb Total Physical Memory | 556,43 Mb Available Physical Memory | 54,93% Memory free
2,38 Gb Paging File | 2,04 Gb Available in Paging File | 85,64% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 138,05 Gb Total Space | 45,68 Gb Free Space | 33,09% Space Free | Partition Type: NTFS
Computer Name: PACKARD-32CE193 | User Name: Diana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = DragonHTML] -- C:\Programme\Comodo\Dragon\dragon.exe (Comodo)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = DragonHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Programme\Comodo\Dragon\dragon.exe" -- "%1" (Comodo)
https [open] -- "C:\Programme\Comodo\Dragon\dragon.exe" -- "%1" (Comodo)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"8000:TCP" = 8000:TCP:*:Enabled:listen rtp port
"5060:TCP" = 5060:TCP:*:Enabled:listen sip port
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\sipgate X-Lite\sipgateXLite.exe" = C:\Programme\sipgate X-Lite\sipgateXLite.exe:*:Enabled:sipgateXLite -- ()
"C:\Programme\CounterPath\X-Lite\x-lite.exe" = C:\Programme\CounterPath\X-Lite\x-lite.exe:*:Enabled:X-Lite -- ()
"C:\Dokumente und Einstellungen\Sonnenschein\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\Sonnenschein\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Programme\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe" = C:\Programme\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe:*:Enabled:Ad-Aware Security Add-on DTX Broker
"C:\Programme\FreeTime\FormatFactory\FormatFactory.exe" = C:\Programme\FreeTime\FormatFactory\FormatFactory.exe:*:Enabled:FormatFactory -- (Free Time)
"C:\Programme\Comodo\Dragon\dragon.exe" = C:\Programme\Comodo\Dragon\dragon.exe:*:Enabled:Comodo Dragon -- (Comodo)
"C:\Programme\VideoLAN\VLC\vlc.exe" = C:\Programme\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- (VideoLAN)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox (C:\Programme\Mozilla Firefox) -- (Mozilla Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}" = System Requirements Lab for Intel
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP520_series" = Canon MP520 series
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1" = System Checkup 3.5
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 6.1.0
"{83299633-1261-47A3-84F3-6F02B4B8CDB1}" = Video Web Camera
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EB6EAE1-5CFC-46F1-9FB9-5FDA335DDE3D}" = Packard Bell XSync
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.5 - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B976F8E5-6A68-482C-8371-1DF9C70F7E2E}_is1" = sipgate X-Lite 1105c ger
"{BD136CE7-6666-4273-A056-8D92F8625AAB}" = Sun ODF Plugin for Microsoft Office 3.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{e6e75766-da0f-4ba2-9788-6ea593ce702d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Hama Wireless LAN Adapter
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}" = Windows Resource Kit Tools
"{FC9B811E-39BC-4813-9E29-B83CCF700010}" = 1.3M WebCam
"36E252B904CCA457EEA4810BC637F015E21FD79F" = ENE USB Card Reader Driver
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 20 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 20 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 20 PPAPI
"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0
"AI RoboForm" = RoboForm 7-9-14-4 (All Users)
"Avast" = Avast Free Antivirus
"Avidemux 2.6" = Avidemux 2.6 (32-bit)
"Comodo Dragon" = Comodo Dragon
"CUEcards 2000" = CUEcards 2000
"Digital Editions" = Adobe Digital Editions
"Elantech" = ETDWare PS/2-x86 7.0.6.6_WHQL
"ElsterFormular" = ElsterFormular
"FormatFactory" = FormatFactory 3.6.0.0
"Freemake Video Converter_is1" = Freemake Video Converter Version 4.1.3
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"ie8" = Windows Internet Explorer 8
"InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"InstallShield_{9EB6EAE1-5CFC-46F1-9FB9-5FDA335DDE3D}" = Packard Bell XSync
"KeynoteConnector" = Keynote Connector
"LManager" = Launch Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.2.0.1024
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 43.0.2 (x86 de)" = Mozilla Firefox 43.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Packard Bell Game Console" = Packard Bell Game Console
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Pdf995" = Pdf995
"Revo Uninstaller" = Revo Uninstaller 1.95
"SpywareBlaster_is1" = SpywareBlaster 5.2
"Static EMail Backup_is1" = Static EMail Backup 2.9
"SuperMailer" = SuperMailer 5.20
"VLC media player" = VLC media player
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WildTangent packardbell Master Uninstall" = Packard Bell Games
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.82
"WMBackup-BackupfürWindowsLiveMail" = WMBackup - Windows Live Mail Backup
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WT088226" = Bejeweled 2 Deluxe
"WT088235" = Chuzzle Deluxe
"WT088238" = Diner Dash 2 Restaurant Rescue
"WT088260" = Farm Frenzy
"WT088268" = Insaniquarium Deluxe
"WT088269" = Jewel Quest Solitaire 2
"WT088283" = Plants vs. Zombies
"WT088292" = Zuma Deluxe
"WT088376" = Blackhawk Striker 2
"WT088396" = Dora's Carnival Adventure
"WT088420" = Final Drive Nitro
"WT088444" = Jewel Quest
"WT088456" = Polar Bowler
"WT088508" = Virtual Villagers 4 - The Tree of Life
"WT088531" = Zuma's Revenge
"WT088656" = Jewel Quest - Heritage
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X-Lite 3.0_is1" = X-Lite 3.0
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 22.11.2015 05:57:21 | Computer Name = PACKARD-32CE193 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office 2000 Premium -- Fehler 1706. Es wurde keine
gültige Quelle für das Produkt "Microsoft Office 2000 Premium" gefunden. Die Installation
kann nicht fortgesetzt werden.
Error - 07.12.2015 15:56:34 | Computer Name = PACKARD-32CE193 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office 2000 Premium -- Fehler 1706. Es wurde keine
gültige Quelle für das Produkt "Microsoft Office 2000 Premium" gefunden. Die Installation
kann nicht fortgesetzt werden.
Error - 30.12.2015 16:49:41 | Computer Name = PACKARD-32CE193 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office 2000 Premium -- Fehler 1706. Es wurde keine
gültige Quelle für das Produkt "Microsoft Office 2000 Premium" gefunden. Die Installation
kann nicht fortgesetzt werden.
[ Application Events ]
Error - 22.11.2015 05:57:21 | Computer Name = PACKARD-32CE193 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office 2000 Premium -- Fehler 1706. Es wurde keine
gültige Quelle für das Produkt "Microsoft Office 2000 Premium" gefunden. Die Installation
kann nicht fortgesetzt werden.
Error - 07.12.2015 15:56:34 | Computer Name = PACKARD-32CE193 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office 2000 Premium -- Fehler 1706. Es wurde keine
gültige Quelle für das Produkt "Microsoft Office 2000 Premium" gefunden. Die Installation
kann nicht fortgesetzt werden.
Error - 30.12.2015 16:49:41 | Computer Name = PACKARD-32CE193 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office 2000 Premium -- Fehler 1706. Es wurde keine
gültige Quelle für das Produkt "Microsoft Office 2000 Premium" gefunden. Die Installation
kann nicht fortgesetzt werden.
[ Application Events ]
Error - 22.11.2015 05:57:21 | Computer Name = PACKARD-32CE193 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office 2000 Premium -- Fehler 1706. Es wurde keine
gültige Quelle für das Produkt "Microsoft Office 2000 Premium" gefunden. Die Installation
kann nicht fortgesetzt werden.
Error - 07.12.2015 15:56:34 | Computer Name = PACKARD-32CE193 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office 2000 Premium -- Fehler 1706. Es wurde keine
gültige Quelle für das Produkt "Microsoft Office 2000 Premium" gefunden. Die Installation
kann nicht fortgesetzt werden.
Error - 30.12.2015 16:49:41 | Computer Name = PACKARD-32CE193 | Source = MsiInstaller | ID = 11706
Description = Produkt: Microsoft Office 2000 Premium -- Fehler 1706. Es wurde keine
gültige Quelle für das Produkt "Microsoft Office 2000 Premium" gefunden. Die Installation
kann nicht fortgesetzt werden.
[ System Events ]
Error - 30.12.2015 19:15:35 | Computer Name = PACKARD-32CE193 | Source = Service Control Manager | ID = 7034
Description = Dienst "Updater Service" wurde unerwartet beendet. Dies ist bereits
1 Mal passiert.
Error - 30.12.2015 19:15:42 | Computer Name = PACKARD-32CE193 | Source = Service Control Manager | ID = 7034
Description = Dienst "Adobe Active File Monitor V8" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 31.12.2015 05:01:05 | Computer Name = PACKARD-32CE193 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SBRE
Error - 31.12.2015 05:45:34 | Computer Name = PACKARD-32CE193 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SBRE
Error - 31.12.2015 06:35:35 | Computer Name = PACKARD-32CE193 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SBRE
Error - 31.12.2015 08:48:35 | Computer Name = PACKARD-32CE193 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SBRE
Error - 31.12.2015 09:22:47 | Computer Name = PACKARD-32CE193 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SBRE
Error - 01.01.2016 06:17:31 | Computer Name = PACKARD-32CE193 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SBRE
Error - 02.01.2016 05:39:22 | Computer Name = PACKARD-32CE193 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SBRE
Error - 02.01.2016 07:45:50 | Computer Name = PACKARD-32CE193 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SBRE
< End of report >
--- --- ---
Übrigens: Es ist noch ein zweiter Benutzer eigerichtet (der kaum von uns genutzt wird). Unter diesem Benutzer läuft alles reibungslos. |
