Seite 1 von 7 123 ... LetzteLetzte
Ergebnis 1 bis 10 von 66

Thema: FF und TB(keine Rückmeldung)-Windows fährt nach einer Minute runter,etc.

  1. #1
    Forenbenutzer
    Registriert seit
    04.09.2010
    Beiträge
    46

    FF und TB(keine Rückmeldung)-Windows fährt nach einer Minute runter,etc.

    Hallo,
    nun kommt ein ganz schwerer Fall.

    Am 25.8 hat mein McAfee einen Trojaner gemeldet und angeblich auch gelöscht.

    Dann kam die Meldung Windows fährt in einer Minute runter.
    Das passierte nach dem Hochfahren nochmals!

    26.8 keine Vorkommnisse

    27.8-29.8 wieder: die Meldung Windows fährt nach einer Minute runter
    Ausserdem Stüzrte Tunderbird beim versenden von Mails ab, meist welche mit mehr als 500kb und Firefox hatte wenn ich meherer Taps öffnete keine Rückmeldung.
    Mehrfach mit AcAfee gescannt, keine Vorkommnisse

    30.8.habe Ad Aware installiert, Ad Ware findet zwei Trojaner Stufe 7 und 10, sorry Namen weiß ich nicht mehr.
    TB und FF liefen weiterhin mit Problemen.

    2.9 Malwarebytes installiert, 4 Viren gefunden

    FF beim Versuch Online Banking zu ereichen abgestürzt(keine Rückmeldung)
    Onlinebanking Versuch mit IE, dann kam die Meldung das ich mal eben 20 Tans eingeben soll

    Kaspersky Virus Removal Tool installiert, ca. 43 Viren gefunden, die meisten im Java Bereich

    FF und TB liefen wieder norma

    Heute wieder MEdlung Windows fährt in eienr Minute runter, gestoppt mit Shiotdown - a
    Nochmal den Kaspersky VRT gestartet, Meldung Windows Explorer funktioniert nicht mehr, dauernder absturz und neustart des WE.

    Malwarbytes gestartet, Rootkit Agent A gefunden, dann nochmal Kaspersky probiert wieder WE probleme wieder Malwarbytes gestartet, wieder Rootkit Agent gefunden.

    Aufgrund der Anleitung hier mal den Gmer gestartet, Ergebnis: Blauer Bildschirm während des Scans.......

    Nach dem der Rechner wieder hochgefahren war war, waren alel Windwos und McAfee Schutzeinrichtungen ausgeschaltet.

    Ihr seht ich brauche dringend unterstützung und hoffe jemand kann mich Anleiten.

    Hijack Logfile

    Code:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 22:08:27, on 04.09.2010
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18943)
    Boot mode: Normal
    
    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\DellTPad\Apoint.exe
    C:\Windows\OEM13Mon.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
    C:\Windows\System32\WLTRAY.EXE
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Users\Slotracing Werk\Desktop\Virus Removal Tool\setup_9.0.0.722_01.09.2010_10-16\setup_9.0.0.722_01.09.2010_10-16.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\ACD Systems\ACDSee\11.0\ACDSee11.exe
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Slotracing Werk\Downloads\HiJackThis204.exe
    
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USSMB/8
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/USSMB/8
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100901232242.dll
    O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
    O4 - HKLM\..\Run: [OEM13Mon.exe] C:\Windows\OEM13Mon.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
    O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
    O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe"
    O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
    O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [ApplyEsf-eDocPrintPro] "C:\Program Files\Common Files\MAYComputer\eDocPrintPro\\ApplyEsf.exe"
    O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [Dogui] C:\Users\Slotracing Werk\AppData\Roaming\Adobe\Update\dxcli.exe
    O4 - HKCU\..\Run: [RegistryBooster] "C:\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
    O4 - Startup: setup_9.0.0.722_01.09.2010_10-16.lnk = C:\Users\Slotracing Werk\Desktop\Virus Removal Tool\setup_9.0.0.722_01.09.2010_10-16\startup.exe
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O15 - Trusted Zone: http://*.mcafee.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5A81CD59-B16D-4BDF-B668-2C104EE37633}: NameServer = 213.191.74.11 213.191.92.82
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\aestsrv.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Personal Firewall-Dienst (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: O2FLASH - O2Micro International - C:\Windows\system32\DRIVERS\o2flash.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\STacSV.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
    
    --
    End of file - 11172 bytes
    mfg
    Sailboarder

  2. #2
    Moderator (global) Team-Mitglied Avatar von Speedy
    Registriert seit
    07.08.2004
    Ort
    Linz
    Beiträge
    23.588

    AW: FF und TB(keine Rückmeldung)-Windows fährt nach einer Minute runter,etc.

    hi

    wie wäre es, wenn du auch die logfiles der verwendeten programme posten würdest?

    • lade das tool OTL von OldTimer auf deinen desktop (alternativdownlaod)
    • schließe nun alle anderen anwendungen
    • starte das tool durch einen doppelklick auf die datei otl.exe
      (vista und windows7 user klicken mit der rechten maustaste auf die datei otl.exe und wählen aus dem menü " als administrator ausführen")
    • verwende die einstellung genau so, wie sie auf dem bild dargestellt ist



    • klick nun auf den button "scan", der rechner wird einige minuten benötigen, um die daten auszulesen
    • wenn die prüfung beendet ist, bekommst du 2 logfile, OTL.txt und Extras.txt, die da abgespeichert wurden, von wo aus die otl.exe gestartet hast (hier war vorgabe -> desktop)
    • kopier nun den inhalt jeder datei und füge ihn in den [code] tags formatiert hier ein.
    • verwende ohne aufforderung keinen anderen button, du könntest damit die geleistet arbeit vernichten.
    lg
    www.Speedyweb.at.tf
    Die Durchführung meiner Tipps erfolgt auf eigene Verantwortung!
    HijackThis (Downloads und Anleitungen z.B. was ist fixen usw.)
    HijackThis-Chat oder willst du hier mitmachen Stellenausschreibung
    hilfestellung zur systembereinigung nur über das öffentliche forum und keinesfalls über privatnachrichten oder email !!

  3. #3
    Forenbenutzer
    Registriert seit
    04.09.2010
    Beiträge
    46

    AW: FF und TB(keine Rückmeldung)-Windows fährt nach einer Minute runter,etc.

    Hallo Speedy,
    danke das du dich meienr annimmst udn das zu so später Stunde!

    Logfiles anderer Programme:

    Kaspersky will nach beenden das Programm immer deinstallieren und den PC runterfahren, deswegen habe ich da keine Logfile.

    Adaware, ich glaube es wwar hier im Forum das schrieb einer das das programm Schwansinn wäre und ich habe mal den ganzen Prgogrammschwachsinn bei mir deinstalliert.

    java habe ich auch deinstalliert.

    Malwarbytes:

    Logfile von Montag:
    Code:
    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org
    
    Datenbank Version: 4524
    
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18943
    
    01.09.2010 21:13:11
    mbam-log-2010-09-01 (21-13-11).txt
    
    Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|L:\|)
    Durchsuchte Objekte: 395777
    Laufzeit: 1 Stunde(n), 47 Minute(n), 40 Sekunde(n)
    
    Infizierte Speicherprozesse: 0
    Infizierte Speichermodule: 0
    Infizierte Registrierungsschlüssel: 0
    Infizierte Registrierungswerte: 2
    Infizierte Dateiobjekte der Registrierung: 0
    Infizierte Verzeichnisse: 0
    Infizierte Dateien: 2
    
    Infizierte Speicherprozesse:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Speichermodule:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Registrierungsschlüssel:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Registrierungswerte:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{a5450a65-60f5-01ee-0181-650e149cf8f3} (Heuristics.Shuriken) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\convuser (Trojan.Agent.U) -> Quarantined and deleted successfully.
    
    Infizierte Dateiobjekte der Registrierung:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Verzeichnisse:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Dateien:
    C:\Users\Slotracing Werk\AppData\Roaming\Takoa\ugaw.exe (Heuristics.Shuriken) -> Quarantined and deleted successfully.
    C:\Users\Slotracing Werk\AppData\Roaming\Adobe\Update\flacor.dat (Trojan.Agent) -> Quarantined and deleted successfully.

    Logfile von Samstag den 4.9 11.03Uhr
    Code:
    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org
    
    Datenbank Version: 4524
    
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18943
    
    04.09.2010 11:03:10
    mbam-log-2010-09-04 (11-03-10).txt
    
    Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|L:\|)
    Durchsuchte Objekte: 12086
    Laufzeit: 52 Sekunde(n)
    
    Infizierte Speicherprozesse: 0
    Infizierte Speichermodule: 0
    Infizierte Registrierungsschlüssel: 0
    Infizierte Registrierungswerte: 0
    Infizierte Dateiobjekte der Registrierung: 0
    Infizierte Verzeichnisse: 0
    Infizierte Dateien: 1
    
    Infizierte Speicherprozesse:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Speichermodule:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Registrierungsschlüssel:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Registrierungswerte:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Dateiobjekte der Registrierung:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Verzeichnisse:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Dateien:
    C:\Windows\System32\drivers\58559811.sys (Rootkit.Agent.H) -> Quarantined and deleted successfully.

    und selber Tag 16.20 Uhr
    Code:
    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org
    
    Datenbank Version: 4524
    
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18943
    
    04.09.2010 16:20:17
    mbam-log-2010-09-04 (16-20-17).txt
    
    Art des Suchlaufs: Quick-Scan
    Durchsuchte Objekte: 134714
    Laufzeit: 6 Minute(n), 50 Sekunde(n)
    
    Infizierte Speicherprozesse: 0
    Infizierte Speichermodule: 0
    Infizierte Registrierungsschlüssel: 0
    Infizierte Registrierungswerte: 0
    Infizierte Dateiobjekte der Registrierung: 0
    Infizierte Verzeichnisse: 0
    Infizierte Dateien: 1
    
    Infizierte Speicherprozesse:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Speichermodule:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Registrierungsschlüssel:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Registrierungswerte:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Dateiobjekte der Registrierung:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Verzeichnisse:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Dateien:
    C:\Windows\System32\drivers\51099722.sys (Rootkit.Agent.H) -> Quarantined and deleted successfully.
    Eben nochmal gescannt
    Code:
    Malwarebytes' Anti-Malware 1.46
    www.malwarebytes.org
    
    Datenbank Version: 4524
    
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18943
    
    04.09.2010 22:39:06
    mbam-log-2010-09-04 (22-39-06).txt
    
    Art des Suchlaufs: Quick-Scan
    Durchsuchte Objekte: 134303
    Laufzeit: 6 Minute(n), 34 Sekunde(n)
    
    Infizierte Speicherprozesse: 0
    Infizierte Speichermodule: 0
    Infizierte Registrierungsschlüssel: 0
    Infizierte Registrierungswerte: 0
    Infizierte Dateiobjekte der Registrierung: 0
    Infizierte Verzeichnisse: 0
    Infizierte Dateien: 0
    
    Infizierte Speicherprozesse:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Speichermodule:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Registrierungsschlüssel:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Registrierungswerte:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Dateiobjekte der Registrierung:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Verzeichnisse:
    (Keine bösartigen Objekte gefunden)
    
    Infizierte Dateien:
    (Keine bösartigen Objekte gefunden)
    An den OTL gehe ich gleich dran und poste es dann!

  4. #4
    Forenbenutzer
    Registriert seit
    04.09.2010
    Beiträge
    46

    AW: FF und TB(keine Rückmeldung)-Windows fährt nach einer Minute runter,etc.

    So Extras Txt von OLT
    Code:
    OTL Extras logfile created on: 04.09.2010 22:52:07 - Run 1
    OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Slotracing Werk\Desktop
    Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18943)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
    6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 88,09 Gb Total Space | 40,78 Gb Free Space | 46,29% Space Free | Partition Type: NTFS
    Drive D: | 14,65 Gb Total Space | 7,33 Gb Free Space | 50,07% Space Free | Partition Type: NTFS
    Drive E: | 146,48 Gb Total Space | 38,71 Gb Free Space | 26,42% Space Free | Partition Type: NTFS
    Drive F: | 48,68 Gb Total Space | 33,89 Gb Free Space | 69,62% Space Free | Partition Type: NTFS
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
    Drive L: | 7,60 Gb Total Space | 7,59 Gb Free Space | 99,88% Space Free | Partition Type: FAT32
     
    Computer Name: SLOTRACINGWE-PC
    Current User Name: Slotracing Werk
    Logged in as Administrator.
     
    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard
     
    ========== Extra Registry (SafeList) ==========
     
     
    ========== File Associations ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
     
    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
     
    ========== Shell Spawning ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [ACDSee 11.0.Browse] -- "C:\Program Files\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1" (ACD Systems)
    Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    ========== Security Center Settings ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0
    "DoNotAllowExceptions" = 0
     
    ========== Authorized Applications List ==========
     
     
    ========== Vista Active Open Ports Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{04B14A93-2DA8-4E64-A193-166749F776FD}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
    "{07CE3354-00DC-47C4-BA14-41D919435060}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
    "{35535F54-4913-422D-9673-4C865EC05AED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
    "{503B30FC-6C81-4E1F-A3EC-96E468DF6010}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
    "{80DE4E52-91C0-4895-BCA3-F0773F112E8B}" = lport=2869 | protocol=6 | dir=in | app=system | 
    "{AF5CD928-0388-4AA8-8C7B-E06147425C00}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
    "{B128D466-8797-459D-989F-536E34A4145E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
    "{E5E88447-C36D-4D1C-AA0F-22E1297C237D}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
    "{ECBACE89-45EA-4994-9828-7B118FC4FD88}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
    "{ECFD19B8-A96F-459D-A3A3-81984D62792E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
     
    ========== Vista Active Application Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{2968C1BD-BBF7-42D4-A202-8220B72F8F9E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
    "{40DD2188-8850-4117-BD99-4CD61007B966}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe | 
    "{4AD8AE99-3A4F-46CA-95A4-E6D21E1BD22D}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
    "{5903D4C9-B4B2-4C9C-95EF-97E77638A14F}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe | 
    "{6FD12F50-BE84-4364-9178-86285BCB56EB}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
    "{746A8872-68D1-4763-9013-3CD648680338}" = protocol=17 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe | 
    "{7D52AF18-840F-40AE-9EC9-1822A7E21BD0}" = protocol=17 | dir=in | app=c:\program files\mozilla thunderbird\thunderbird.exe | 
    "{8643461B-6760-48F6-BFEF-F7A2F33E764A}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe | 
    "{925109E4-FD42-4E0B-B653-D0A3472F360C}" = protocol=6 | dir=in | app=c:\program files\dell video chat\dellvideochat.exe | 
    "{9B1E8DA0-F8AE-4439-838A-FA741561DD78}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
    "{CB5CF4D5-88C1-4BDC-A5F3-7529D129CA68}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
    "{D5F4F6C0-B2C3-43BC-B6FF-D91B2889C237}" = protocol=6 | dir=in | app=c:\program files\mozilla thunderbird\thunderbird.exe | 
    "TCP Query User{49169471-A893-4E52-9A87-C09ECCA0B7BA}C:\program files\macromedia\dreamweaver mx\dreamweaver.exe" = protocol=6 | dir=in | app=c:\program files\macromedia\dreamweaver mx\dreamweaver.exe | 
    "TCP Query User{7C700ADB-D30B-4B5A-937C-C22133C58651}C:\program files\intervideo\dvd7\windvd.exe" = protocol=6 | dir=in | app=c:\program files\intervideo\dvd7\windvd.exe | 
    "TCP Query User{7E145683-CBD6-4369-8B2B-A85F244B5A81}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
    "TCP Query User{879D0E96-3727-4C15-BEA6-1E37338C42AF}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe | 
    "TCP Query User{EA8F8A8C-970D-4AAC-9AFE-4902DA7F7264}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
    "UDP Query User{1AFCE0EA-D5AD-4C38-AF08-47DF7404A7C8}C:\program files\intervideo\dvd7\windvd.exe" = protocol=17 | dir=in | app=c:\program files\intervideo\dvd7\windvd.exe | 
    "UDP Query User{52A0411C-E40F-4408-B5CD-83F51ADD5CB2}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
    "UDP Query User{BB7B7BA9-1623-4EB5-A353-BC57EC4404FF}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe | 
    "UDP Query User{E726629C-984B-44CE-96AE-94B74D47192E}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
    "UDP Query User{F081438F-1346-4575-8C8B-28B545C9611D}C:\program files\macromedia\dreamweaver mx\dreamweaver.exe" = protocol=17 | dir=in | app=c:\program files\macromedia\dreamweaver mx\dreamweaver.exe | 
     
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0394CDC8-FABD-4ED8-B104-03393876DFDF}" = Roxio Creator Tools
    "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
    "{07159635-9DFE-4105-BFC0-2817DB540C68}" = Roxio Activation Module
    "{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
    "{0D397393-9B50-4C52-84D5-77E344289F87}" = Roxio Creator Data
    "{10F3678A-D698-46B6-954D-95C7A267D03E}" = ActivePerl 5.8.9 Build 826
    "{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
    "{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
    "{2DCEFEFF-7831-4D79-BC28-11D1B8D7E076}" = Dell 5530 Wireless Broadband Package
    "{300578F9-9EFF-4B93-9AB1-C0E5707EF463}" = ACDSee Foto-Manager 2009
    "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
    "{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
    "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
    "{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
    "{566BAEC0-74CB-4ACC-9E18-8779AC974FB0}" = Windows Live Toolbar
    "{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
    "{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
    "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
    "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
    "{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{77077FFF-8831-470F-9627-E86F06A50CCD}" = Avery Wizard 3.1
    "{7B63B2922B174135AFC0E1377DD81EC2}" = 
    "{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
    "{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
    "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
    "{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
    "{83FFCFC7-88C6-41C6-8752-958A45325C82}" = Roxio Creator Audio
    "{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
    "{8B4AB829-DFD3-436D-B808-D9733D76C590}" = Macromedia Dreamweaver MX
    "{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
    "{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Sonic CinePlayer Decoder Pack
    "{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}" = McAfee Virtual Technician
    "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
    "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
    "{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
    "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
    "{91252C0A-59F9-42F9-9181-B9CC74F592C0}" = Vodafone Mobile Connect
    "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
    "{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
    "{B4007B15-35A1-44B2-A591-BCF387720BC4}" = eDocPrintPro v3.15.5
    "{B5BCBD49-202F-4238-8398-D83D423A48B4}" = Windows Live Anmelde-Assistent
    "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
    "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
    "{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
    "{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
    "{EBF2FCA1-518E-441D-A92A-DCEE9625959E}" = Dell Sicherungs- und Wiederherstellungs-Manager
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
    "{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
    "{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
    "{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
    "{FD023F61-65E9-465C-B558-7C64EB2B97E6}" = Dell Handbuch zum Einstieg
    "{FF203294-02C1-4632-832C-762CBD15CF2D}" = Ericsson Wireless Manager
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
    "Advanced Audio FX Engine" = Advanced Audio FX Engine
    "Advanced Video FX Engine" = Advanced Video FX Engine
    "Broadcom 802.11b Network Adapter" = Dienstprogramm für Dell Wireless WLAN Karte
    "CANONBJ_Deinstall_CNMCP74.DLL" = Canon iP2200
    "CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
    "Creative OEM013" = Laptop Integrated Webcam Driver (1.01.01.0529)  
    "Dell Video Chat" = Dell Video Chat
    "Dell Webcam Center" = Dell Webcam Center
    "Dell Webcam Manager" = Dell Webcam Manager
    "DRI Tool 2.0_is1" = DRI Tool 2.0
    "FotoQuelle Fotosoftware" = FotoQuelle Fotosoftware 4.7
    "Google Desktop" = Google Desktop
    "InterActual Player" = InterActual Player
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
    "Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
    "MSC" = McAfee SecurityCenter
    "NVIDIA Drivers" = NVIDIA Drivers
    "ST6UNST #1" = WinRbm
    "SuperMailer" = SuperMailer 4.90
    "tigo-IT ReNo 2007 Add-In_is1" = ReNo Freeware 2007 Add-In
    "TomTom HOME" = TomTom HOME 2.7.5.2014
    "Totalcmd" = Total Commander (Remove or Repair)
    "Uninstall_is1" = Uninstall 1.0.0.1
    "VLC media player" = VLC media player 0.9.8a
    "Werner Terminator" = Werner Terminator
    "WinLiveSuite_Wave3" = Windows Live Essentials
    "WinRAR archiver" = WinRAR Archivierer
     
    ========== HKEY_CURRENT_USER Uninstall List ==========
     
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "309a46b1dc89b774" = Dell Driver Download Manager
    "603989baa3ce211a" = Foto Quelle Fotobuch
     
    ========== Last 10 Event Log Errors ==========
     
    Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
     
    < End of report >
    und OTL.Txt
    Code:
    OTL logfile created on: 04.09.2010 22:52:07 - Run 1
    OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Slotracing Werk\Desktop
    Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18943)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 67,00% Memory free
    6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 88,09 Gb Total Space | 40,78 Gb Free Space | 46,29% Space Free | Partition Type: NTFS
    Drive D: | 14,65 Gb Total Space | 7,33 Gb Free Space | 50,07% Space Free | Partition Type: NTFS
    Drive E: | 146,48 Gb Total Space | 38,71 Gb Free Space | 26,42% Space Free | Partition Type: NTFS
    Drive F: | 48,68 Gb Total Space | 33,89 Gb Free Space | 69,62% Space Free | Partition Type: NTFS
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
    Drive L: | 7,60 Gb Total Space | 7,59 Gb Free Space | 99,88% Space Free | Partition Type: FAT32
     
    Computer Name: SLOTRACINGWE-PC
    Current User Name: Slotracing Werk
    Logged in as Administrator.
     
    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Standard
     
    ========== Processes (SafeList) ==========
     
    PRC - [2010.09.04 22:51:38 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Slotracing Werk\Desktop\OTL.exe
    PRC - [2010.07.01 00:07:46 | 001,193,848 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee.com\Agent\mcagent.exe
    PRC - [2010.06.24 16:41:38 | 000,092,008 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
    PRC - [2010.06.24 16:41:34 | 000,247,144 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe
    PRC - [2010.05.31 20:32:58 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\SystemCore\mfefire.exe
    PRC - [2010.05.31 20:32:58 | 000,170,144 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\SystemCore\mcshield.exe
    PRC - [2010.05.31 20:32:58 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\SystemCore\mfevtps.exe
    PRC - [2010.03.25 01:32:16 | 000,009,216 | ---- | M] (Vodafone) -- C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
    PRC - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Programme\Common Files\Mcafee\McSvcHost\McSvHost.exe
    PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009.03.31 16:28:10 | 000,483,420 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe
    PRC - [2009.03.31 16:28:00 | 000,249,938 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe
    PRC - [2009.03.31 16:27:48 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe
    PRC - [2009.03.31 16:26:12 | 000,049,250 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\hidfind.exe
    PRC - [2009.03.31 16:25:54 | 000,217,088 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\Apoint.exe
    PRC - [2009.03.31 16:25:52 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApntEx.exe
    PRC - [2009.03.31 16:25:50 | 000,054,568 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApMsgFwd.exe
    PRC - [2009.02.05 04:26:38 | 000,128,232 | ---- | M] (CyberLink Corp.) -- C:\Programme\CyberLink\PowerDVD DX\PDVDDXSrv.exe
    PRC - [2009.01.18 19:27:18 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM13Mon.exe
    PRC - [2009.01.08 05:55:00 | 000,072,224 | ---- | M] (O2Micro International) -- C:\Windows\System32\drivers\o2flash.exe
    PRC - [2008.12.04 23:03:00 | 000,226,640 | ---- | M] (Microsoft Corp.) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    PRC - [2008.01.21 04:25:56 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
    PRC - [2008.01.21 04:25:56 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
    PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    PRC - [2007.09.11 00:43:54 | 000,067,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Photoshop Elements 6.0\apdproxy.exe
    PRC - [2007.07.27 23:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.) -- C:\Programme\Dell\Dell Webcam Manager\DellWMgr.exe
    PRC - [2006.09.11 11:40:32 | 000,218,032 | ---- | M] (Macrovision Corporation) -- C:\Programme\Common Files\InstallShield\UpdateService\ISUSPM.exe
     
     
    ========== Modules (SafeList) ==========
     
    MOD - [2010.09.04 22:51:38 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Slotracing Werk\Desktop\OTL.exe
    MOD - [2010.07.14 13:30:14 | 000,018,688 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee\SiteAdvisor\sahook.dll
    MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
    MOD - [2008.01.21 04:25:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
     
     
    ========== Win32 Services (SafeList) ==========
     
    SRV - File not found [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
    SRV - [2010.06.24 16:41:38 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
    SRV - [2010.05.31 20:32:58 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
    SRV - [2010.05.31 20:32:58 | 000,170,144 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
    SRV - [2010.05.31 20:32:58 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Programme\Common Files\Mcafee\SystemCore\mfevtps.exe -- (mfevtp)
    SRV - [2010.04.19 22:24:47 | 001,838,592 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager)
    SRV - [2010.04.15 09:45:10 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
    SRV - [2010.03.25 01:32:16 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
    SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
    SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
    SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McProxy)
    SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
    SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
    SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
    SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
    SRV - [2010.03.10 10:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
    SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009.08.27 21:04:39 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2009.03.31 16:28:00 | 000,249,938 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\stacsv.exe -- (STacSV)
    SRV - [2009.03.31 16:27:48 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_ec3a90dd\AEstSrv.exe -- (AESTFilters)
    SRV - [2009.01.08 05:55:00 | 000,072,224 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\System32\drivers\o2flash.exe -- (O2FLASH)
    SRV - [2008.12.04 23:03:00 | 000,226,640 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
    SRV - [2008.01.21 04:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\PCASp50.sys -- (PCASp50)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys -- (Lavasoft Kernexplorer)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - [2010.05.31 20:32:58 | 000,385,880 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mfehidk.sys -- (mfehidk)
    DRV - [2010.05.31 20:32:58 | 000,312,616 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
    DRV - [2010.05.31 20:32:58 | 000,160,720 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
    DRV - [2010.05.31 20:32:58 | 000,152,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
    DRV - [2010.05.31 20:32:58 | 000,095,568 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
    DRV - [2010.05.31 20:32:58 | 000,083,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
    DRV - [2010.05.31 20:32:58 | 000,064,304 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
    DRV - [2010.05.31 20:32:58 | 000,055,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
    DRV - [2010.05.31 20:32:58 | 000,051,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
    DRV - [2010.03.11 09:36:26 | 000,024,192 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tcpipBM.sys -- (tcpipBM)
    DRV - [2010.03.11 09:36:24 | 000,013,184 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\BMLoad.sys -- (BMLoad)
    DRV - [2010.03.01 18:35:22 | 000,080,000 | ---- | M] (Vodafone) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vodafone_K3805-z_dc_enum.sys -- (vodafone_K3805-z_dc_enum)
    DRV - [2009.04.06 11:25:34 | 000,049,192 | ---- | M] (Dell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d553scard.sys -- (d553scard)
    DRV - [2009.03.31 16:28:14 | 000,394,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
    DRV - [2009.03.31 16:25:48 | 000,196,144 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
    DRV - [2009.02.02 17:21:30 | 000,142,848 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
    DRV - [2009.01.19 21:41:16 | 000,328,728 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
    DRV - [2009.01.18 19:27:28 | 000,235,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM13Vid.sys -- (OEM13Vid)
    DRV - [2009.01.18 19:27:24 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM13Vfx.sys -- (OEM13Vfx)
    DRV - [2009.01.18 17:50:54 | 007,415,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
    DRV - [2009.01.08 10:30:28 | 000,077,352 | ---- | M] (Dell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d553gps.sys -- (d553gps)
    DRV - [2009.01.08 05:55:00 | 000,051,616 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2mdg.sys -- (O2MDGRDR)
    DRV - [2009.01.08 05:55:00 | 000,041,760 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sdg.sys -- (O2SDGRDR)
    DRV - [2008.12.19 13:41:46 | 000,409,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d553mdm2.sys -- (d553mdm2)
    DRV - [2008.12.19 13:41:46 | 000,375,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d553unic.sys -- (d553unic) Dell Wireless 5530 HSPA Mobile Broadband Minicard NetworkAdapter (WDM)
    DRV - [2008.12.19 13:41:46 | 000,365,312 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d553mdm.sys -- (d553mdm)
    DRV - [2008.12.19 13:41:46 | 000,356,352 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d553card.sys -- (d553card)
    DRV - [2008.12.19 13:41:46 | 000,281,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d553bus.sys -- (d553bus) Dell Wireless 5530 HSPA Mobile Broadband Minicard Device driver (WDM)
    DRV - [2008.12.19 13:41:46 | 000,025,984 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d553nd5.sys -- (d553nd5) Dell Wireless 5530 HSPA Mobile Broadband Minicard NetworkAdapter (NDIS)
    DRV - [2008.12.19 13:41:46 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d553mdfl2.sys -- (d553mdfl2)
    DRV - [2008.12.19 13:41:46 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\d553mdfl.sys -- (d553mdfl)
    DRV - [2008.12.11 19:48:02 | 001,207,288 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
    DRV - [2008.12.11 19:47:16 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
    DRV - [2008.01.21 04:23:51 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
    DRV - [2008.01.21 04:23:51 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
    DRV - [2008.01.21 04:23:51 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
    DRV - [2008.01.21 04:23:51 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
    DRV - [2008.01.21 04:23:51 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
    DRV - [2008.01.21 04:23:50 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
    DRV - [2008.01.21 04:23:50 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
    DRV - [2008.01.21 04:23:50 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
    DRV - [2008.01.21 04:23:50 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
    DRV - [2008.01.21 04:23:49 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
    DRV - [2008.01.21 04:23:49 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
    DRV - [2008.01.21 04:23:49 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
    DRV - [2008.01.21 04:23:48 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
    DRV - [2008.01.21 04:23:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
    DRV - [2008.01.21 04:23:48 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
    DRV - [2008.01.21 04:23:47 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
    DRV - [2008.01.21 04:23:47 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
    DRV - [2008.01.21 04:23:47 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2008.01.21 04:23:46 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
    DRV - [2008.01.21 04:23:45 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
    DRV - [2008.01.21 04:23:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
    DRV - [2008.01.21 04:23:45 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
    DRV - [2008.01.21 04:23:45 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
    DRV - [2008.01.21 04:23:26 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
    DRV - [2008.01.21 04:23:26 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
    DRV - [2008.01.21 04:23:26 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
    DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
    DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
    DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
    DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
    DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
    DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
    DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
    DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
    DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
    DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
    DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
    DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
    DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
    DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
    DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
    DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
    DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
    DRV - [2006.11.02 09:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
     
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USSMB/8
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/USSMB/8
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.search.defaultenginename: "Secure Search"
    FF - prefs.js..browser.search.selectedEngine: "eBay"
    FF - prefs.js..browser.startup.homepage: "http://www.slotracing-forum.de/forum/recent.htm"
    FF - prefs.js..extensions.enabledItems: ff-bmboc@bytemobile.com:4.2.2
    FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.2
    FF - prefs.js..keyword.URL: "http://de.search.yahoo.com/search?fr=mcafee&p="
     
     
    FF - HKLM\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon\ [2010.08.31 13:39:23 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010.09.02 00:07:41 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.01 23:22:42 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.01 18:27:31 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.09.02 19:49:00 | 000,000,000 | ---D | M]
     
    [2010.09.01 18:29:24 | 000,000,000 | ---D | M] -- C:\Users\Slotracing Werk\AppData\Roaming\mozilla\Extensions
    [2010.09.04 22:27:52 | 000,000,000 | ---D | M] -- C:\Users\Slotracing Werk\AppData\Roaming\mozilla\Firefox\Profiles\lokpayc9.default\extensions
    [2010.09.01 18:38:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Slotracing Werk\AppData\Roaming\mozilla\Firefox\Profiles\lokpayc9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2010.09.01 18:58:12 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Slotracing Werk\AppData\Roaming\mozilla\Firefox\Profiles\lokpayc9.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    [2010.09.01 18:27:32 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
    [2010.05.31 20:32:58 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Programme\Mozilla Firefox\components\Scriptff.dll
    [2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
    [2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
    [2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
    [2010.09.02 12:56:46 | 000,002,027 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\McSiteAdvisor.xml
    [2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
    [2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
     
    O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1       localhost
    O1 - Hosts: ::1             localhost
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\McAfee\MSK\mskapbho.dll ()
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
    O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\Mcafee\SystemCore\ScriptSn.20100901232242.dll (McAfee, Inc.)
    O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
    O4 - HKLM..\Run: [ApplyEsf-eDocPrintPro] C:\Program Files\Common Files\MAYComputer\eDocPrintPro\ApplyEsf.exe (May Software)
    O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
    O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
    O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
    O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
    O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
    O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
    O4 - HKLM..\Run: [OEM13Mon.exe] C:\Windows\OEM13Mon.exe (Creative Technology Ltd.)
    O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [Dogui] C:\Users\Slotracing Werk\AppData\Roaming\Adobe\Update\dxcli.exe ()
    O4 - HKCU..\Run: [Getdo]  File not found
    O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
    O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe File not found
    O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
    O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
    O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
    O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
    O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
    O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
    O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Users\Slotracing Werk\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Slotracing Werk\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{22d4e674-9a12-11de-bede-028037ec0200}\Shell\AutoRun\command - "" = WDSetup.exe
    O33 - MountPoints2\{7e94a4ac-4864-11df-a8bf-028037ec0200}\Shell\AutoRun\command - "" = H:\InstallTomTomHOME.exe -- File not found
    O33 - MountPoints2\{7e94a50f-4864-11df-a8bf-028037ec0200}\Shell\AutoRun\command - "" = setup.exe
    O33 - MountPoints2\{913f7033-a353-11de-a5ea-028037ec0200}\Shell\AutoRun\command - "" = H:\Menu.exe -- File not found
    O33 - MountPoints2\H\Shell\AutoRun\command - "" = setup.exe
    O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2010.09.04 22:51:38 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\Slotracing Werk\Desktop\OTL.exe
    [2010.09.04 18:34:11 | 000,000,000 | ---D | C] -- C:\Users\Slotracing Werk\AppData\Local\Microsoft Corporation
    [2010.09.04 18:33:34 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Windows 7 Upgrade Advisor
    [2010.09.02 22:21:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
    [2010.09.02 17:52:50 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
    [2010.09.02 17:52:50 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
    [2010.09.02 17:49:27 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
    [2010.09.02 17:49:27 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
    [2010.09.02 17:46:05 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\watchdog.sys
    [2010.09.02 17:14:29 | 000,000,000 | ---D | C] -- C:\Dell Management Packs
    [2010.09.02 16:57:09 | 000,131,072 | ---- | C] (Dell, Inc.) -- C:\Windows\System32\DellSPMsg.dll
    [2010.09.02 16:56:24 | 018,553,464 | ---- | C] (Dell, Inc.) -- C:\Users\Slotracing Werk\AppData\Roaming\DSS_UTIL_WIN_R259999.EXE
    [2010.09.02 16:27:23 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
    [2010.09.02 00:58:19 | 000,000,000 | ---D | C] -- C:\Users\Slotracing Werk\AppData\Roaming\Uniblue
    [2010.09.02 00:09:56 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\MAYComputer
    [2010.09.01 19:19:26 | 000,000,000 | ---D | C] -- C:\Users\Slotracing Werk\AppData\Roaming\Malwarebytes
    [2010.09.01 19:19:18 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
    [2010.09.01 19:19:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2010.09.01 19:19:17 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
    [2010.09.01 19:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2010.09.01 18:47:44 | 000,000,000 | ---D | C] -- C:\Users\Slotracing Werk\AppData\Roaming\Talkback
    [2010.09.01 18:27:42 | 000,000,000 | ---D | C] -- C:\Users\Slotracing Werk\AppData\Roaming\Mozilla
    [2010.09.01 18:27:30 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
    [2010.08.31 19:33:19 | 000,000,000 | ---D | C] -- C:\Programme\SiteAdvisor
    [2010.08.31 19:32:30 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeclnk.sys
    [2010.08.31 19:32:16 | 000,312,616 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfefirek.sys
    [2010.08.31 19:32:16 | 000,160,720 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfewfpk.sys
    [2010.08.31 19:32:16 | 000,152,320 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys
    [2010.08.31 19:32:16 | 000,083,496 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdet.sys
    [2010.08.31 19:32:16 | 000,064,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfenlfk.sys
    [2010.08.31 19:32:16 | 000,055,456 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\cfwids.sys
    [2010.08.31 19:32:16 | 000,051,688 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys
    [2010.08.31 19:32:10 | 000,000,000 | ---D | C] -- C:\Windows\Temp
    [2010.08.31 19:32:10 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Mcafee
    [2010.08.31 19:32:09 | 000,000,000 | ---D | C] -- C:\Programme\McAfee.com
    [2010.08.31 19:32:08 | 000,000,000 | ---D | C] -- C:\Programme\McAfee
    [2010.08.31 18:52:56 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
    [2010.08.30 22:20:23 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
    [2010.08.30 21:29:28 | 000,000,000 | ---D | C] -- C:\mfe
    [2010.08.30 17:43:59 | 000,000,000 | ---D | C] -- C:\Users\Slotracing Werk\AppData\Local\Sunbelt Software
    [2010.08.30 17:43:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
    [2010.08.30 16:14:25 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
    [2010.08.30 16:14:19 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2010.08.30 16:14:18 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2010.08.30 16:13:50 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2010.08.30 16:13:50 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2010.08.30 16:13:50 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2010.08.30 16:13:49 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2010.08.30 16:13:49 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
    [2010.08.30 16:13:48 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2010.08.30 16:13:48 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2010.08.30 16:13:48 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2010.08.30 16:13:48 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2010.08.30 16:13:48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2010.08.30 16:13:48 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2010.08.30 16:13:48 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2010.08.30 16:13:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2010.08.30 16:13:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2010.08.30 16:13:47 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2010.08.30 16:13:41 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
    [2010.08.30 16:13:33 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
    [2010.08.29 20:20:45 | 000,000,000 | ---D | C] -- C:\Users\Slotracing Werk\AppData\Roaming\McAfee
    [6 C:\Users\Slotracing Werk\Documents\*.tmp files -> C:\Users\Slotracing Werk\Documents\*.tmp -> ]
    [1 C:\Users\Slotracing Werk\AppData\Local\*.tmp files -> C:\Users\Slotracing Werk\AppData\Local\*.tmp -> ]
     
    ========== Files - Modified Within 30 Days ==========
     
    [2010.09.04 22:52:10 | 003,932,160 | -HS- | M] () -- C:\Users\Slotracing Werk\NTUSER.DAT
    [2010.09.04 22:51:38 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Slotracing Werk\Desktop\OTL.exe
    [2010.09.04 22:40:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010.09.04 22:38:01 | 000,745,388 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010.09.04 22:38:01 | 000,626,780 | ---- | M] () -- C:\Windows\System32\perfh007.dat
    [2010.09.04 22:38:01 | 000,126,396 | ---- | M] () -- C:\Windows\System32\perfc007.dat
    [2010.09.04 22:38:01 | 000,004,696 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010.09.04 22:38:01 | 000,004,504 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010.09.04 22:31:02 | 000,001,737 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
    [2010.09.04 22:30:44 | 000,032,821 | ---- | M] () -- C:\ProgramData\nvModes.001
    [2010.09.04 22:30:40 | 000,032,821 | ---- | M] () -- C:\ProgramData\nvModes.dat
    [2010.09.04 22:30:37 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010.09.04 22:30:12 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2010.09.04 22:30:12 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2010.09.04 22:30:10 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010.09.04 22:30:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010.09.04 22:30:04 | 3213,856,768 | -HS- | M] () -- C:\hiberfil.sys
    [2010.09.04 22:29:18 | 000,524,288 | -HS- | M] () -- C:\Users\Slotracing Werk\NTUSER.DAT{90476e0d-8614-11df-8670-028037ec0200}.TMContainer00000000000000000001.regtrans-ms
    [2010.09.04 22:29:18 | 000,065,536 | -HS- | M] () -- C:\Users\Slotracing Werk\NTUSER.DAT{90476e0d-8614-11df-8670-028037ec0200}.TM.blf
    [2010.09.04 22:28:51 | 002,830,892 | -H-- | M] () -- C:\Users\Slotracing Werk\AppData\Local\IconCache.db
    [2010.09.04 21:21:01 | 001,147,380 | ---- | M] () -- C:\Users\Slotracing Werk\Documents\Northland-Schild.pdf
    [2010.09.04 18:21:27 | 000,000,466 | RHS- | M] () -- C:\ProgramData\ntuser.pol
    [2010.09.04 18:15:34 | 386,728,917 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2010.09.04 16:56:24 | 000,293,376 | ---- | M] () -- C:\Users\Slotracing Werk\Desktop\2wvhbbl2.exe
    [2010.09.04 15:28:11 | 000,002,687 | ---- | M] () -- C:\Users\Public\Desktop\Vodafone Mobile Connect.lnk
    [2010.09.04 10:25:00 | 000,002,637 | ---- | M] () -- C:\Users\Slotracing Werk\Desktop\Microsoft Office Word 2003.lnk
    [2010.09.02 23:33:28 | 000,038,400 | ---- | M] () -- C:\Users\Slotracing Werk\Desktop\Ergebnisliste 5l Rennen_die vom Chef.xls
    [2010.09.02 17:19:07 | 000,351,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010.09.02 16:57:07 | 018,553,464 | ---- | M] (Dell, Inc.) -- C:\Users\Slotracing Werk\AppData\Roaming\DSS_UTIL_WIN_R259999.EXE
    [2010.09.02 12:46:30 | 000,091,616 | ---- | M] () -- C:\Users\Slotracing Werk\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010.09.02 00:54:57 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
    [2010.09.02 00:54:57 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
    [2010.09.02 00:37:32 | 000,239,104 | ---- | M] () -- C:\Users\Slotracing Werk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010.09.02 00:14:21 | 000,000,462 | ---- | M] () -- C:\Users\Slotracing Werk\Desktop\Alice.lnk
    [2010.09.01 19:19:21 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.09.01 18:27:34 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\Firefox.lnk
    [2010.09.01 10:29:42 | 000,337,920 | ---- | M] () -- C:\Users\Slotracing Werk\Documents\Werkschassis DSC II.doc
    [2010.08.31 18:51:59 | 000,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest
    [2010.08.31 08:26:19 | 000,004,096 | -H-- | M] () -- C:\Users\Slotracing Werk\AppData\Local\keyfile3.drm
    [2010.08.30 22:38:16 | 001,108,252 | ---- | M] () -- C:\Users\Slotracing Werk\Documents\091124_SpeedWeek.pdf
    [2010.08.30 22:20:23 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
    [2010.08.30 12:43:29 | 003,932,160 | -HS- | M] () -- C:\Users\Slotracing Werk\ntuser.dat_previous
    [2010.08.29 20:01:47 | 000,710,396 | ---- | M] () -- C:\Users\Slotracing Werk\Documents\Audi_vs_Slotracingwerk_brief vom 23.08.2010.pdf
    [2010.08.29 18:53:27 | 000,519,643 | ---- | M] () -- C:\Users\Slotracing Werk\Documents\053270810.jpg
    [2010.08.28 13:05:54 | 000,556,032 | ---- | M] () -- C:\Users\Slotracing Werk\Documents\Kindergeburtstag.doc
    [2010.08.22 23:12:51 | 000,036,352 | ---- | M] () -- C:\Users\Slotracing Werk\Documents\Vorbericht zum 5l Summerinight Race.doc
    [2010.08.22 17:32:13 | 000,024,064 | ---- | M] () -- C:\Users\Slotracing Werk\Documents\Pokale 5l Summernight race.doc
    [2010.08.21 01:59:13 | 000,058,215 | ---- | M] () -- C:\Users\Slotracing Werk\Documents\30930T1 - Angebot-2.pdf
    [2010.08.19 22:24:52 | 000,016,896 | ---- | M] () -- C:\Users\Slotracing Werk\Documents\koslotparts liste.xls
    [2010.08.19 10:34:14 | 000,020,225 | ---- | M] () -- C:\Users\Slotracing Werk\Documents\dscIIChassis.pdf
    [2010.08.16 12:39:50 | 000,032,256 | ---- | M] () -- C:\Users\Slotracing Werk\Documents\unlackierte Karossen bestellung Slotracing Werk.xls
    [6 C:\Users\Slotracing Werk\Documents\*.tmp files -> C:\Users\Slotracing Werk\Documents\*.tmp -> ]
    [1 C:\Users\Slotracing Werk\AppData\Local\*.tmp files -> C:\Users\Slotracing Werk\AppData\Local\*.tmp -> ]
     
    ========== Files Created - No Company Name ==========
     
    [2010.09.04 21:21:01 | 001,147,380 | ---- | C] () -- C:\Users\Slotracing Werk\Documents\Northland-Schild.pdf
    [2010.09.04 16:56:24 | 000,293,376 | ---- | C] () -- C:\Users\Slotracing Werk\Desktop\2wvhbbl2.exe
    [2010.09.04 15:30:36 | 3213,856,768 | -HS- | C] () -- C:\hiberfil.sys
    [2010.09.02 00:53:28 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
    [2010.09.02 00:53:28 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
    [2010.09.02 00:14:21 | 000,000,462 | ---- | C] () -- C:\Users\Slotracing Werk\Desktop\Alice.lnk
    [2010.09.01 19:19:21 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.09.01 18:27:34 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\Firefox.lnk
    [2010.09.01 10:12:49 | 000,337,920 | ---- | C] () -- C:\Users\Slotracing Werk\Documents\Werkschassis DSC II.doc
    [2010.09.01 10:00:25 | 000,002,637 | ---- | C] () -- C:\Users\Slotracing Werk\Desktop\Microsoft Office Word 2003.lnk
    [2010.08.31 19:33:42 | 000,001,737 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
    [2010.08.31 13:39:45 | 000,002,687 | ---- | C] () -- C:\Users\Public\Desktop\Vodafone Mobile Connect.lnk
    [2010.08.30 22:38:15 | 001,108,252 | ---- | C] () -- C:\Users\Slotracing Werk\Documents\091124_SpeedWeek.pdf
    [2010.08.29 20:01:47 | 000,710,396 | ---- | C] () -- C:\Users\Slotracing Werk\Documents\Audi_vs_Slotracingwerk_brief vom 23.08.2010.pdf
    [2010.08.29 18:53:27 | 000,519,643 | ---- | C] () -- C:\Users\Slotracing Werk\Documents\053270810.jpg
    [2010.08.28 18:30:35 | 000,038,400 | ---- | C] () -- C:\Users\Slotracing Werk\Desktop\Ergebnisliste 5l Rennen_die vom Chef.xls
    [2010.08.28 13:05:54 | 000,556,032 | ---- | C] () -- C:\Users\Slotracing Werk\Documents\Kindergeburtstag.doc
    [2010.08.22 20:59:03 | 000,036,352 | ---- | C] () -- C:\Users\Slotracing Werk\Documents\Vorbericht zum 5l Summerinight Race.doc
    [2010.08.22 17:32:09 | 000,024,064 | ---- | C] () -- C:\Users\Slotracing Werk\Documents\Pokale 5l Summernight race.doc
    [2010.08.21 01:59:13 | 000,058,215 | ---- | C] () -- C:\Users\Slotracing Werk\Documents\30930T1 - Angebot-2.pdf
    [2010.08.19 22:24:52 | 000,016,896 | ---- | C] () -- C:\Users\Slotracing Werk\Documents\koslotparts liste.xls
    [2010.08.19 10:34:12 | 000,020,225 | ---- | C] () -- C:\Users\Slotracing Werk\Documents\dscIIChassis.pdf
    [2010.08.16 12:39:50 | 000,032,256 | ---- | C] () -- C:\Users\Slotracing Werk\Documents\unlackierte Karossen bestellung Slotracing Werk.xls
    [2010.07.21 01:40:26 | 000,000,466 | RHS- | C] () -- C:\ProgramData\ntuser.pol
    [2010.04.19 22:21:50 | 000,020,992 | ---- | C] () -- C:\Windows\jestertb.dll
    [2010.03.15 19:15:34 | 000,156,430 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
    [2009.11.11 21:38:31 | 000,004,096 | -H-- | C] () -- C:\Users\Slotracing Werk\AppData\Local\keyfile3.drm
    [2009.10.10 00:01:06 | 000,008,704 | ---- | C] () -- C:\Windows\System32\CNMVS74.DLL
    [2009.09.11 10:26:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009.08.27 21:37:32 | 000,000,660 | ---- | C] () -- C:\Windows\ODBC.INI
    [2009.08.27 21:24:20 | 000,032,821 | ---- | C] () -- C:\ProgramData\nvModes.001
    [2009.08.27 21:17:41 | 000,000,064 | ---- | C] () -- C:\Windows\WSsaver.ini
    [2009.08.27 21:17:38 | 000,000,143 | ---- | C] () -- C:\Windows\NMV.INI
    [2009.08.27 21:16:11 | 000,239,104 | ---- | C] () -- C:\Users\Slotracing Werk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009.08.27 19:23:51 | 000,032,821 | ---- | C] () -- C:\ProgramData\nvModes.dat
    [2009.08.20 22:43:32 | 000,055,808 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
    [2009.04.09 15:47:02 | 000,013,824 | ---- | C] () -- C:\Windows\System32\CallSimReader.dll
    [2009.04.09 15:46:02 | 000,055,808 | ---- | C] () -- C:\Windows\System32\SimReader.dll
    [2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
    [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
    < End of report >

  5. #5
    Moderator (global) Team-Mitglied Avatar von Speedy
    Registriert seit
    07.08.2004
    Ort
    Linz
    Beiträge
    23.588

    AW: FF und TB(keine Rückmeldung)-Windows fährt nach einer Minute runter,etc.

    Bitte die hier in der Codebox angeführten Dateien bei einem der verlinkten Onlinecanner (1-5) überprüfen lassen, Logfiles je nach Anleitung des Onlinescanners posten.
    Code:
    C:\Users\Slotracing Werk\AppData\Roaming\Adobe\Update\dxcli.exe
    C:\Windows\OEM13Mon.exe
    C:\Users\Slotracing Werk\Desktop\Virus Removal Tool\setup_9.0.0.722_01.09.2010_10-16\setup_9.0.0.722_01.09.2010_10-16.exe
    C:\Users\Slotracing Werk\Desktop\2wvhbbl2.exe
    C:\Windows\jestertb.dll
    C:\Windows\System32\CNMVS74.DLL
    • Download von Bobbi Fleckman das Tool RegSearch auf deinen Desktop
    • Entpacke das Tool hier auf dem Desktop (Entpacker-Tools)
    • Starte nun das Tool mit einem Doppelklick auf die Datei regsearch.exe
      Vista und Windows7 User klicken mit der rechten Maustaste auf die Datei hjtscanlist.bat und wählen aus dem Menü (als Administrator ausführen
    • Gib im oberen der Eingabefelder, in jede einzelne Zeile, einen der nachfolgenden Dateinamen aus der Codebox ein.
      Code:
      Getdo
    • Starte, wenn du alle Dateinamen eingegeben hast mit [Return] die Suche (dies kann etwas dauern -> bis 10 Minuten)
    • Wenn die Suche beendet ist, wird ein Logfile erstellt, den gesamten Inhalt markieren "Strg +a", kopieren "Strg+c", hier im Forum im Eingabefeld einfügen "Strg +v"
    • Vor dem Speichern im Forum den Text um die Code Tags erweitern.


    Erstelle mit HjtScanList von Mopao ein Logfile, verwende neben der Einstellung deines OS (XP oder Vista (Windows7) die 1 (XPScanlist oder Vistascanlist).
    lg
    www.Speedyweb.at.tf
    Die Durchführung meiner Tipps erfolgt auf eigene Verantwortung!
    HijackThis (Downloads und Anleitungen z.B. was ist fixen usw.)
    HijackThis-Chat oder willst du hier mitmachen Stellenausschreibung
    hilfestellung zur systembereinigung nur über das öffentliche forum und keinesfalls über privatnachrichten oder email !!

  6. #6
    Forenbenutzer
    Registriert seit
    04.09.2010
    Beiträge
    46

    AW: FF und TB(keine Rückmeldung)-Windows fährt nach einer Minute runter,etc.

    Virus Total
    Code:
    File name:
    virustotal.txt
    Submission date:
    2010-09-04 21:29:50 (UTC)
    Current status:
    queued (#12) queued analysing finished
    Result:
    0/ 43 (0.0%)
    	
    VT Community
    
    not reviewed
     Safety score: - 
    Compact
    Print results
    Antivirus 	Version 	Last Update 	Result
    AhnLab-V3	2010.09.05.00	2010.09.04	-
    AntiVir	8.2.4.50	2010.09.03	-
    Antiy-AVL	2.0.3.7	2010.09.03	-
    Authentium	5.2.0.5	2010.09.04	-
    Avast	4.8.1351.0	2010.09.04	-
    Avast5	5.0.594.0	2010.09.04	-
    AVG	9.0.0.851	2010.09.04	-
    BitDefender	7.2	2010.09.04	-
    CAT-QuickHeal	11.00	2010.09.03	-
    ClamAV	0.96.2.0-git	2010.09.04	-
    Comodo	5970	2010.09.04	-
    DrWeb	5.0.2.03300	2010.09.04	-
    Emsisoft	5.0.0.37	2010.09.04	-
    eSafe	7.0.17.0	2010.09.01	-
    eTrust-Vet	36.1.7835	2010.09.03	-
    F-Prot	4.6.1.107	2010.09.01	-
    F-Secure	9.0.15370.0	2010.09.04	-
    Fortinet	4.1.143.0	2010.09.04	-
    GData	21	2010.09.04	-
    Ikarus	T3.1.1.88.0	2010.09.04	-
    Jiangmin	13.0.900	2010.09.04	-
    K7AntiVirus	9.63.2442	2010.09.04	-
    Kaspersky	7.0.0.125	2010.09.04	-
    McAfee	5.400.0.1158	2010.09.04	-
    McAfee-GW-Edition	2010.1B	2010.09.04	-
    Microsoft	1.6103	2010.09.04	-
    NOD32	5423	2010.09.04	-
    Norman	6.05.11	2010.09.04	-
    nProtect	2010-09-04.01	2010.09.04	-
    Panda	10.0.2.7	2010.09.04	-
    PCTools	7.0.3.5	2010.09.04	-
    Prevx	3.0	2010.09.04	-
    Rising	22.63.05.01	2010.09.04	-
    Sophos	4.57.0	2010.09.04	-
    Sunbelt	6831	2010.09.04	-
    SUPERAntiSpyware	4.40.0.1006	2010.09.04	-
    Symantec	20101.1.1.7	2010.09.04	-
    TheHacker	6.5.2.1.364	2010.09.04	-
    TrendMicro	9.120.0.1004	2010.09.04	-
    TrendMicro-HouseCall	9.120.0.1004	2010.09.04	-
    VBA32	3.12.14.0	2010.09.03	-
    ViRobot	2010.8.31.4017	2010.09.04	-
    VirusBuster	12.64.17.1	2010.09.04	-
    Additional information
    Show all
    MD5   : b3018731cb65cdb292c1220113efdae9
    SHA1  : f28ab0519e28beca0b46a44dd7b031791307902a
    SHA256: b3aa980af3fd8e164f1e84214a83e45a528100b0b2a4d13d153b73a04ee3d223
    ssdeep: 12:QmDjj7MJX+ZslQlEjbThH24ve1Jh4ve12JjbPbIk+S+UcQID:Qm7Ap+ZZ4xH2IkIhwk+S+/Q
    y
    File size : 634 bytes
    First seen: 2010-09-04 21:29:50
    Last seen : 2010-09-04 21:29:50
    TrID:
    Text - UTF-16 (LE) encoded (64.4%)
    MP3 audio (32.2%)
    Lumena CEL bitmap (2.0%)
    Corel Photo Paint (1.3%)
    sigcheck:
    publisher....: n/a
    copyright....: n/a
    product......: n/a
    description..: n/a
    original name: n/a
    internal name: n/a
    file version.: n/a
    comments.....: n/a
    signers......: -
    signing date.: -
    verified.....: Unsigned
    packers (F-Prot): Unicode
    
    VT Community
    
    0
    
        This file has never been reviewed by any VT Community member. Be the first one to comment on it! 
    
    VirusTotal Team
    Die anderen beiden kommen gleich, ich habe Angst das FF keine Rückmeldung oder Windows wieder nach ner Minute runter fährt macht und der Text dann umsonst getippt war

  7. #7
    Forenbenutzer
    Registriert seit
    04.09.2010
    Beiträge
    46

    AW: FF und TB(keine Rückmeldung)-Windows fährt nach einer Minute runter,etc.

    Regsearch!
    Code:
    Windows Registry Editor Version 5.00
    
    ; Registry Search 2.0 by Bobbi Flekman © 2005
    ; Version: 2.0.6.0
    
    ; Results at 04.09.2010 23:39:17 for strings:
    ;  'getdo'
    ;  'getdo'
    ;  'getdo'
    ; Strings excluded from search:
    ;  (None)
    ; Search in: 
    ; Registry Keys  Registry Values  Registry Data  
    ; HKEY_LOCAL_MACHINE  HKEY_USERS  
    
    
    [HKEY_USERS\S-1-5-21-3264313630-3715183079-3412690908-1000\Software\Microsoft\Windows\CurrentVersion\Run]
    "Getdo"=""
    
    ; End Of The Log...

  8. #8
    Forenbenutzer
    Registriert seit
    04.09.2010
    Beiträge
    46

    AW: FF und TB(keine Rückmeldung)-Windows fährt nach einer Minute runter,etc.

    HjtScanlist

    Code:
     
                            $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                            º                                    º 
                                        hjtscanlist v2.0              
                            º                                    º 
                            $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
    
    Microsoft Windows [Version 6.0.6002]
     
     
    C:
    
           C:\hiberfil.sys ---------    
           C:\pagefile.sys ---------    
      04.09.2010 21:51     C:\Program Files --------- 28672   
      04.09.2010 21:49     C:\System Volume Information --------- 20480   
      04.09.2010 18:21     C:\ProgramData --------- 8192   
      04.09.2010 18:15     C:\Windows --------- 32768   
      04.09.2010 15:30     C:\aaw7boot.log --------- 6733   
      02.09.2010 17:14     C:\Dell Management Packs --------- 0   
      02.09.2010 16:57     C:\DELL --------- 8192   
      31.08.2010 13:42     C:\debug1214.txt --------- 37596   
      30.08.2010 21:29     C:\mfe --------- 0   
      13.09.2009 03:15     C:\boot --------- 4096   
      02.09.2009 23:41     C:\CanoScan --------- 0   
      31.08.2009 20:54     C:\Perl --------- 4096   
      28.08.2009 01:38     C:\totalcmd --------- 4096   
      27.08.2009 21:17     C:\IO.SYS --------- 0   
      27.08.2009 21:17     C:\MSDOS.SYS --------- 0   
      27.08.2009 18:22     C:\$Recycle.Bin --------- 0   
      27.08.2009 18:22     C:\Users --------- 4096   
      27.08.2009 18:19     C:\Programme --------- 0   
      27.08.2009 18:19     C:\Dokumente und Einstellungen --------- 0   
      21.08.2009 01:21     C:\dell.sdr --------- 3208   
      20.08.2009 22:43     C:\Documents and Settings --------- 0   
      29.07.2009 11:15     C:\Drivers --------- 0   
      29.07.2009 07:09     C:\EFI --------- 0   
      11.04.2009 08:36     C:\bootmgr --------- 333257   
      21.01.2008 04:33     C:\PerfLogs --------- 0   
      18.09.2006 23:43     C:\config.sys --------- 10   
      18.09.2006 23:43     C:\autoexec.bat --------- 24   
    ----------------------------------------
    
     
    C:\Windows
    
      04.09.2010 22:34     C:\Windows\WindowsUpdate.log --------- 1316968   
      04.09.2010 22:30     C:\Windows\bootstat.dat --------- 67584   
      04.09.2010 18:15     C:\Windows\MEMORY.DMP --------- 386728917   
      04.09.2010 15:28     C:\Windows\ntbtlog.txt --------- 253412   
      02.09.2010 17:20     C:\Windows\setupact.log --------- 2905   
      02.09.2010 17:18     C:\Windows\PFRO.log --------- 161442   
      02.09.2010 00:54     C:\Windows\diagwrn.xml --------- 1905   
      02.09.2010 00:54     C:\Windows\diagerr.xml --------- 1905   
      02.09.2010 00:53     C:\Windows\setuperr.log --------- 0   
      31.08.2010 18:51     C:\Windows\WindowsShell.Manifest --------- 749   
      19.04.2010 22:21     C:\Windows\jestertb.dll --------- 20992   
      03.04.2010 11:59     C:\Windows\ODBCINST.INI --------- 1644   
      03.04.2010 11:59     C:\Windows\ODBC.INI --------- 660   
      03.04.2010 11:58     C:\Windows\Setup1.exe --------- 290816   
      03.04.2010 11:58     C:\Windows\ST6UNST.EXE --------- 74752   
      05.09.2009 10:34     C:\Windows\ie8_main.log --------- 4144   
      31.08.2009 00:50     C:\Windows\system.ini --------- 252   
      28.08.2009 00:47     C:\Windows\SuperMailer_Uninstall.in --------- 3295   
      27.08.2009 23:39     C:\Windows\nsreg.dat --------- 0   
      27.08.2009 21:37     C:\Windows\win.ini --------- 240   
      27.08.2009 21:17     C:\Windows\WSsaver.ini --------- 64   
      27.08.2009 21:17     C:\Windows\NMV.INI --------- 143   
      21.08.2009 01:21     C:\Windows\csup.txt --------- 12   
      20.08.2009 23:37     C:\Windows\DtcInstall.log --------- 4809   
      20.08.2009 23:27     C:\Windows\DirectX.log --------- 29425   
      20.08.2009 22:53     C:\Windows\xpsp1hfm.log --------- 1365   
      20.08.2009 22:44     C:\Windows\bcmwl.log --------- 18052   
      20.08.2009 22:43     C:\Windows\CT4CET.bin --------- 75   
      20.08.2009 22:41     C:\Windows\ocsetup_install_OEMHelpCustomization.etl --------- 82968576   
      20.08.2009 22:41     C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.perf --------- 196608   
      20.08.2009 22:41     C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.dpx --------- 65536   
      20.08.2009 17:27     C:\Windows\TSSysprep.log --------- 3652   
      19.08.2009 12:14     C:\Windows\SMUn.EXE --------- 331136   
      11.04.2009 08:27     C:\Windows\explorer.exe --------- 2926592   
      18.01.2009 19:27     C:\Windows\OEM13Mon.exe --------- 36864   
      18.01.2009 19:27     C:\Windows\OEM13Cfg.exe --------- 28672   
      18.01.2009 19:27     C:\Windows\OEM013.uns --------- 4505   
      18.01.2009 19:27     C:\Windows\CtDrvIns.exe --------- 90112   
      05.12.2008 07:19     C:\Windows\WLXPGSS.SCR --------- 308584   
      08.08.2008 07:04     C:\Windows\UC.PIF --------- 545   
      08.08.2008 07:04     C:\Windows\LHA.PIF --------- 545   
      08.08.2008 07:04     C:\Windows\PKUNZIP.PIF --------- 545   
      08.08.2008 07:04     C:\Windows\NOCLOSE.PIF --------- 545   
      08.08.2008 07:04     C:\Windows\RAR.PIF --------- 545   
      08.08.2008 07:04     C:\Windows\PKZIP.PIF --------- 545   
      08.08.2008 07:04     C:\Windows\ARJ.PIF --------- 545   
      21.01.2008 04:25     C:\Windows\regedit.exe --------- 134656   
      21.01.2008 04:25     C:\Windows\bfsvc.exe --------- 58880   
      21.01.2008 04:24     C:\Windows\fveupdate.exe --------- 13312   
      21.01.2008 04:24     C:\Windows\HelpPane.exe --------- 498176   
      21.01.2008 04:24     C:\Windows\notepad.exe --------- 151040   
      02.11.2006 14:47     C:\Windows\SETUPAPI.LOG --------- 94   
      02.11.2006 14:36     C:\Windows\WMSysPr9.prx --------- 316640   
      02.11.2006 14:35     C:\Windows\twunk_32.exe --------- 31232   
      02.11.2006 14:35     C:\Windows\twunk_16.exe --------- 49680   
      02.11.2006 14:35     C:\Windows\twain_32.dll --------- 50688   
      02.11.2006 14:35     C:\Windows\twain.dll --------- 94784   
      02.11.2006 11:45     C:\Windows\winhlp32.exe --------- 9216   
      02.11.2006 11:45     C:\Windows\hh.exe --------- 14848   
      02.11.2006 09:46     C:\Windows\mib.bin --------- 43131   
      19.09.2006 13:41     C:\Windows\Business.xml --------- 4261   
      18.09.2006 23:43     C:\Windows\_default.pif --------- 707   
      18.09.2006 23:43     C:\Windows\winhelp.exe --------- 256192   
      18.09.2006 23:30     C:\Windows\msdfmap.ini --------- 1405   
      19.10.1998 15:00     C:\Windows\Werner.scr --------- 4558848   
      22.01.1997 16:34     C:\Windows\IsUninst.exe --------- 312320   
    ----------------------------------------
    
     
    C:\Windows\System
    
     02.11.2006 14:35      C:\Windows\System\mciseq.drv --------- 25264 
     02.11.2006 14:35      C:\Windows\System\mciwave.drv --------- 28160 
     02.11.2006 14:35      C:\Windows\System\avifile.dll --------- 109456 
     02.11.2006 14:35      C:\Windows\System\mciavi.drv --------- 73376 
     02.11.2006 14:35      C:\Windows\System\avicap.dll --------- 69584 
     02.11.2006 14:35      C:\Windows\System\msvideo.dll --------- 126912 
     02.11.2006 09:10      C:\Windows\System\OLESVR.DLL --------- 24064 
     02.11.2006 09:10      C:\Windows\System\WFWNET.DRV --------- 12704 
     02.11.2006 09:10      C:\Windows\System\COMMDLG.DLL --------- 32816 
     02.11.2006 09:10      C:\Windows\System\TIMER.DRV --------- 4048 
     02.11.2006 09:10      C:\Windows\System\MMSYSTEM.DLL --------- 68992 
     02.11.2006 09:10      C:\Windows\System\mmtask.tsk --------- 1152 
     02.11.2006 09:10      C:\Windows\System\mouse.drv --------- 2032 
     02.11.2006 09:10      C:\Windows\System\vga.drv --------- 2176 
     02.11.2006 09:10      C:\Windows\System\sound.drv --------- 1744 
     02.11.2006 09:10      C:\Windows\System\keyboard.drv --------- 2000 
     02.11.2006 09:10      C:\Windows\System\SHELL.DLL --------- 5120 
     02.11.2006 09:10      C:\Windows\System\system.drv --------- 3360 
     18.09.2006 23:43      C:\Windows\System\ver.dll --------- 9008 
     18.09.2006 23:43      C:\Windows\System\olecli.dll --------- 82944 
     18.09.2006 23:43      C:\Windows\System\lzexpand.dll --------- 9936 
     18.09.2006 23:35      C:\Windows\System\stdole.tlb --------- 5532 
    ----------------------------------------
    
     
    C:\Windows\System32
    
     04.09.2010 23:45     C:\Windows\system32\hjtscanlist.txt --------- 8095  
     04.09.2010 22:38     C:\Windows\system32\perfh009.dat --------- 4696  
     04.09.2010 22:38     C:\Windows\system32\perfc009.dat --------- 4504  
     04.09.2010 22:38     C:\Windows\system32\perfh007.dat --------- 626780  
     04.09.2010 22:38     C:\Windows\system32\perfc007.dat --------- 126396  
     04.09.2010 22:38     C:\Windows\system32\PerfStringBackup.INI --------- 745388  
     04.09.2010 22:30     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3744  
     04.09.2010 22:30     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3744  
     04.09.2010 22:28     C:\Windows\system32\drivers --------- 65536  
     04.09.2010 21:49     C:\Windows\system32\catroot2 --------- 4096  
     04.09.2010 15:45     C:\Windows\system32\Tasks --------- 4096  
     02.09.2010 17:57     C:\Windows\system32\migration --------- 0  
     02.09.2010 17:56     C:\Windows\system32\catroot --------- 16384  
     02.09.2010 17:19     C:\Windows\system32\FNTCACHE.DAT --------- 351432  
     02.09.2010 01:12     C:\Windows\system32\config --------- 12288  
     31.08.2010 13:34     C:\Windows\system32\appmgmt --------- 0  
     31.08.2010 09:13     C:\Windows\system32\FxsTmp --------- 0  
     30.08.2010 21:14     C:\Windows\system32\Microsoft --------- 0  
     30.08.2010 12:44     C:\Windows\system32\wbem --------- 65536  
     30.08.2010 12:43     C:\Windows\system32\spool --------- 4096  
     21.08.2010 11:12     C:\Windows\system32\WDI --------- 8192  
     03.08.2010 11:09     C:\Windows\system32\mrt.exe --------- 35962312  
     26.07.2010 17:51     C:\Windows\system32\shell32.dll --------- 11584512  
     21.07.2010 01:40     C:\Windows\system32\GroupPolicy --------- 0  
     28.06.2010 23:19     C:\Windows\system32\eDocPort.dll --------- 606208  
     28.06.2010 20:11     C:\Windows\system32\psconvert.dll --------- 159744  
     26.06.2010 13:27     C:\Windows\system32\en-US --------- 8192  
     26.06.2010 08:05     C:\Windows\system32\wininet.dll --------- 916480  
     26.06.2010 08:05     C:\Windows\system32\urlmon.dll --------- 1210368  
     26.06.2010 08:04     C:\Windows\system32\occache.dll --------- 206848  
     26.06.2010 08:03     C:\Windows\system32\mstime.dll --------- 611840  
     26.06.2010 08:03     C:\Windows\system32\mshtml.dll --------- 5951488  
     26.06.2010 08:03     C:\Windows\system32\msfeeds.dll --------- 599040  
     26.06.2010 08:03     C:\Windows\system32\msfeedsbs.dll --------- 55296  
     26.06.2010 08:02     C:\Windows\system32\jsproxy.dll --------- 25600  
     26.06.2010 08:02     C:\Windows\system32\inetcpl.cpl --------- 1469440  
     26.06.2010 08:02     C:\Windows\system32\ieui.dll --------- 164352  
     26.06.2010 08:02     C:\Windows\system32\iesysprep.dll --------- 109056  
     26.06.2010 08:02     C:\Windows\system32\iesetup.dll --------- 71680  
     26.06.2010 08:02     C:\Windows\system32\iertutil.dll --------- 1986560  
     26.06.2010 08:02     C:\Windows\system32\iernonce.dll --------- 55808  
     26.06.2010 08:02     C:\Windows\system32\iepeers.dll --------- 184320  
     26.06.2010 08:02     C:\Windows\system32\ieframe.dll --------- 11077120  
     26.06.2010 08:02     C:\Windows\system32\iedkcs32.dll --------- 387584  
     26.06.2010 06:25     C:\Windows\system32\ieUnatt.exe --------- 133632  
     26.06.2010 06:24     C:\Windows\system32\ie4uinit.exe --------- 173056  
     26.06.2010 06:24     C:\Windows\system32\msfeedssync.exe --------- 13312  
     26.06.2010 06:23     C:\Windows\system32\mshtml.tlb --------- 1638912  
     21.06.2010 15:37     C:\Windows\system32\win32k.sys --------- 2037760  
     18.06.2010 19:31     C:\Windows\system32\rtutils.dll --------- 36864  
     11.06.2010 18:16     C:\Windows\system32\schannel.dll --------- 274944  
     11.06.2010 18:15     C:\Windows\system32\msxml3.dll --------- 1248768  
     08.06.2010 19:35     C:\Windows\system32\ntoskrnl.exe --------- 3548040  
     08.06.2010 19:35     C:\Windows\system32\ntkrnlpa.exe --------- 3600768  
     27.05.2010 22:08     C:\Windows\system32\iccvid.dll --------- 81920  
     26.05.2010 19:06     C:\Windows\system32\atmlib.dll --------- 34304  
     26.05.2010 16:47     C:\Windows\system32\atmfd.dll --------- 289792  
     26.05.2010 15:35     C:\Windows\system32\de-DE --------- 327680  
     21.05.2010 14:14     C:\Windows\system32\MpSigStub.exe --------- 221568  
     27.04.2010 20:40     C:\Windows\system32\pxafs.dll --------- 133616  
     27.04.2010 20:40     C:\Windows\system32\pxwave.dll --------- 440816  
     27.04.2010 20:40     C:\Windows\system32\pxinsa64.exe --------- 68592  
     27.04.2010 20:40     C:\Windows\system32\vxblock.dll --------- 100848  
     27.04.2010 20:40     C:\Windows\system32\pxhpinst.exe --------- 72176  
     27.04.2010 20:40     C:\Windows\system32\pxcpya64.exe --------- 68080  
     27.04.2010 20:40     C:\Windows\system32\pxsfs.dll --------- 2120176  
     27.04.2010 20:40     C:\Windows\system32\pxmas.dll --------- 219632  
     27.04.2010 20:40     C:\Windows\system32\pxdrv.dll --------- 567792  
     27.04.2010 20:40     C:\Windows\system32\pxinsi64.exe --------- 126448  
     27.04.2010 20:40     C:\Windows\system32\px.dll --------- 698864  
     27.04.2010 20:40     C:\Windows\system32\pxcpyi64.exe --------- 123888  
     27.04.2010 07:54     C:\Windows\system32\CodeIntegrity --------- 0  
     23.04.2010 16:13     C:\Windows\system32\tzres.dll --------- 2048  
     16.04.2010 18:43     C:\Windows\system32\Apphlpdm.dll --------- 28672  
     16.04.2010 16:39     C:\Windows\system32\GameUXLegacyGDFs.dll --------- 4240384  
     05.04.2010 19:01     C:\Windows\system32\asycfilt.dll --------- 67072  
     18.03.2010 13:16     C:\Windows\system32\msvcr100_clr0400.dll --------- 771424  
     15.03.2010 19:15     C:\Windows\system32\WwanCoreSdk.dll --------- 2603552  
     15.03.2010 19:15     C:\Windows\system32\Diagnostic.dll --------- 141856  
     11.03.2010 09:36     C:\Windows\system32\bmutil.dll --------- 724608  
     11.03.2010 09:36     C:\Windows\system32\bminstall.dll --------- 316544  
     11.03.2010 09:36     C:\Windows\system32\bmdumpd.bin --------- 132224  
     05.03.2010 16:01     C:\Windows\system32\vbscript.dll --------- 420352  
     01.03.2010 18:17     C:\Windows\system32\wdfcoinstaller01009.dll --------- 1461992  
     21.02.2010 01:06     C:\Windows\system32\nshhttp.dll --------- 24064  
     21.02.2010 01:05     C:\Windows\system32\httpapi.dll --------- 30720  
     18.02.2010 15:30     C:\Windows\system32\iphlpsvc.dll --------- 200704  
     12.02.2010 12:32     C:\Windows\system32\browserchoice.exe --------- 293376  
     29.01.2010 17:40     C:\Windows\system32\inetcomm.dll --------- 738816  
     25.01.2010 14:00     C:\Windows\system32\secproc_ssp_isv.dll --------- 152576  
     25.01.2010 14:00     C:\Windows\system32\secproc_ssp.dll --------- 152064  
     25.01.2010 14:00     C:\Windows\system32\secproc_isv.dll --------- 471552  
     25.01.2010 14:00     C:\Windows\system32\secproc.dll --------- 471552  
     25.01.2010 13:58     C:\Windows\system32\msdrm.dll --------- 332288  
     25.01.2010 10:21     C:\Windows\system32\RMActivate_ssp_isv.exe --------- 346624  
     25.01.2010 10:21     C:\Windows\system32\RMActivate_isv.exe --------- 526336  
     25.01.2010 10:21     C:\Windows\system32\RMActivate_ssp.exe --------- 347136  
     25.01.2010 10:21     C:\Windows\system32\RMActivate.exe --------- 518144  
     21.01.2010 17:05     C:\Windows\system32\l3codeca.acm --------- 62464  
     13.01.2010 19:34     C:\Windows\system32\cabview.dll --------- 98304  
    ----------------------------------------
    
     
    C:\Windows\Prefetch
    
     04.09.2010 23:45     C:\Windows\Prefetch\CMD.EXE-0BD30981.pf --------- 5294  
     04.09.2010 23:45     C:\Windows\Prefetch\TASKENG.EXE-35FA9C06.pf --------- 18424  
     04.09.2010 23:44     C:\Windows\Prefetch\CONIME.EXE-7C90FA24.pf --------- 17308  
     04.09.2010 23:44     C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-44162447.pf --------- 18384  
     04.09.2010 23:44     C:\Windows\Prefetch\DLLHOST.EXE-6389524F.pf --------- 19196  
     04.09.2010 23:43     C:\Windows\Prefetch\DLLHOST.EXE-4B6CB38A.pf --------- 19004  
     04.09.2010 23:43     C:\Windows\Prefetch\WERFAULT.EXE-155C56CF.pf --------- 194010  
     04.09.2010 23:43     C:\Windows\Prefetch\VERCLSID.EXE-AB0FD091.pf --------- 29120  
     04.09.2010 23:42     C:\Windows\Prefetch\MCUPDATE.EXE-8E5BB827.pf --------- 61466  
     04.09.2010 23:41     C:\Windows\Prefetch\NOTEPAD.EXE-C5670914.pf --------- 30784  
     04.09.2010 23:40     C:\Windows\Prefetch\AGENT.EXE-88AD0906.pf --------- 29348  
     04.09.2010 23:40     C:\Windows\Prefetch\GOOGLEUPDATE.EXE-737A6CD7.pf --------- 38572  
     04.09.2010 23:31     C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 2846457  
     04.09.2010 23:31     C:\Windows\Prefetch\AgGlFaultHistory.db --------- 771578  
     04.09.2010 23:31     C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 3971373  
     04.09.2010 23:31     C:\Windows\Prefetch\AgRobust.db --------- 425888  
     04.09.2010 23:17     C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-C6EE3785.pf --------- 55582  
     04.09.2010 23:16     C:\Windows\Prefetch\FIREFOX.EXE-66015FD1.pf --------- 214852  
     04.09.2010 23:15     C:\Windows\Prefetch\THUNDERBIRD.EXE-B44509A1.pf --------- 183174  
     04.09.2010 23:06     C:\Windows\Prefetch\WMIPRVSE.EXE-E8B8DD29.pf --------- 35640  
     04.09.2010 23:06     C:\Windows\Prefetch\MCUICNT.EXE-724FFEE9.pf --------- 87930  
     04.09.2010 23:06     C:\Windows\Prefetch\MCSMTFWK.EXE-74FB5724.pf --------- 37598  
     04.09.2010 23:01     C:\Windows\Prefetch\ACRORD32.EXE-6BF45B03.pf --------- 91004  
     04.09.2010 22:48     C:\Windows\Prefetch\RUNDLL32.EXE-ED095C83.pf --------- 37040  
     04.09.2010 22:48     C:\Windows\Prefetch\CNBSE3.EXE-A2372408.pf --------- 27414  
     04.09.2010 22:43     C:\Windows\Prefetch\WERMGR.EXE-F439C551.pf --------- 22214  
     04.09.2010 22:35     C:\Windows\Prefetch\WMIADAP.EXE-BB21CD77.pf --------- 19918  
     04.09.2010 22:34     C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-766EFF52.pf --------- 41338  
     04.09.2010 22:33     C:\Windows\Prefetch\MSCORSVW.EXE-8CE1A322.pf --------- 12396  
     04.09.2010 22:32     C:\Windows\Prefetch\MCODS.EXE-2005F4F8.pf --------- 79224  
     04.09.2010 22:32     C:\Windows\Prefetch\MBAM.EXE-938BB081.pf --------- 107160  
     04.09.2010 22:32     C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-69C456C3.pf --------- 22320  
     04.09.2010 22:32     C:\Windows\Prefetch\ReadyBoot --------- 0  
     04.09.2010 22:32     C:\Windows\Prefetch\WMPNETWK.EXE-F6E20E14.pf --------- 45988  
     04.09.2010 22:32     C:\Windows\Prefetch\WMPNSCFG.EXE-18FC9E64.pf --------- 31476  
     04.09.2010 22:31     C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 1733898  
     04.09.2010 22:28     C:\Windows\Prefetch\PfSvPerfStats.bin --------- 508  
     04.09.2010 22:28     C:\Windows\Prefetch\LOGONUI.EXE-F639BD7E.pf --------- 34780  
     04.09.2010 22:28     C:\Windows\Prefetch\_IU14D2N.TMP-84A6CB53.pf --------- 50760  
     04.09.2010 22:28     C:\Windows\Prefetch\UNINS000.EXE-AFA6475D.pf --------- 37314  
     04.09.2010 22:28     C:\Windows\Prefetch\GRPCONV.EXE-A548DBA8.pf --------- 27112  
     04.09.2010 22:28     C:\Windows\Prefetch\NET.EXE-A0964F30.pf --------- 29062  
     04.09.2010 22:28     C:\Windows\Prefetch\RUNONCE.EXE-BD8A4C8F.pf --------- 31312  
     04.09.2010 22:28     C:\Windows\Prefetch\NET1.EXE-509326A5.pf --------- 27518  
     04.09.2010 22:28     C:\Windows\Prefetch\SETUP_9.0.0.722_01.09.2010_10-04B987C4.pf --------- 81730  
     04.09.2010 22:28     C:\Windows\Prefetch\RUNDLL32.EXE-2B723625.pf --------- 91392  
     04.09.2010 22:17     C:\Windows\Prefetch\TASKMGR.EXE-4C8500BA.pf --------- 52916  
     04.09.2010 21:49     C:\Windows\Prefetch\MSIEXEC.EXE-8FFB1633.pf --------- 115362  
     04.09.2010 21:48     C:\Windows\Prefetch\CONTROL.EXE-6EA5489A.pf --------- 38924  
     04.09.2010 21:47     C:\Windows\Prefetch\SVCHOST.EXE-6A249820.pf --------- 20184  
     04.09.2010 21:46     C:\Windows\Prefetch\VSSVC.EXE-6C8F0C66.pf --------- 34340  
     04.09.2010 21:45     C:\Windows\Prefetch\MCAGENT.EXE-E4C61513.pf --------- 36538  
     04.09.2010 21:44     C:\Windows\Prefetch\ADOBEARM.EXE-368641B4.pf --------- 33682  
     04.09.2010 21:40     C:\Windows\Prefetch\GOOGLECRASHHANDLER.EXE-0130569B.pf --------- 17438  
     04.09.2010 21:14     C:\Windows\Prefetch\MOBSYNC.EXE-B307E1CC.pf --------- 39010  
     04.09.2010 20:53     C:\Windows\Prefetch\SNDVOL.EXE-425BC49B.pf --------- 38082  
     04.09.2010 20:52     C:\Windows\Prefetch\MFPMP.EXE-DAD29CCD.pf --------- 69230  
     04.09.2010 20:52     C:\Windows\Prefetch\WMPLAYER.EXE-D7C621F8.pf --------- 123732  
     04.09.2010 20:49     C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3264313630-3715183079-3412690908-1000.db --------- 1023309  
     04.09.2010 20:49     C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3264313630-3715183079-3412690908-1000.db --------- 2127218  
     04.09.2010 20:45     C:\Windows\Prefetch\WUDFHOST.EXE-DEBBE5F1.pf --------- 25790  
     04.09.2010 20:30     C:\Windows\Prefetch\MCUPDMGR.EXE-2483B4A1.pf --------- 46762  
     04.09.2010 20:30     C:\Windows\Prefetch\MCSVRCNT.EXE-4914669B.pf --------- 34198  
     04.09.2010 20:02     C:\Windows\Prefetch\RUNDLL32.EXE-17691DFE.pf --------- 106028  
     04.09.2010 19:55     C:\Windows\Prefetch\MCSYNC.EXE-9D7C7E1C.pf --------- 67782  
     04.09.2010 19:55     C:\Windows\Prefetch\MCINFO.EXE-6C8252E7.pf --------- 75642  
     04.09.2010 18:34     C:\Windows\Prefetch\WINDOWSUPGRADEADVISOR.EXE-D42A984A.pf --------- 120524  
     04.09.2010 18:33     C:\Windows\Prefetch\WUASETUP.EXE-CC299064.pf --------- 30786  
     04.09.2010 18:33     C:\Windows\Prefetch\STARTSETUP.EXE-F122CF79.pf --------- 36398  
     04.09.2010 18:32     C:\Windows\Prefetch\WINDOWS7UPGRADEADVISORSETUP.E-9E6C2B0B.pf --------- 92128  
     04.09.2010 18:20     C:\Windows\Prefetch\MCHOST.EXE-DF335CC7.pf --------- 36800  
     04.09.2010 18:19     C:\Windows\Prefetch\UNSECAPP.EXE-72B9DDB3.pf --------- 17496  
     04.09.2010 18:17     C:\Windows\Prefetch\AESTSRV.EXE-A967E235.pf --------- 5684  
     04.09.2010 18:17     C:\Windows\Prefetch\PHOTOSHOPELEMENTSFILEAGENT.EX-A24F2E1F.pf --------- 44386  
     04.09.2010 18:17     C:\Windows\Prefetch\RUNDLL32.EXE-2BCF59CC.pf --------- 648740  
     04.09.2010 18:12     C:\Windows\Prefetch\2WVHBBL2.EXE-DFFD87BC.pf --------- 541340  
     04.09.2010 18:09     C:\Windows\Prefetch\EXPLORER.EXE-D5E97654.pf --------- 249310  
     04.09.2010 18:08     C:\Windows\Prefetch\SETUP_9.0.0.722_01.09.2010_10-CC13EB4E.pf --------- 31536  
     04.09.2010 18:08     C:\Windows\Prefetch\SETUP_9.0.0.722_01.09.2010_10-045ECAE0.pf --------- 49790  
     04.09.2010 18:08     C:\Windows\Prefetch\MFEVTPS.EXE-23933703.pf --------- 127438  
     04.09.2010 17:44     C:\Windows\Prefetch\MCSVHOST.EXE-DE4FDB91.pf --------- 159248  
     04.09.2010 17:40     C:\Windows\Prefetch\STARTUP.EXE-3D49A471.pf --------- 35088  
     04.09.2010 17:20     C:\Windows\Prefetch\RUNDLL32.EXE-F7ECCD5A.pf --------- 85972  
     04.09.2010 17:12     C:\Windows\Prefetch\RUNDLL32.EXE-AF19BFD0.pf --------- 87838  
     04.09.2010 17:12     C:\Windows\Prefetch\RUNDLL32.EXE-841E66A3.pf --------- 90886  
     04.09.2010 16:46     C:\Windows\Prefetch\DLLHOST.EXE-6CCFE7C9.pf --------- 39358  
     04.09.2010 16:46     C:\Windows\Prefetch\UNINS000.EXE-CCDBD21B.pf --------- 24448  
     04.09.2010 16:45     C:\Windows\Prefetch\HIJACKTHIS.EXE-FE237476.pf --------- 34098  
     04.09.2010 16:45     C:\Windows\Prefetch\UNINS000.EXE-753EC0E7.pf --------- 24774  
     04.09.2010 16:44     C:\Windows\Prefetch\DFSVC.EXE-90FBC44C.pf --------- 86568  
     04.09.2010 16:44     C:\Windows\Prefetch\RUNDLL32.EXE-3029AA7C.pf --------- 35172  
     04.09.2010 16:41     C:\Windows\Prefetch\UNINS000.EXE-5FE398E7.pf --------- 24150  
     04.09.2010 16:39     C:\Windows\Prefetch\AAWWSC.EXE-4FA5806F.pf --------- 29888  
     04.09.2010 16:39     C:\Windows\Prefetch\AD-AWAREADMIN.EXE-D0D13FD8.pf --------- 69194  
     04.09.2010 16:39     C:\Windows\Prefetch\AAWSERVICE.EXE-BCD1C39B.pf --------- 29820  
     04.09.2010 16:39     C:\Windows\Prefetch\AD-AWAREINSTALL.EXE-8705D96F.pf --------- 225266  
     04.09.2010 16:17     C:\Windows\Prefetch\SETUP_WM.EXE-843EC9EF.pf --------- 41894  
     04.09.2010 16:07     C:\Windows\Prefetch\MCUPDATE.EXE-7584575A.pf --------- 43144  
     04.09.2010 15:47     C:\Windows\Prefetch\WERCON.EXE-C87ACD13.pf --------- 90744  
     04.09.2010 15:45     C:\Windows\Prefetch\AD-AWARE.EXE-2F4FBB7B.pf --------- 76160  
     04.09.2010 15:45     C:\Windows\Prefetch\AUTOLAUNCH.EXE-8BEFF985.pf --------- 37544  
     04.09.2010 15:45     C:\Windows\Prefetch\THREATWORK.EXE-718F87D0.pf --------- 27992  
     04.09.2010 15:37     C:\Windows\Prefetch\MCUICNT.EXE-43D768AA.pf --------- 84200  
     04.09.2010 15:33     C:\Windows\Prefetch\AAWTRAY.EXE-AE63BC5E.pf --------- 26316  
     04.09.2010 11:20     C:\Windows\Prefetch\SEARCHINDEXER.EXE-1CF42BC6.pf --------- 33060  
     04.09.2010 11:13     C:\Windows\Prefetch\MCSVRCNT.EXE-ECC2405E.pf --------- 37954  
     04.09.2010 11:11     C:\Windows\Prefetch\HWUPDCHK.EXE-D91D03E3.pf --------- 49644  
     04.09.2010 11:11     C:\Windows\Prefetch\MCVSMAP.EXE-88A2FB49.pf --------- 25590  
     04.09.2010 11:08     C:\Windows\Prefetch\WISEREGISTRYCLEANER.EXE-096BD371.pf --------- 50204  
     04.09.2010 10:55     C:\Windows\Prefetch\SETUP_9.0.0.722_01.09.2010_10-626706DB.pf --------- 51304  
     04.09.2010 10:35     C:\Windows\Prefetch\WUAPP.EXE-79F5B9BE.pf --------- 38242  
     04.09.2010 10:35     C:\Windows\Prefetch\DELLTPAD.EXE-FD1A2FFF.pf --------- 52470  
     04.09.2010 10:25     C:\Windows\Prefetch\SETUP_9.0.0.722_01.09.2010_10-372C7029.pf --------- 39606  
     04.09.2010 10:25     C:\Windows\Prefetch\STARTUP.EXE-A65E8E1E.pf --------- 34186  
     04.09.2010 10:25     C:\Windows\Prefetch\UNINS000.EXE-4B30760A.pf --------- 36028  
     04.09.2010 10:25     C:\Windows\Prefetch\WINWORD.EXE-D0290961.pf --------- 95418  
     04.09.2010 10:18     C:\Windows\Prefetch\DWM.EXE-314E93C5.pf --------- 33862  
     04.09.2010 10:18     C:\Windows\Prefetch\USERINIT.EXE-5114915C.pf --------- 13442  
     04.09.2010 10:18     C:\Windows\Prefetch\RUNDLL32.EXE-EDD722A3.pf --------- 26282  
     04.09.2010 10:18     C:\Windows\Prefetch\RUNDLL32.EXE-F93B7B76.pf --------- 23746  
     04.09.2010 10:18     C:\Windows\Prefetch\RUNDLL32.EXE-5574ED15.pf --------- 17030  
     04.09.2010 10:18     C:\Windows\Prefetch\MPNOTIFY.EXE-B290F693.pf --------- 34858  
     04.09.2010 10:02     C:\Windows\Prefetch\MCSMTFWK.EXE-D14D7D61.pf --------- 37314  
     04.09.2010 10:00     C:\Windows\Prefetch\WLRMDR.EXE-A7C36FDD.pf --------- 20066  
     04.09.2010 10:00     C:\Windows\Prefetch\SHUTDOWN.EXE-1692B741.pf --------- 26788  
     04.09.2010 09:58     C:\Windows\Prefetch\BMCTL.EXE-9599E591.pf --------- 20922  
     04.09.2010 03:27     C:\Windows\Prefetch\AgCx_SC1.db --------- 771757  
     04.09.2010 03:27     C:\Windows\Prefetch\AgCx_SC1.db.trx --------- 87084  
     04.09.2010 03:26     C:\Windows\Prefetch\RASAUTOU.EXE-B4DA4129.pf --------- 36628  
     04.09.2010 03:05     C:\Windows\Prefetch\MCVSMAP.EXE-F42DC9ED.pf --------- 34096  
     04.09.2010 02:38     C:\Windows\Prefetch\MCUPDMGR.EXE-80D5DADE.pf --------- 53142  
     04.09.2010 01:56     C:\Windows\Prefetch\RUNDLL32.EXE-51CCB287.pf --------- 808  
     04.09.2010 01:46     C:\Windows\Prefetch\Layout.ini --------- 1652320  
     04.09.2010 00:11     C:\Windows\Prefetch\WINDLG.EXE-105E9152.pf --------- 20704  
     03.09.2010 21:04     C:\Windows\Prefetch\JP2LAUNCHER.EXE-B5C8DF2E.pf --------- 18028  
     03.09.2010 21:02     C:\Windows\Prefetch\JAVA.EXE-BE8A91FF.pf --------- 174872  
     03.09.2010 14:35     C:\Windows\Prefetch\EDOC.EXE-75331BB9.pf --------- 148400  
     03.09.2010 14:34     C:\Windows\Prefetch\EXCEL.EXE-E37914DC.pf --------- 181538  
     03.09.2010 14:15     C:\Windows\Prefetch\MOBILECONNECT.EXE-03298BA8.pf --------- 194502  
     03.09.2010 08:50     C:\Windows\Prefetch\DFRGNTFS.EXE-ACFD6573.pf --------- 28776  
     02.09.2010 15:46     C:\Windows\Prefetch\AgCx_SC2.db --------- 940152  
     01.09.2010 17:44     C:\Windows\Prefetch\AgCx_SC3_C9D04CA2.db --------- 555120  
     01.09.2010 17:42     C:\Windows\Prefetch\AgCx_S1_S-1-5-21-3264313630-3715183079-3412690908-1000.snp.db --------- 5411161  
     27.08.2009 18:18     C:\Windows\Prefetch\AgAppLaunch.db --------- 332116  
    ----------------------------------------
    
     
    C:\Windows\Tasks
    
     04.09.2010 23:40     C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1114  
     04.09.2010 22:30     C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1110  
     04.09.2010 22:30     C:\Windows\Tasks\SA.DAT --------- 6  
     04.09.2010 22:29     C:\Windows\Tasks\SCHEDLGU.TXT --------- 32524  
    ----------------------------------------
    
     
    C:\Windows\Temp
    
     02.09.2010 18:38     C:\Windows\Temp\MCE00006 --------- 0  
     02.09.2010 18:38     C:\Windows\Temp\MCE00005 --------- 0  
     02.09.2010 18:37     C:\Windows\Temp\MCE00004 --------- 0  
     02.09.2010 18:35     C:\Windows\Temp\MCE00003 --------- 0  
     02.09.2010 18:34     C:\Windows\Temp\MCE00002 --------- 0  
     02.09.2010 18:32     C:\Windows\Temp\MCE00001 --------- 0  
     02.09.2010 18:31     C:\Windows\Temp\s228.22.msg --------- 68269  
     02.09.2010 17:16     C:\Windows\Temp\WINPHLASH --------- 0  
     01.09.2010 23:23     C:\Windows\Temp\SiteAdvisor --------- 0  
     01.09.2010 10:33     C:\Windows\Temp\s450.77.msg --------- 189644  
     01.09.2010 10:31     C:\Windows\Temp\s450.66.msg --------- 119261  
     31.08.2010 19:35     C:\Windows\Temp\mcafee_QfJB2oZyyedWwhH --------- 0  
     31.08.2010 19:35     C:\Windows\Temp\mcafee_WS5BmVCxDJcyG6d --------- 0  
     31.08.2010 19:35     C:\Windows\Temp\mcafee_gfxYF5YgfxVwpfd --------- 0  
     31.08.2010 19:35     C:\Windows\Temp\mcafee_iTR1P4Fv5FkjJLf --------- 0  
     31.08.2010 19:35     C:\Windows\Temp\mcafee_pBqu1Jg7J9dPZmK --------- 0  
     31.08.2010 19:35     C:\Windows\Temp\mcafee_qHLoLY3SCoQVvNr --------- 0  
     31.08.2010 19:35     C:\Windows\Temp\mcafee_tl5dFgK3jflZIi1 --------- 0  
     31.08.2010 19:35     C:\Windows\Temp\mcafee_fJQZJ6MBm3U6j3E --------- 0  
     31.08.2010 19:35     C:\Windows\Temp\mcafee_dZapSPriUNdoK7u --------- 0  
    ----------------------------------------
    
     
    C:\Users\SLOTRA~1\AppData\Local\Temp
    
     04.09.2010 22:31     C:\Users\SLOTRA~1\AppData\Local\Temp\wmplog01.sqm --------- 1592  
     04.09.2010 22:31     C:\Users\SLOTRA~1\AppData\Local\Temp\WPDNSE --------- 0  
     04.09.2010 22:30     C:\Users\SLOTRA~1\AppData\Local\Temp\Slotracing Werk.bmp --------- 31832  
     04.09.2010 22:30     C:\Users\SLOTRA~1\AppData\Local\Temp\AdobeARM.log --------- 47628  
     04.09.2010 21:50     C:\Users\SLOTRA~1\AppData\Local\Temp\java_install_reg.log --------- 4155  
     04.09.2010 21:50     C:\Users\SLOTRA~1\AppData\Local\Temp\hsperfdata_Slotracing Werk --------- 0  
     04.09.2010 21:49     C:\Users\SLOTRA~1\AppData\Local\Temp\jusched.log --------- 9808  
     04.09.2010 21:28     C:\Users\SLOTRA~1\AppData\Local\Temp\MINZ 001 00 - 01_e7_.pdf --------- 58023  
     04.09.2010 21:27     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-29.eml --------- 1583703  
     04.09.2010 21:27     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-141.tmp --------- 1812  
     04.09.2010 21:27     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-27.html --------- 8159  
     04.09.2010 21:22     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-28.eml --------- 1583717  
     04.09.2010 21:22     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-140.tmp --------- 1821  
     04.09.2010 21:22     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-26.html --------- 8154  
     04.09.2010 21:20     C:\Users\SLOTRA~1\AppData\Local\Temp\Northland-Schild.pdf --------- 1147380  
     04.09.2010 21:18     C:\Users\SLOTRA~1\AppData\Local\Temp\wmplog00.sqm --------- 2334  
     04.09.2010 18:36     C:\Users\SLOTRA~1\AppData\Local\Temp\WuaDiagnostics.log --------- 40695  
     04.09.2010 18:36     C:\Users\SLOTRA~1\AppData\Local\Temp\WuaDiagnostics --------- 0  
     04.09.2010 16:41     C:\Users\SLOTRA~1\AppData\Local\Temp\info.txt --------- 1537  
     04.09.2010 16:17     C:\Users\SLOTRA~1\AppData\Local\Temp\wmsetup.log --------- 406  
     04.09.2010 11:05     C:\Users\SLOTRA~1\AppData\Local\Temp\~DF2A01.tmp --------- 65536  
     04.09.2010 10:14     C:\Users\SLOTRA~1\AppData\Local\Temp\WER59B.tmp.version.txt --------- 462  
     02.09.2010 22:06     C:\Users\SLOTRA~1\AppData\Local\Temp\MSI106a7.LOG --------- 362926  
     02.09.2010 21:23     C:\Users\SLOTRA~1\AppData\Local\Temp\107223.txt --------- 1870  
     02.09.2010 20:48     C:\Users\SLOTRA~1\AppData\Local\Temp\B2B_KY17867.txt --------- 335  
     02.09.2010 20:39     C:\Users\SLOTRA~1\AppData\Local\Temp\107222.txt --------- 563  
     02.09.2010 20:31     C:\Users\SLOTRA~1\AppData\Local\Temp\107216.txt --------- 486  
     02.09.2010 20:28     C:\Users\SLOTRA~1\AppData\Local\Temp\107215.txt --------- 1096  
     02.09.2010 20:23     C:\Users\SLOTRA~1\AppData\Local\Temp\msohtml1 --------- 0  
     02.09.2010 20:23     C:\Users\SLOTRA~1\AppData\Local\Temp\107221.txt --------- 572  
     02.09.2010 20:17     C:\Users\SLOTRA~1\AppData\Local\Temp\107220.txt --------- 440  
     02.09.2010 20:15     C:\Users\SLOTRA~1\AppData\Local\Temp\107219.txt --------- 461  
     02.09.2010 20:12     C:\Users\SLOTRA~1\AppData\Local\Temp\107218-1.txt --------- 430  
     02.09.2010 20:10     C:\Users\SLOTRA~1\AppData\Local\Temp\107218.txt --------- 430  
     02.09.2010 19:51     C:\Users\SLOTRA~1\AppData\Local\Temp\Rechnung_Werk_Prototypen_Werks-DSC-Chassis_08_06_10.pdf --------- 50537  
     02.09.2010 19:49     C:\Users\SLOTRA~1\AppData\Local\Temp\Rechnung_Werk_50 Werks-DSC-Chassis_02_09_10.pdf --------- 49209  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-27.eml --------- 10819766  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-139.tmp --------- 1813  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-25.html --------- 4271  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-138.tmp --------- 523744  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-137.tmp --------- 450042  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-136.tmp --------- 493126  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-135.tmp --------- 2024457  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-134.tmp --------- 435592  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-133.tmp --------- 435059  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-132.tmp --------- 466970  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-131.tmp --------- 436435  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-130.tmp --------- 291203  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-129.tmp --------- 296541  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-128.tmp --------- 432387  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-127.tmp --------- 356971  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-126.tmp --------- 428946  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-125.tmp --------- 427770  
     02.09.2010 18:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-124.tmp --------- 389090  
     02.09.2010 18:19     C:\Users\SLOTRA~1\AppData\Local\Temp\~DFADB2.tmp --------- 16384  
     02.09.2010 18:19     C:\Users\SLOTRA~1\AppData\Local\Temp\~DF38E2.tmp --------- 16384  
     02.09.2010 18:18     C:\Users\SLOTRA~1\AppData\Local\Temp\~DF69E7.tmp --------- 16384  
     02.09.2010 18:18     C:\Users\SLOTRA~1\AppData\Local\Temp\~DFCBCF.tmp --------- 16384  
     02.09.2010 18:17     C:\Users\SLOTRA~1\AppData\Local\Temp\~DF9160.tmp --------- 16384  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-26.eml --------- 10819766  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-123.tmp --------- 1813  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-24.html --------- 4271  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-122.tmp --------- 523744  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-121.tmp --------- 450042  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-120.tmp --------- 493126  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-119.tmp --------- 2024457  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-118.tmp --------- 435592  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-117.tmp --------- 435059  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-116.tmp --------- 466970  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-115.tmp --------- 436435  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-114.tmp --------- 291203  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-113.tmp --------- 296541  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-112.tmp --------- 432387  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-111.tmp --------- 356971  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-110.tmp --------- 428946  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-109.tmp --------- 427770  
     02.09.2010 18:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-108.tmp --------- 389090  
     02.09.2010 17:30     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-25.eml --------- 10819764  
     02.09.2010 17:30     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-107.tmp --------- 1813  
     02.09.2010 17:30     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-106.tmp --------- 523744  
     02.09.2010 17:30     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-23.html --------- 4271  
     02.09.2010 17:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-105.tmp --------- 450042  
     02.09.2010 17:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-104.tmp --------- 493126  
     02.09.2010 17:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-103.tmp --------- 2024457  
     02.09.2010 17:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-102.tmp --------- 435592  
     02.09.2010 17:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-101.tmp --------- 435059  
     02.09.2010 17:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-100.tmp --------- 466970  
     02.09.2010 17:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-99.tmp --------- 436435  
     02.09.2010 17:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-98.tmp --------- 291203  
     02.09.2010 17:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-97.tmp --------- 296541  
     02.09.2010 17:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-96.tmp --------- 432387  
     02.09.2010 17:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-95.tmp --------- 356971  
     02.09.2010 17:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-94.tmp --------- 428946  
     02.09.2010 17:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-93.tmp --------- 427770  
     02.09.2010 17:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-92.tmp --------- 389090  
     02.09.2010 17:26     C:\Users\SLOTRA~1\AppData\Local\Temp\Rechnung729597.pdf --------- 74757  
     02.09.2010 17:11     C:\Users\SLOTRA~1\AppData\Local\Temp\Deployment --------- 0  
     02.09.2010 16:59     C:\Users\SLOTRA~1\AppData\Local\Temp\Ydnb105c.htm.part --------- 0  
     02.09.2010 16:49     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-91.tmp --------- 0  
     02.09.2010 16:48     C:\Users\SLOTRA~1\AppData\Local\Temp\107217-1.txt --------- 504  
     02.09.2010 16:47     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-24.eml --------- 212436  
     02.09.2010 16:47     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-90.tmp --------- 30071  
     02.09.2010 16:47     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-22.html --------- 35567  
     02.09.2010 16:47     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-89.tmp --------- 44383  
     02.09.2010 16:47     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-88.tmp --------- 44383  
     02.09.2010 16:43     C:\Users\SLOTRA~1\AppData\Local\Temp\107217.txt --------- 504  
     02.09.2010 16:41     C:\Users\SLOTRA~1\AppData\Local\Temp\~DF6FB3.tmp --------- 65536  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\RG201009108.pdf --------- 7106  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-23.eml --------- 10819733  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-87.tmp --------- 1813  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-21.html --------- 4238  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-86.tmp --------- 523744  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-85.tmp --------- 450042  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-84.tmp --------- 493126  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-83.tmp --------- 2024457  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-82.tmp --------- 435592  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-81.tmp --------- 435059  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-80.tmp --------- 466970  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-79.tmp --------- 436435  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-78.tmp --------- 291203  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-77.tmp --------- 296541  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-76.tmp --------- 432387  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-75.tmp --------- 356971  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-74.tmp --------- 428946  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-73.tmp --------- 427770  
     02.09.2010 16:16     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-72.tmp --------- 389090  
     02.09.2010 16:09     C:\Users\SLOTRA~1\AppData\Local\Temp\videosz-anal-fuck-truck-2-43.mpg --------- 3186688  
     02.09.2010 16:09     C:\Users\SLOTRA~1\AppData\Local\Temp\contentDATs.exe --------- 470496  
     02.09.2010 16:08     C:\Users\SLOTRA~1\AppData\Local\Temp\videosz-anal-fuck-truck-2-42.mpg --------- 3196928  
     02.09.2010 16:08     C:\Users\SLOTRA~1\AppData\Local\Temp\1-2.mpg --------- 5779460  
     02.09.2010 16:08     C:\Users\SLOTRA~1\AppData\Local\Temp\1-1.mpg --------- 5797892  
     02.09.2010 16:07     C:\Users\SLOTRA~1\AppData\Local\Temp\1.mpg --------- 5797892  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\videosz-anal-fuck-truck-2-41.mpg --------- 3190784  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-22.eml --------- 10819752  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-71.tmp --------- 1813  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-20.html --------- 4252  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-70.tmp --------- 523744  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-69.tmp --------- 450042  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-68.tmp --------- 493126  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-67.tmp --------- 2024457  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-66.tmp --------- 435592  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-65.tmp --------- 435059  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-64.tmp --------- 466970  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\videosz-centerfold-facials-2-42.mpg --------- 3184640  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-63.tmp --------- 436435  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-62.tmp --------- 291203  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-61.tmp --------- 296541  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-60.tmp --------- 432387  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-59.tmp --------- 356971  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-58.tmp --------- 428946  
     02.09.2010 16:06     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-57.tmp --------- 427770  
     02.09.2010 16:05     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-56.tmp --------- 389090  
     02.09.2010 15:47     C:\Users\SLOTRA~1\AppData\Local\Temp\170-10-1.doc --------- 51200  
     02.09.2010 13:01     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-21.eml --------- 10819747  
     02.09.2010 13:01     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-55.tmp --------- 1813  
     02.09.2010 13:01     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-19.html --------- 4252  
     02.09.2010 13:01     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-54.tmp --------- 523744  
     02.09.2010 13:01     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-53.tmp --------- 450042  
     02.09.2010 13:01     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-52.tmp --------- 493126  
     02.09.2010 13:01     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-51.tmp --------- 2024457  
     02.09.2010 13:01     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-50.tmp --------- 435592  
     02.09.2010 13:01     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-49.tmp --------- 435059  
     02.09.2010 13:01     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-48.tmp --------- 466970  
     02.09.2010 13:01     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-47.tmp --------- 436435  
     02.09.2010 13:01     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-46.tmp --------- 291203  
     02.09.2010 13:01     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-45.tmp --------- 296541  
     02.09.2010 13:01     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-44.tmp --------- 432387  
     02.09.2010 13:00     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-43.tmp --------- 356971  
     02.09.2010 13:00     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-42.tmp --------- 428946  
     02.09.2010 13:00     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-41.tmp --------- 427770  
     02.09.2010 13:00     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-40.tmp --------- 389090  
     02.09.2010 01:30     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-20.eml --------- 719082  
     02.09.2010 01:30     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-39.tmp --------- 0  
     02.09.2010 01:30     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-18.html --------- 295  
     02.09.2010 01:30     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-38.tmp --------- 523744  
     02.09.2010 01:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-19.eml --------- 719082  
     02.09.2010 01:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-37.tmp --------- 0  
     02.09.2010 01:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-17.html --------- 295  
     02.09.2010 01:29     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-36.tmp --------- 523744  
     02.09.2010 01:27     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-18.eml --------- 719082  
     02.09.2010 01:27     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-35.tmp --------- 0  
     02.09.2010 01:27     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-16.html --------- 295  
     02.09.2010 01:27     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-34.tmp --------- 523744  
     02.09.2010 01:27     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-33.tmp --------- 0  
     02.09.2010 01:26     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-17.eml --------- 109563  
     02.09.2010 01:26     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-32.tmp --------- 9669  
     02.09.2010 01:26     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-15.html --------- 11707  
     02.09.2010 01:26     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-31.tmp --------- 44383  
     02.09.2010 01:24     C:\Users\SLOTRA~1\AppData\Local\Temp\107214.txt --------- 969  
     02.09.2010 01:22     C:\Users\SLOTRA~1\AppData\Local\Temp\107213.txt --------- 461  
     02.09.2010 01:16     C:\Users\SLOTRA~1\AppData\Local\Temp\107212-2.txt --------- 553  
     02.09.2010 01:14     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-16.eml --------- 719082  
     02.09.2010 01:14     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-30.tmp --------- 0  
     02.09.2010 01:14     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-14.html --------- 295  
     02.09.2010 01:14     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-29.tmp --------- 523744  
     02.09.2010 01:12     C:\Users\SLOTRA~1\AppData\Local\Temp\107212-1.txt --------- 553  
     02.09.2010 01:11     C:\Users\SLOTRA~1\AppData\Local\Temp\107212.txt --------- 553  
     02.09.2010 01:07     C:\Users\SLOTRA~1\AppData\Local\Temp\107211.txt --------- 595  
     02.09.2010 01:06     C:\Users\SLOTRA~1\AppData\Local\Temp\107185.txt --------- 1071  
     02.09.2010 01:02     C:\Users\SLOTRA~1\AppData\Local\Temp\install_log.log --------- 100  
     02.09.2010 01:02     C:\Users\SLOTRA~1\AppData\Local\Temp\ASKSUTBLOG --------- 567210  
     02.09.2010 01:02     C:\Users\SLOTRA~1\AppData\Local\Temp\AskSearch --------- 0  
     02.09.2010 00:58     C:\Users\SLOTRA~1\AppData\Local\Temp\comtypes_cache --------- 0  
     02.09.2010 00:57     C:\Users\SLOTRA~1\AppData\Local\Temp\is-9UCG8.tmp --------- 0  
     02.09.2010 00:47     C:\Users\SLOTRA~1\AppData\Local\Temp\ORDERACK_DE_HSB_BSDT_236637165_2009-08-19.pdf --------- 13123  
     02.09.2010 00:42     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-15.eml --------- 719082  
     02.09.2010 00:42     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-28.tmp --------- 0  
     02.09.2010 00:42     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-13.html --------- 295  
     02.09.2010 00:42     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-27.tmp --------- 523744  
     02.09.2010 00:09     C:\Users\SLOTRA~1\AppData\Local\Temp\CFG4317.tmp --------- 123  
     02.09.2010 00:08     C:\Users\SLOTRA~1\AppData\Local\Temp\CFG3976.tmp --------- 123  
     02.09.2010 00:08     C:\Users\SLOTRA~1\AppData\Local\Temp\VSD169B.tmp --------- 0  
     02.09.2010 00:05     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-14.eml --------- 719082  
     02.09.2010 00:05     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-26.tmp --------- 0  
     02.09.2010 00:05     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-25.tmp --------- 523744  
     02.09.2010 00:05     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-12.html --------- 295  
     02.09.2010 00:04     C:\Users\SLOTRA~1\AppData\Local\Temp\MSIad73f.LOG --------- 226  
     02.09.2010 00:04     C:\Users\SLOTRA~1\AppData\Local\Temp\CFGDA98.tmp --------- 123  
     02.09.2010 00:04     C:\Users\SLOTRA~1\AppData\Local\Temp\VSDD6A2.tmp --------- 0  
     02.09.2010 00:03     C:\Users\SLOTRA~1\AppData\Local\Temp\MSI9a2f6.LOG --------- 226  
     02.09.2010 00:02     C:\Users\SLOTRA~1\AppData\Local\Temp\CFGA6DC.tmp --------- 123  
     02.09.2010 00:02     C:\Users\SLOTRA~1\AppData\Local\Temp\VSD5BE8.tmp --------- 0  
     01.09.2010 23:58     C:\Users\SLOTRA~1\AppData\Local\Temp\CFG401E.tmp --------- 123  
     01.09.2010 23:54     C:\Users\SLOTRA~1\AppData\Local\Temp\MSI13079.LOG --------- 2630  
     01.09.2010 23:53     C:\Users\SLOTRA~1\AppData\Local\Temp\CFG3554.tmp --------- 123  
     01.09.2010 23:52     C:\Users\SLOTRA~1\AppData\Local\Temp\VSD1AB3.tmp --------- 0  
     01.09.2010 23:50     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-24.tmp --------- 0  
     01.09.2010 23:33     C:\Users\SLOTRA~1\AppData\Local\Temp\107210.txt --------- 585  
     01.09.2010 23:04     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-13.eml --------- 719082  
     01.09.2010 23:04     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-23.tmp --------- 0  
     01.09.2010 23:04     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-11.html --------- 295  
     01.09.2010 23:04     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-22.tmp --------- 523744  
     01.09.2010 23:03     C:\Users\SLOTRA~1\AppData\Local\Temp\msohtml --------- 0  
     01.09.2010 23:02     C:\Users\SLOTRA~1\AppData\Local\Temp\107209.txt --------- 930  
     01.09.2010 22:46     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-12.eml --------- 719080  
     01.09.2010 22:46     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-21.tmp --------- 0  
     01.09.2010 22:46     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-20.tmp --------- 523744  
     01.09.2010 22:46     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-10.html --------- 295  
     01.09.2010 22:40     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-11.eml --------- 719082  
     01.09.2010 22:40     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-19.tmp --------- 0  
     01.09.2010 22:40     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-9.html --------- 295  
     01.09.2010 22:40     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-18.tmp --------- 523744  
     01.09.2010 22:38     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-10.eml --------- 719081  
     01.09.2010 22:38     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-17.tmp --------- 0  
     01.09.2010 22:38     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-8.html --------- 295  
     01.09.2010 22:38     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-16.tmp --------- 523744  
     01.09.2010 22:37     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-9.eml --------- 719082  
     01.09.2010 22:37     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-15.tmp --------- 0  
     01.09.2010 22:37     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-7.html --------- 295  
     01.09.2010 22:37     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-14.tmp --------- 523744  
     01.09.2010 22:36     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-8.eml --------- 719171  
     01.09.2010 22:36     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-13.tmp --------- 0  
     01.09.2010 22:36     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-6.html --------- 295  
     01.09.2010 22:36     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-12.tmp --------- 523744  
     01.09.2010 22:33     C:\Users\SLOTRA~1\AppData\Local\Temp\amt.log --------- 2675  
     01.09.2010 22:33     C:\Users\SLOTRA~1\AppData\Local\Temp\alm.log --------- 940  
     01.09.2010 22:14     C:\Users\SLOTRA~1\AppData\Local\Temp\107201.txt --------- 411  
     01.09.2010 22:06     C:\Users\SLOTRA~1\AppData\Local\Temp\TWAIN.LOG --------- 1129  
     01.09.2010 22:06     C:\Users\SLOTRA~1\AppData\Local\Temp\Twain001.Mtx --------- 2  
     01.09.2010 22:06     C:\Users\SLOTRA~1\AppData\Local\Temp\Twunk001.MTX --------- 156  
     01.09.2010 22:06     C:\Users\SLOTRA~1\AppData\Local\Temp\Twunk002.MTX --------- 0  
     01.09.2010 21:26     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-7.eml --------- 2055268  
     01.09.2010 21:26     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-11.tmp --------- 2  
     01.09.2010 21:26     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-5.html --------- 155  
     01.09.2010 21:26     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-10.tmp --------- 2054583  
     01.09.2010 19:19     C:\Users\SLOTRA~1\AppData\Local\Temp\~DF32CB.tmp --------- 65536  
     01.09.2010 18:57     C:\Users\SLOTRA~1\AppData\Local\Temp\tmp.xpi --------- 1308534  
     01.09.2010 18:40     C:\Users\SLOTRA~1\AppData\Local\Temp\Low --------- 0  
     01.09.2010 17:28     C:\Users\SLOTRA~1\AppData\Local\Temp\ffkvvJ46.exe.part --------- 0  
     01.09.2010 17:26     C:\Users\SLOTRA~1\AppData\Local\Temp\McSiteAdvisor.xml --------- 499  
     01.09.2010 17:26     C:\Users\SLOTRA~1\AppData\Local\Temp\~DF7B40.tmp --------- 16384  
     01.09.2010 16:40     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-6.eml --------- 4252  
     01.09.2010 16:40     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-9.tmp --------- 1076  
     01.09.2010 16:40     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-4.html --------- 2175  
     01.09.2010 16:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nscopy-1.tmp --------- 71035  
     01.09.2010 16:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-5.eml --------- 70784  
     01.09.2010 16:25     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-8.tmp --------- 44383  
     01.09.2010 16:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nscopy.tmp --------- 3171  
     01.09.2010 16:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-4.eml --------- 2920  
     01.09.2010 16:10     C:\Users\SLOTRA~1\AppData\Local\Temp\Rechnung730008.pdf --------- 70071  
     01.09.2010 11:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-3.eml --------- 1581080  
     01.09.2010 11:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-7.tmp --------- 2  
     01.09.2010 11:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-3.html --------- 155  
     01.09.2010 11:15     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-6.tmp --------- 1580398  
     01.09.2010 11:13     C:\Users\SLOTRA~1\AppData\Local\Temp\newmsg-2 --------- 0  
     01.09.2010 11:05     C:\Users\SLOTRA~1\AppData\Local\Temp\newmsg-1 --------- 0  
     01.09.2010 11:04     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-2.eml --------- 1581089  
     01.09.2010 11:04     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-5.tmp --------- 2  
     01.09.2010 11:04     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-2.html --------- 155  
     01.09.2010 11:04     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-4.tmp --------- 1580398  
     01.09.2010 10:59     C:\Users\SLOTRA~1\AppData\Local\Temp\newmsg --------- 0  
     01.09.2010 10:13     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-1.eml --------- 1581078  
     01.09.2010 10:13     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-3.tmp --------- 2  
     01.09.2010 10:13     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-1.html --------- 155  
     01.09.2010 10:13     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-2.tmp --------- 1580398  
     01.09.2010 08:36     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail.eml --------- 33151  
     01.09.2010 08:36     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail-1.tmp --------- 158  
     01.09.2010 08:36     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail.tmp --------- 31683  
     01.09.2010 08:36     C:\Users\SLOTRA~1\AppData\Local\Temp\nsmail.html --------- 370  
     31.08.2010 22:04     C:\Users\SLOTRA~1\AppData\Local\Temp\VBE --------- 0  
     31.08.2010 19:33     C:\Users\SLOTRA~1\AppData\Local\Temp\mcaB9CE.tmp --------- 0  
     31.08.2010 19:08     C:\Users\SLOTRA~1\AppData\Local\Temp\Log --------- 0  
     31.08.2010 19:05     C:\Users\SLOTRA~1\AppData\Local\Temp\McInstallTemp --------- 0  
     31.08.2010 18:52     C:\Users\SLOTRA~1\AppData\Local\Temp\McTemp --------- 0  
     30.08.2010 21:38     C:\Users\SLOTRA~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0  
    ----------------------------------------
    
     
    C:\Program Files
    
     04.09.2010 21:47     C:\Program Files\Microsoft Windows 7 Upgrade Advisor --------- 0  
     02.09.2010 19:49     C:\Program Files\Mozilla Thunderbird --------- 28672  
     02.09.2010 17:56     C:\Program Files\Dell --------- 4096  
     02.09.2010 16:27     C:\Program Files\Trend Micro --------- 0  
     02.09.2010 00:09     C:\Program Files\Common Files --------- 8192  
     02.09.2010 00:08     C:\Program Files\McAfee --------- 4096  
     01.09.2010 23:22     C:\Program Files\Mozilla Firefox --------- 12288  
     01.09.2010 19:19     C:\Program Files\Malwarebytes' Anti-Malware --------- 4096  
     01.09.2010 18:53     C:\Program Files\Punch ViaCAD 2D-3D 5.0 --------- 0  
     01.09.2010 18:21     C:\Program Files\Mozilla Firefox_mist --------- 0  
     31.08.2010 19:33     C:\Program Files\SiteAdvisor --------- 0  
     31.08.2010 19:32     C:\Program Files\McAfee.com --------- 0  
     31.08.2010 18:51     C:\Program Files\desktop.ini --------- 174  
     30.08.2010 16:58     C:\Program Files\Internet Explorer --------- 0  
     30.08.2010 16:58     C:\Program Files\Movie Maker --------- 0  
     30.08.2010 16:15     C:\Program Files\Windows Mail --------- 0  
     13.08.2010 19:00     C:\Program Files\SuperMailer --------- 8192  
     28.07.2010 22:54     C:\Program Files\Google --------- 4096  
     28.07.2010 22:25     C:\Program Files\TomTom International B.V --------- 0  
     28.07.2010 22:24     C:\Program Files\TomTom HOME 2 --------- 4096  
     25.07.2010 13:01     C:\Program Files\TomTom DesktopSuite --------- 0  
     21.07.2010 10:56     C:\Program Files\InterVideo --------- 0  
     21.07.2010 10:39     C:\Program Files\DivX --------- 0  
     26.06.2010 13:27     C:\Program Files\Microsoft.NET --------- 0  
     21.04.2010 20:29     C:\Program Files\Yahoo --------- 0  
     21.04.2010 20:27     C:\Program Files\Foto Quelle --------- 0  
     21.04.2010 08:39     C:\Program Files\mp3DirectCut --------- 0  
     19.04.2010 22:22     C:\Program Files\Western Digital --------- 0  
     16.04.2010 00:28     C:\Program Files\FotoQuelle Fotosoftware --------- 8192  
     03.04.2010 12:02     C:\Program Files\WinRbm --------- 0  
     19.01.2010 12:44     C:\Program Files\Adobe --------- 0  
     31.12.2009 18:28     C:\Program Files\tigo-IT --------- 0  
     11.12.2009 02:27     C:\Program Files\Traumflieger --------- 0  
     30.10.2009 19:46     C:\Program Files\Windows Portable Devices --------- 0  
     29.10.2009 08:41     C:\Program Files\Windows Media Player --------- 4096  
     13.09.2009 03:10     C:\Program Files\Windows Calendar --------- 0  
     13.09.2009 03:10     C:\Program Files\Windows Sidebar --------- 0  
     13.09.2009 03:10     C:\Program Files\Windows Collaboration --------- 0  
     13.09.2009 03:10     C:\Program Files\Windows Journal --------- 0  
     13.09.2009 03:10     C:\Program Files\Windows Photo Gallery --------- 0  
     13.09.2009 03:10     C:\Program Files\Windows Defender --------- 4096  
     10.09.2009 14:55     C:\Program Files\VideoLAN --------- 0  
     05.09.2009 13:47     C:\Program Files\InterActual --------- 0  
     05.09.2009 13:46     C:\Program Files\InstallShield Installation Information --------- 4096  
     05.09.2009 13:46     C:\Program Files\Creative --------- 4096  
     03.09.2009 16:36     C:\Program Files\Canon --------- 0  
     01.09.2009 15:35     C:\Program Files\Vodafone --------- 0  
     27.08.2009 23:47     C:\Program Files\WinRAR --------- 4096  
     27.08.2009 23:40     C:\Program Files\ACD Systems --------- 0  
     27.08.2009 21:36     C:\Program Files\Microsoft Office --------- 4096  
     27.08.2009 21:17     C:\Program Files\Werner Terminator --------- 4096  
     27.08.2009 20:54     C:\Program Files\Macromedia --------- 0  
     27.08.2009 18:19     C:\Program Files\Windows NT --------- 4096  
     27.08.2009 18:19     C:\Program Files\Gemeinsame Dateien --------- 0  
     21.08.2009 01:21     C:\Program Files\DellTPad --------- 4096  
     20.08.2009 23:34     C:\Program Files\CyberLink --------- 0  
     20.08.2009 23:33     C:\Program Files\Microsoft Silverlight --------- 0  
     20.08.2009 23:32     C:\Program Files\Windows Live --------- 4096  
     20.08.2009 23:30     C:\Program Files\Microsoft Sync Framework --------- 0  
     20.08.2009 23:24     C:\Program Files\Microsoft SQL Server Compact Edition --------- 0  
     20.08.2009 23:20     C:\Program Files\Microsoft --------- 0  
     20.08.2009 23:18     C:\Program Files\Windows Live SkyDrive --------- 0  
     20.08.2009 22:55     C:\Program Files\Dell Video Chat --------- 0  
     20.08.2009 22:55     C:\Program Files\Microsoft Works --------- 24576  
     20.08.2009 22:54     C:\Program Files\Dell Support Center --------- 4096  
     20.08.2009 22:53     C:\Program Files\Sonic --------- 0  
     20.08.2009 22:53     C:\Program Files\Roxio --------- 0  
     20.08.2009 22:49     C:\Program Files\Ericsson --------- 0  
     20.08.2009 22:44     C:\Program Files\Cisco --------- 0  
     20.08.2009 22:43     C:\Program Files\Dell Inc --------- 0  
     20.08.2009 22:42     C:\Program Files\Creative Live Cam --------- 0  
     20.08.2009 17:25     C:\Program Files\IDT --------- 0  
     02.11.2006 15:01     C:\Program Files\Uninstall Information --------- 0  
     02.11.2006 14:37     C:\Program Files\MSBuild --------- 0  
     02.11.2006 14:37     C:\Program Files\Reference Assemblies --------- 0  
    ----------------------------------------
    
     
    C:\ProgramData\.. 
    
    Slotracing Werk    
    desktop.ini    
    Public    
    Default User    
    All Users    
    Default    
    ----------------------------------------
    
     
    C:\Windows\system32\drivers\etc\hosts
    
    127.0.0.1       localhost
    ::1             localhost
    
    ----------------------------------------
    
     
    
    Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
    ========================= ======== ================ =========== ===============
    System Idle Process              0 Services                   0            24 K
    System                           4 Services                   0         3.432 K
    smss.exe                       572 Services                   0            64 K
    csrss.exe                      684 Services                   0         2.332 K
    wininit.exe                    736 Services                   0           168 K
    csrss.exe                      744 Console                    1         7.320 K
    services.exe                   780 Services                   0         3.184 K
    lsass.exe                      796 Services                   0         2.924 K
    lsm.exe                        804 Services                   0         1.328 K
    svchost.exe                    956 Services                   0         3.328 K
    nvvsvc.exe                    1000 Services                   0           460 K
    svchost.exe                   1028 Services                   0         4.160 K
    svchost.exe                   1124 Services                   0         9.320 K
    svchost.exe                   1152 Services                   0        77.140 K
    svchost.exe                   1164 Services                   0        34.604 K
    stacsv.exe                    1200 Services                   0         1.688 K
    winlogon.exe                  1260 Console                    1           996 K
    audiodg.exe                   1368 Services                   0        16.844 K
    svchost.exe                   1428 Services                   0         1.252 K
    SLsvc.exe                     1472 Services                   0         1.040 K
    svchost.exe                   1512 Services                   0         4.768 K
    rundll32.exe                  1592 Console                    1         1.072 K
    svchost.exe                   1768 Services                   0         7.380 K
    WLTRYSVC.EXE                  1944 Services                   0           140 K
    BCMWLTRY.EXE                  1956 Services                   0         7.332 K
    wlanext.exe                   2000 Services                   0           948 K
    spoolsv.exe                    376 Services                   0         6.776 K
    svchost.exe                    544 Services                   0         4.764 K
    dwm.exe                       1912 Console                    1        47.932 K
    taskeng.exe                   1420 Services                   0         1.720 K
    explorer.exe                  1764 Console                    1       108.452 K
    taskeng.exe                   2148 Console                    1         4.304 K
    Apoint.exe                    2296 Console                    1         1.028 K
    OEM13Mon.exe                  2304 Console                    1           852 K
    rundll32.exe                  2324 Console                    1           852 K
    rundll32.exe                  2340 Console                    1           780 K
    DellWMgr.exe                  2348 Console                    1         1.044 K
    WLTRAY.EXE                    2364 Console                    1         6.968 K
    PDVDDXSrv.exe                 2404 Console                    1         1.464 K
    apdproxy.exe                  2416 Console                    1         1.696 K
    sttray.exe                    2424 Console                    1         1.428 K
    mcagent.exe                   2472 Console                    1           700 K
    ISUSPM.exe                    2492 Console                    1         2.208 K
    TomTomHOMERunner.exe          2528 Console                    1         1.276 K
    PhotoshopElementsFileAgen     3212 Services                   0           632 K
    AEstSrv.exe                   3248 Services                   0            92 K
    McSvHost.exe                  3364 Services                   0        20.092 K
    mfevtps.exe                   3408 Services                   0         2.744 K
    rundll32.exe                  3448 Console                    1           636 K
    o2flash.exe                   3464 Services                   0           132 K
    svchost.exe                   3524 Services                   0           680 K
    SeaPort.exe                   3564 Services                   0         1.108 K
    svchost.exe                   3640 Services                   0         1.072 K
    TomTomHOMEService.exe         3672 Services                   0           104 K
    svchost.exe                   3696 Services                   0         2.584 K
    SearchIndexer.exe             3728 Services                   0        45.840 K
    mcshield.exe                  3804 Services                   0        44.196 K
    mfefire.exe                   3888 Services                   0         2.000 K
    VMCService.exe                3936 Services                   0         5.512 K
    WUDFHost.exe                  1380 Services                   0           808 K
    mobsync.exe                   1308 Console                    1         1.324 K
    ApMsgFwd.exe                  3336 Console                    1           592 K
    hidfind.exe                    580 Console                    1           300 K
    ApntEx.exe                     948 Console                    1           664 K
    unsecapp.exe                  4400 Console                    1         1.368 K
    WmiPrvSE.exe                  4464 Services                   0         2.636 K
    wmpnscfg.exe                  6068 Console                    1         1.536 K
    wmpnetwk.exe                  6120 Services                   0         1.360 K
    SearchProtocolHost.exe        4712 Services                   0        10.168 K
    firefox.exe                   3140 Console                    1       157.460 K
    mcupdate.exe                  1484 Services                   0         1.012 K
    SearchFilterHost.exe          3196 Services                   0         7.144 K
    cmd.exe                       5388 Console                    1         2.932 K
    conime.exe                    3456 Console                    1         3.856 K
    taskeng.exe                   3300 Services                   0         4.188 K
    tasklist.exe                  3656 Console                    1         4.740 K
    WmiPrvSE.exe                  2968 Services                   0         5.796 K
    
     
    ***** Ende des Scans 04.09.2010 um 23:45:31,58 ***

  9. #9
    Forenbenutzer
    Registriert seit
    04.09.2010
    Beiträge
    46

    AW: FF und TB(keine Rückmeldung)-Windows fährt nach einer Minute runter,etc.

    Nr 1 :
    C:\Windows\System32\CNMVS74.DLL
    Code:
    File name:
    CNMVS74.DLL
    Submission date:
    2010-09-04 22:35:21 (UTC)
    Current status:
    queued (#20) queued (#20) analysing finished
    Result:
    0/ 43 (0.0%)
    	
    VT Community
    
    not reviewed
     Safety score: - 
    Compact
    Print results
    Antivirus 	Version 	Last Update 	Result
    AhnLab-V3	2010.09.05.00	2010.09.04	-
    AntiVir	8.2.4.50	2010.09.03	-
    Antiy-AVL	2.0.3.7	2010.09.03	-
    Authentium	5.2.0.5	2010.09.04	-
    Avast	4.8.1351.0	2010.09.05	-
    Avast5	5.0.594.0	2010.09.05	-
    AVG	9.0.0.851	2010.09.05	-
    BitDefender	7.2	2010.09.05	-
    CAT-QuickHeal	11.00	2010.09.03	-
    ClamAV	0.96.2.0-git	2010.09.04	-
    Comodo	5970	2010.09.04	-
    DrWeb	5.0.2.03300	2010.09.04	-
    Emsisoft	5.0.0.37	2010.09.04	-
    eSafe	7.0.17.0	2010.09.01	-
    eTrust-Vet	36.1.7835	2010.09.03	-
    F-Prot	4.6.1.107	2010.09.01	-
    F-Secure	9.0.15370.0	2010.09.04	-
    Fortinet	4.1.143.0	2010.09.04	-
    GData	21	2010.09.05	-
    Ikarus	T3.1.1.88.0	2010.09.04	-
    Jiangmin	13.0.900	2010.09.04	-
    K7AntiVirus	9.63.2442	2010.09.04	-
    Kaspersky	7.0.0.125	2010.09.04	-
    McAfee	5.400.0.1158	2010.09.05	-
    McAfee-GW-Edition	2010.1B	2010.09.04	-
    Microsoft	1.6103	2010.09.04	-
    NOD32	5423	2010.09.04	-
    Norman	6.05.11	2010.09.04	-
    nProtect	2010-09-04.01	2010.09.04	-
    Panda	10.0.2.7	2010.09.04	-
    PCTools	7.0.3.5	2010.09.04	-
    Prevx	3.0	2010.09.05	-
    Rising	22.63.05.01	2010.09.04	-
    Sophos	4.57.0	2010.09.04	-
    Sunbelt	6831	2010.09.04	-
    SUPERAntiSpyware	4.40.0.1006	2010.09.04	-
    Symantec	20101.1.1.7	2010.09.04	-
    TheHacker	6.5.2.1.364	2010.09.04	-
    TrendMicro	9.120.0.1004	2010.09.04	-
    TrendMicro-HouseCall	9.120.0.1004	2010.09.05	-
    VBA32	3.12.14.0	2010.09.03	-
    ViRobot	2010.8.31.4017	2010.09.04	-
    VirusBuster	12.64.17.1	2010.09.04	-
    Additional information
    Show all
    MD5   : 4fa5bfef6d99516344d33f70807b3b72
    SHA1  : df3b7aa3bb20ede9609317ccd440987b3b2cdfb9
    SHA256: ab7e844f752d416cf28a1f3759f609e4b186e4811bba2aa132d47bed6200798d
    ssdeep: 192:5fSCS0U+fQ1TociQ5wm1TbcUkkAiH+BscCK1LIVT:w0U+fOEcd8UkTiXhoLIV
    File size : 8704 bytes
    First seen: 2009-06-05 07:06:16
    Last seen : 2010-09-04 22:35:21
    TrID:
    Win32 Executable Generic (42.3%)
    Win32 Dynamic Link Library (generic) (37.6%)
    Generic Win/DOS Executable (9.9%)
    DOS Executable Generic (9.9%)
    Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
    sigcheck:
    publisher....: n/a
    copyright....: n/a
    product......: n/a
    description..: n/a
    original name: n/a
    internal name: n/a
    file version.: n/a
    comments.....: n/a
    signers......: -
    signing date.: -
    verified.....: Unsigned
    PEInfo: PE structure information
    
    [[ basic data ]]
    entrypointaddress: 0x1D4B
    timedatestamp....: 0x44B25B06 (Mon Jul 10 13:49:58 2006)
    machinetype......: 0x14c (I386)
    
    [[ 3 section(s) ]]
    name, viradd, virsiz, rawdsiz, ntropy, md5
    .text, 0x1000, 0x1712, 0x1800, 5.89, 80e94633caa9f6d7a362038bd6df965b
    .data, 0x3000, 0x34, 0x200, 0.14, 6c0780dd60f70d2ee0b3ffaf08e60302
    .reloc, 0x4000, 0x24A, 0x400, 2.67, 342ef9ee5974efe4ab7fc2a5f680907d
    
    [[ 6 import(s) ]]
    KERNEL32.dll: QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetModuleHandleA, GetProcAddress, CreateProcessW, CloseHandle, lstrcpyW, GetLastError, GlobalAlloc, MultiByteToWideChar, GetSystemTimeAsFileTime, lstrcmpW, GlobalFree, lstrlenW, lstrcatW, DisableThreadLibraryCalls, Sleep
    msvcrt.dll: malloc, _adjust_fdiv, _initterm, free, wcsrchr, wcscpy
    USER32.dll: wsprintfW
    WINSPOOL.DRV: -, GetPrinterDriverW, GetPrinterW, OpenPrinterW, ClosePrinter
    VERSION.dll: GetFileVersionInfoW, GetFileVersionInfoSizeW, VerQueryValueW
    ADVAPI32.dll: RegQueryValueExW, RegOpenKeyExW, RegCloseKey
    
    [[ 1 export(s) ]]
    VendorSetupEntryPoint
    
    VT Community
    
    0
    
        This file has never been reviewed by any VT Community member. Be the first one to comment on it! 
    
    VirusTotal Team

    nr. 2
    C:\Windows\jestertb.dll
    Code:
    File name:
    jestertb.dll
    Submission date:
    2010-09-04 22:30:59 (UTC)
    Current status:
    queued queued (#6) analysing finished
    Result:
    4/ 43 (9.3%)
    	
    VT Community
    
    not reviewed
     Safety score: - 
    Compact
    Print results
    Antivirus 	Version 	Last Update 	Result
    AhnLab-V3	2010.09.05.00	2010.09.04	-
    AntiVir	8.2.4.50	2010.09.03	-
    Antiy-AVL	2.0.3.7	2010.09.03	-
    Authentium	5.2.0.5	2010.09.04	W32/Trojan2.HVL
    Avast	4.8.1351.0	2010.09.05	-
    Avast5	5.0.594.0	2010.09.05	-
    AVG	9.0.0.851	2010.09.05	-
    BitDefender	7.2	2010.09.05	-
    CAT-QuickHeal	11.00	2010.09.03	-
    ClamAV	0.96.2.0-git	2010.09.04	-
    Comodo	5970	2010.09.04	-
    DrWeb	5.0.2.03300	2010.09.04	-
    Emsisoft	5.0.0.37	2010.09.04	-
    eSafe	7.0.17.0	2010.09.01	-
    eTrust-Vet	36.1.7835	2010.09.03	-
    F-Prot	4.6.1.107	2010.09.01	W32/Trojan2.HVL
    F-Secure	9.0.15370.0	2010.09.04	-
    Fortinet	4.1.143.0	2010.09.04	-
    GData	21	2010.09.05	-
    Ikarus	T3.1.1.88.0	2010.09.04	-
    Jiangmin	13.0.900	2010.09.04	-
    K7AntiVirus	9.63.2442	2010.09.04	Trojan
    Kaspersky	7.0.0.125	2010.09.04	-
    McAfee	5.400.0.1158	2010.09.05	-
    McAfee-GW-Edition	2010.1B	2010.09.04	-
    Microsoft	1.6103	2010.09.04	-
    NOD32	5423	2010.09.04	-
    Norman	6.05.11	2010.09.04	-
    nProtect	2010-09-04.01	2010.09.04	-
    Panda	10.0.2.7	2010.09.04	Trj/Agent.LIZ
    PCTools	7.0.3.5	2010.09.04	-
    Prevx	3.0	2010.09.05	-
    Rising	22.63.05.01	2010.09.04	-
    Sophos	4.57.0	2010.09.04	-
    Sunbelt	6831	2010.09.04	-
    SUPERAntiSpyware	4.40.0.1006	2010.09.04	-
    Symantec	20101.1.1.7	2010.09.04	-
    TheHacker	6.5.2.1.364	2010.09.04	-
    TrendMicro	9.120.0.1004	2010.09.04	-
    TrendMicro-HouseCall	9.120.0.1004	2010.09.05	-
    VBA32	3.12.14.0	2010.09.03	-
    ViRobot	2010.8.31.4017	2010.09.04	-
    VirusBuster	12.64.17.1	2010.09.04	-
    Additional information
    Show all
    MD5   : 65dabb831da51500dfa31b40252803e2
    SHA1  : 82790a1b47069df4e71750ee13469b0ab13f0129
    SHA256: 5124411fe82c961a2c06b518cfb54dc7dfd94f491ba5d13f752e166f80d33d99
    ssdeep: 384:VtCh+FKTIqxrEvsfZg6casm3k6sXARuxzEVXuaUQkXI:VLFvqhEvsRg6casmXswRu1arU
    File size : 20992 bytes
    First seen: 2007-02-16 20:49:05
    Last seen : 2010-09-04 22:30:59
    TrID:
    Win32 Executable Generic (58.3%)
    Win16/32 Executable Delphi generic (14.1%)
    Generic Win/DOS Executable (13.7%)
    DOS Executable Generic (13.6%)
    Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
    sigcheck:
    publisher....: n/a
    copyright....: n/a
    product......: n/a
    description..: n/a
    original name: n/a
    internal name: n/a
    file version.: n/a
    comments.....: n/a
    signers......: -
    signing date.: -
    verified.....: Unsigned
    PEInfo: PE structure information
    
    [[ basic data ]]
    entrypointaddress: 0x475C
    timedatestamp....: 0x2A425E19 (Fri Jun 19 22:22:17 1992)
    machinetype......: 0x14c (I386)
    
    [[ 7 section(s) ]]
    name, viradd, virsiz, rawdsiz, ntropy, md5
    CODE, 0x1000, 0x37B4, 0x3800, 6.49, d78b7bc3ca289532671167bfb0277962
    DATA, 0x5000, 0xCC, 0x200, 1.94, db5a50cf900334485962b7400fdb11a7
    BSS, 0x6000, 0x4E9, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e
    .idata, 0x7000, 0x662, 0x800, 3.79, ac16988faccf8105c91efe309c85dbfa
    .edata, 0x8000, 0x53, 0x200, 0.84, ba9f5961e441f7f06448ddc72f655f6d
    .reloc, 0x9000, 0x3CC, 0x400, 6.40, 10f1dbb256201f7741111d0b5b3ee84d
    .rsrc, 0xA000, 0x600, 0x600, 3.18, a8e39005859f5e6c8e0fc80e00d4cb8c
    
    [[ 7 import(s) ]]
    kernel32.dll: GetCurrentThreadId, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, VirtualQuery, lstrlenA, lstrcpynA, lstrcpyA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileA, CloseHandle
    user32.dll: GetKeyboardType, MessageBoxA, CharNextA
    advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
    oleaut32.dll: VariantCopyInd, VariantClear, SysFreeString, SysReAllocStringLen
    kernel32.dll: TlsSetValue, TlsGetValue, TlsFree, TlsAlloc, LocalFree, LocalAlloc, GetModuleFileNameA
    kernel32.dll: WaitForSingleObject, GetCurrentProcessId, DisableThreadLibraryCalls
    user32.dll: SetWindowLongA, RegisterWindowMessageA, MessageBeep, GetWindowThreadProcessId, FindWindowA, CallWindowProcA
    
    [[ 1 export(s) ]]
    WhatsTheBuildNumber
    
    VT Community
    
    0
    
        This file has never been reviewed by any VT Community member. Be the first one to comment on it! 
    
    VirusTotal Team


    nr .3 C:\Users\Slotracing Werk\Desktop\2wvhbbl2.exe

    ist das gmer programm wovon ich hier gelesen habe, nimmt imme reinen beliebigen namen an udn hat mir eben wieder nen Blue Screen beschert,-(((

    Code:
    File name:
    2wvhbbl2.exe
    Submission date:
    2010-09-04 22:47:20 (UTC)
    Current status:
    queued queued (#6) analysing finished
    Result:
    1/ 43 (2.3%)
    	
    VT Community
    
    goodware
     Safety score: 81.2% 
    Compact
    Print results
    Antivirus 	Version 	Last Update 	Result
    AhnLab-V3	2010.09.05.00	2010.09.04	-
    AntiVir	8.2.4.50	2010.09.03	-
    Antiy-AVL	2.0.3.7	2010.09.03	-
    Authentium	5.2.0.5	2010.09.04	-
    Avast	4.8.1351.0	2010.09.05	-
    Avast5	5.0.594.0	2010.09.05	-
    AVG	9.0.0.851	2010.09.05	-
    BitDefender	7.2	2010.09.05	-
    CAT-QuickHeal	11.00	2010.09.03	-
    ClamAV	0.96.2.0-git	2010.09.04	-
    Comodo	5970	2010.09.04	-
    DrWeb	5.0.2.03300	2010.09.04	-
    Emsisoft	5.0.0.37	2010.09.04	-
    eSafe	7.0.17.0	2010.09.01	Win32.TrojanHorse
    eTrust-Vet	36.1.7835	2010.09.03	-
    F-Prot	4.6.1.107	2010.09.01	-
    F-Secure	9.0.15370.0	2010.09.04	-
    Fortinet	4.1.143.0	2010.09.04	-
    GData	21	2010.09.05	-
    Ikarus	T3.1.1.88.0	2010.09.04	-
    Jiangmin	13.0.900	2010.09.04	-
    K7AntiVirus	9.63.2442	2010.09.04	-
    Kaspersky	7.0.0.125	2010.09.05	-
    McAfee	5.400.0.1158	2010.09.05	-
    McAfee-GW-Edition	2010.1B	2010.09.04	-
    Microsoft	1.6103	2010.09.04	-
    NOD32	5423	2010.09.04	-
    Norman	6.05.11	2010.09.04	-
    nProtect	2010-09-04.01	2010.09.04	-
    Panda	10.0.2.7	2010.09.04	-
    PCTools	7.0.3.5	2010.09.04	-
    Prevx	3.0	2010.09.05	-
    Rising	22.63.05.01	2010.09.04	-
    Sophos	4.57.0	2010.09.04	-
    Sunbelt	6831	2010.09.04	-
    SUPERAntiSpyware	4.40.0.1006	2010.09.04	-
    Symantec	20101.1.1.7	2010.09.04	-
    TheHacker	6.5.2.1.364	2010.09.04	-
    TrendMicro	9.120.0.1004	2010.09.04	-
    TrendMicro-HouseCall	9.120.0.1004	2010.09.05	-
    VBA32	3.12.14.0	2010.09.03	-
    ViRobot	2010.8.31.4017	2010.09.04	-
    VirusBuster	12.64.17.1	2010.09.04	-
    Additional information
    Show all
    MD5   : f80f6e09e7f4bafe478ca0da6137e1e2
    SHA1  : 719082766cf4f60c8bdaa2b2c9f6967ecbcf8722
    SHA256: 682fd0d13d7caf4b17a1eb9bafa0a3c3598139bb3623d3f5fba3bfbd0a6d424a
    ssdeep: 6144:Uwbg2xeuJgWM/S1tm/xCIoQPJVZCzw5bEPb3cV9iYpTkyTFHS2:Uw82IZWM61tUXRd9IPb
    3cVZkyp/
    File size : 293376 bytes
    First seen: 2009-12-15 11:56:33
    Last seen : 2010-09-04 22:47:20
    TrID:
    UPX compressed Win32 Executable (39.5%)
    Win32 EXE Yoda's Crypter (34.3%)
    Win32 Executable Generic (11.0%)
    Win32 Dynamic Link Library (generic) (9.8%)
    Generic Win/DOS Executable (2.5%)
    sigcheck:
    publisher....: n/a
    copyright....: n/a
    product......: n/a
    description..: n/a
    original name: n/a
    internal name: n/a
    file version.: 1, 0, 15, 15281
    comments.....: n/a
    signers......: -
    signing date.: -
    verified.....: Unsigned
    PEiD: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
    packers (F-Prot): UPX
    packers (Kaspersky): UPX, PE_Patch
    PEInfo: PE structure information
    
    [[ basic data ]]
    entrypointaddress: 0xB3F40
    timedatestamp....: 0x4B2763F0 (Tue Dec 15 10:24:48 2009)
    machinetype......: 0x14c (I386)
    
    [[ 3 section(s) ]]
    name, viradd, virsiz, rawdsiz, ntropy, md5
    UPX0, 0x1000, 0x6D000, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e
    UPX1, 0x6E000, 0x47000, 0x46200, 7.93, 7b777c30b7f75e5eb654691bb1616dcb
    .rsrc, 0xB5000, 0x2000, 0x1400, 3.38, 710fb4291f153e98a3a03f3473b8bfd6
    
    [[ 1 import(s) ]]
    KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, ExitProcess
    
    VT Community


    Nr 4:
    C:\Users\Slotracing Werk\Desktop\Virus Removal Tool\setup_9.0.0.722_01.09.2010_10-16\setup_9.0.0.722_01.09.2010_10-16.exe

    ist der Kaspersky VRT

    Der ist nun deinstalliert weil er nach seiner arbeit immer deinstalliert werden will.

    http://www.chip.de/downloads/Kaspers..._36962242.html

    Ich installiere den nach dem ich das Posting efrtig habe wieder und jage die datei durch den Virustotal, sonst setzt der mir eventuell wieder de WE still


    Nr.5:
    C:\Windows\OEM13Mon.exe
    Code:
    File name:
    OEM13Mon.exe
    Submission date:
    2010-09-04 22:54:14 (UTC)
    Current status:
    queued (#6) queued (#6) analysing finished
    Result:
    0/ 43 (0.0%)
    	
    VT Community
    
    not reviewed
     Safety score: - 
    Compact
    Print results
    Antivirus 	Version 	Last Update 	Result
    AhnLab-V3	2010.09.05.00	2010.09.04	-
    AntiVir	8.2.4.50	2010.09.03	-
    Antiy-AVL	2.0.3.7	2010.09.03	-
    Authentium	5.2.0.5	2010.09.04	-
    Avast	4.8.1351.0	2010.09.05	-
    Avast5	5.0.594.0	2010.09.05	-
    AVG	9.0.0.851	2010.09.05	-
    BitDefender	7.2	2010.09.05	-
    CAT-QuickHeal	11.00	2010.09.03	-
    ClamAV	0.96.2.0-git	2010.09.04	-
    Comodo	5970	2010.09.04	-
    DrWeb	5.0.2.03300	2010.09.04	-
    Emsisoft	5.0.0.37	2010.09.04	-
    eSafe	7.0.17.0	2010.09.01	-
    eTrust-Vet	36.1.7835	2010.09.03	-
    F-Prot	4.6.1.107	2010.09.01	-
    F-Secure	9.0.15370.0	2010.09.04	-
    Fortinet	4.1.143.0	2010.09.04	-
    GData	21	2010.09.05	-
    Ikarus	T3.1.1.88.0	2010.09.04	-
    Jiangmin	13.0.900	2010.09.04	-
    K7AntiVirus	9.63.2442	2010.09.04	-
    Kaspersky	7.0.0.125	2010.09.05	-
    McAfee	5.400.0.1158	2010.09.05	-
    McAfee-GW-Edition	2010.1B	2010.09.04	-
    Microsoft	1.6103	2010.09.04	-
    NOD32	5423	2010.09.04	-
    Norman	6.05.11	2010.09.04	-
    nProtect	2010-09-04.01	2010.09.04	-
    Panda	10.0.2.7	2010.09.04	-
    PCTools	7.0.3.5	2010.09.04	-
    Prevx	3.0	2010.09.05	-
    Rising	22.63.05.01	2010.09.04	-
    Sophos	4.57.0	2010.09.04	-
    Sunbelt	6831	2010.09.04	-
    SUPERAntiSpyware	4.40.0.1006	2010.09.04	-
    Symantec	20101.1.1.7	2010.09.04	-
    TheHacker	6.5.2.1.364	2010.09.04	-
    TrendMicro	9.120.0.1004	2010.09.04	-
    TrendMicro-HouseCall	9.120.0.1004	2010.09.05	-
    VBA32	3.12.14.0	2010.09.03	-
    ViRobot	2010.8.31.4017	2010.09.04	-
    VirusBuster	12.64.17.1	2010.09.04	-
    Additional information
    Show all
    MD5   : 8f48849314ef6af4e0b925539e52b16f
    SHA1  : 5fcca2a006f818cf570c03cdf35cd6bb801c3f64
    SHA256: 4427c3fecd30c0f8d03e81111fd906e91b87ea1151ae828793e02e5fcc80bcc4
    ssdeep: 192:IfdYOTpogrpjwnwgeN+yOlOikDI9LD+ICFY1eNRn/pb7vUZmuNdfD6:IfdY7Agc+yOlYEZD
    DCO1eNR/pb7cZ9m
    File size : 36864 bytes
    First seen: 2009-02-14 10:49:49
    Last seen : 2010-09-04 22:54:14
    TrID:
    Win32 Executable Generic (42.3%)
    Win32 Dynamic Link Library (generic) (37.6%)
    Generic Win/DOS Executable (9.9%)
    DOS Executable Generic (9.9%)
    Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
    sigcheck:
    publisher....: Creative Technology Ltd.
    copyright....: Copyright (c) Creative Technology Ltd., 2008
    product......: n/a
    description..: Live_ Cam Console Auto Launcher
    original name: OEM13Mon.exe
    internal name: n/a
    file version.: 1.00.01.00
    comments.....: n/a
    signers......: -
    signing date.: -
    verified.....: Unsigned
    PEInfo: PE structure information
    
    [[ basic data ]]
    entrypointaddress: 0x2DAE
    timedatestamp....: 0x4782F5DC (Tue Jan 08 04:02:36 2008)
    machinetype......: 0x14c (I386)
    
    [[ 6 section(s) ]]
    name, viradd, virsiz, rawdsiz, ntropy, md5
    .text, 0x1000, 0x2014, 0x3000, 4.66, 556bb6533b1b5c33ef339ae765c87dc1
    .rdata, 0x4000, 0x95A, 0x1000, 3.43, 284adec0e6fb19a0f901ffd5d0bd29dd
    .data, 0x5000, 0x1D4, 0x1000, 0.94, 1643d9ce7b8032102d7615c0c0aeb4f4
    .sxdata, 0x6000, 0x4, 0x1000, 0.00, e0f6821e0906d569a9a3e873c22c4d70
    PAGECONS, 0x7000, 0x10, 0x1000, 0.05, b108dd9efebe4d7ac76987fad2d0aa36
    .rsrc, 0x8000, 0x3B0, 0x1000, 0.94, 50b0ea31a817cd4aa09b6cfd4b6a7afd
    
    [[ 7 import(s) ]]
    KERNEL32.dll: Sleep, IsBadReadPtr, HeapFree, CreateFileA, DuplicateHandle, GetCurrentThread, GetCurrentProcess, lstrcatA, HeapAlloc, GetProcessHeap, GetTickCount, lstrcmpiA, lstrcpyA, lstrlenA, WaitForSingleObject, Process32Next, Process32First, CreateToolhelp32Snapshot, WaitForMultipleObjects, CreateMutexA, GetWindowsDirectoryA, GetFullPathNameA, GetModuleFileNameA, GetVersionExA, GetExitCodeProcess, CreateProcessA, ResetEvent, SetEvent, CreateEventA, GetLastError, OpenProcess, CloseHandle, GetStartupInfoA
    msvcrt.dll: _controlfp, _except_handler3, __set_app_type, __p__fmode, __p__commode, _adjust_fdiv, exit, _initterm, _cexit, _XcptFilter, _exit, _c_exit, _beginthread, _endthread, __getmainargs, _acmdln, __setusermatherr
    SHLWAPI.dll: StrStrIA
    SETUPAPI.dll: SetupDiEnumDeviceInterfaces, SetupDiGetDeviceRegistryPropertyA, SetupDiGetClassDevsExA, SetupDiEnumDeviceInfo, SetupDiGetClassDevsA, SetupDiDestroyDeviceInfoList, SetupDiGetDeviceInterfaceDetailA, SetupDiOpenDevRegKey
    USER32.dll: PostQuitMessage, GetWindowLongA, DispatchMessageA, TranslateMessage, IsDialogMessageA, IsWindow, GetMessageA, CreateDialogParamA, BroadcastSystemMessageA, RegisterWindowMessageA, DestroyWindow, PostMessageA, SetWindowLongA
    ADVAPI32.dll: RegCloseKey, RegSetValueExA, RegDeleteValueA, RegOpenKeyExA, RegQueryValueExA
    ksproxy.ax: KsSynchronousDeviceControl
    
    VT Community
    
    0
    
        This file has never been reviewed by any VT Community member. Be the first one to comment on it! 
    
    VirusTotal Team


    und die Nr 6
    C:\Users\Slotracing Werk\AppData\Roaming\Adobe\Update\dxcli.exe

    Noch nen treffer!
    Code:
    File name:
    dxcli.exe
    Submission date:
    2010-09-04 22:56:13 (UTC)
    Current status:
    queued queued analysing finished
    Result:
    13/ 43 (30.2%)
    	
    VT Community
    
    not reviewed
     Safety score: - 
    Compact
    Print results
    Antivirus 	Version 	Last Update 	Result
    AhnLab-V3	2010.09.05.00	2010.09.04	Malware/Win32.Generic
    AntiVir	8.2.4.50	2010.09.03	TR/Spy.275968.5
    Antiy-AVL	2.0.3.7	2010.09.03	-
    Authentium	5.2.0.5	2010.09.04	-
    Avast	4.8.1351.0	2010.09.05	Win32:Malware-gen
    Avast5	5.0.594.0	2010.09.05	Win32:Malware-gen
    AVG	9.0.0.851	2010.09.05	SHeur3.AXYR
    BitDefender	7.2	2010.09.05	Gen:Trojan.Heur.RP.quW@a8yQNed
    CAT-QuickHeal	11.00	2010.09.03	-
    ClamAV	0.96.2.0-git	2010.09.04	-
    Comodo	5970	2010.09.04	-
    DrWeb	5.0.2.03300	2010.09.04	Trojan.Inject.9686
    Emsisoft	5.0.0.37	2010.09.04	Gen.Trojan!IK
    eSafe	7.0.17.0	2010.09.01	-
    eTrust-Vet	36.1.7835	2010.09.03	-
    F-Prot	4.6.1.107	2010.09.01	-
    F-Secure	9.0.15370.0	2010.09.04	Gen:Trojan.Heur.RP.quW@a8yQNed
    Fortinet	4.1.143.0	2010.09.04	-
    GData	21	2010.09.05	Gen:Trojan.Heur.RP.quW@a8yQNed
    Ikarus	T3.1.1.88.0	2010.09.04	Gen.Trojan
    Jiangmin	13.0.900	2010.09.04	-
    K7AntiVirus	9.63.2442	2010.09.04	-
    Kaspersky	7.0.0.125	2010.09.05	-
    McAfee	5.400.0.1158	2010.09.05	-
    McAfee-GW-Edition	2010.1B	2010.09.04	Heuristic.BehavesLike.Win32.Suspicious.A
    Microsoft	1.6103	2010.09.04	-
    NOD32	5423	2010.09.04	-
    Norman	6.05.11	2010.09.04	-
    nProtect	2010-09-04.01	2010.09.04	-
    Panda	10.0.2.7	2010.09.04	-
    PCTools	7.0.3.5	2010.09.04	-
    Prevx	3.0	2010.09.05	-
    Rising	22.63.05.01	2010.09.04	-
    Sophos	4.57.0	2010.09.04	-
    Sunbelt	6831	2010.09.04	Trojan.Win32.Generic!SB.0
    SUPERAntiSpyware	4.40.0.1006	2010.09.04	-
    Symantec	20101.1.1.7	2010.09.04	-
    TheHacker	6.5.2.1.364	2010.09.04	-
    TrendMicro	9.120.0.1004	2010.09.04	-
    TrendMicro-HouseCall	9.120.0.1004	2010.09.05	-
    VBA32	3.12.14.0	2010.09.03	-
    ViRobot	2010.8.31.4017	2010.09.04	-
    VirusBuster	12.64.17.1	2010.09.04	-
    Additional information
    Show all
    MD5   : ac3f4e6025b26d5099aea89e50ef7e18
    SHA1  : 7853fd8d2c67ce131fdc4ccc0d0c21e3eabfeb3c
    SHA256: fc33752ea878bb80a05ddb2297bd7487b55600d2e09819a79dc014eaec46f6fb
    ssdeep: 6144:+i+d4cf5I95Gt+FqQJ/uwBdUGsm1PXKB:2o5Gt9wdPS
    File size : 275968 bytes
    First seen: 2010-09-03 08:51:17
    Last seen : 2010-09-04 22:56:13
    TrID:
    Win32 Executable MS Visual C++ (generic) (65.2%)
    Win32 Executable Generic (14.7%)
    Win32 Dynamic Link Library (generic) (13.1%)
    Generic Win/DOS Executable (3.4%)
    DOS Executable Generic (3.4%)
    sigcheck:
    publisher....: n/a
    copyright....: n/a
    product......: n/a
    description..: n/a
    original name: n/a
    internal name: n/a
    file version.: n/a
    comments.....: n/a
    signers......: -
    signing date.: -
    verified.....: Unsigned
    PEInfo: PE structure information
    
    [[ basic data ]]
    entrypointaddress: 0x3137
    timedatestamp....: 0x4C80AADC (Fri Sep 03 07:59:24 2010)
    machinetype......: 0x14c (I386)
    
    [[ 5 section(s) ]]
    name, viradd, virsiz, rawdsiz, ntropy, md5
    .text, 0x1000, 0x9518, 0x9600, 6.59, 60e99422637ab6a988018355517b5b95
    .rdata, 0xB000, 0x2884, 0x2A00, 5.22, ca95ea1dc112007024708111b461d135
    .data, 0xE000, 0x364BC, 0x35800, 7.98, fed2cfa82d5bb046e77cc9429ebe3c04
    .rsrc, 0x45000, 0x10, 0x200, 0.00, bf619eac0cdf3f68d496ea9344137e8b
    .reloc, 0x46000, 0x174A, 0x1800, 3.78, 651968f629a334045e3574eedc48afab
    
    [[ 1 import(s) ]]
    KERNEL32.dll: lstrlenA, GetProcAddress, GetModuleHandleA, GetCommandLineA, GetStartupInfoA, RaiseException, RtlUnwind, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, HeapAlloc, GetLastError, HeapFree, GetModuleHandleW, Sleep, ExitProcess, WriteFile, GetStdHandle, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, SetHandleCount, GetFileType, DeleteCriticalSection, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, InterlockedIncrement, SetLastError, GetCurrentThreadId, InterlockedDecrement, HeapCreate, VirtualFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, LeaveCriticalSection, EnterCriticalSection, VirtualAlloc, HeapReAlloc, HeapSize, LoadLibraryA, InitializeCriticalSectionAndSpinCount, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, GetLocaleInfoA, LCMapStringA, MultiByteToWideChar, LCMapStringW, GetStringTypeA, GetStringTypeW
    Symantec reputation:Suspicious.Insight
    
    VT Community
    
    0
    
        This file has never been reviewed by any VT Community member. Be the first one to comment on it! 
    
    VirusTotal Team
    So nun mache ich mich noch mal an den Kaspersky VRT

  10. #10
    Forenbenutzer
    Registriert seit
    04.09.2010
    Beiträge
    46

    AW: FF und TB(keine Rückmeldung)-Windows fährt nach einer Minute runter,etc.

    Der Kaspersky wie erwartet,)))

    Code:
    File name:
    setup_9.0.0.722_01.09.2010_10-16.exe
    Submission date:
    2010-09-04 23:01:29 (UTC)
    Current status:
    queued (#12) queued (#12) analysing finished
    Result:
    0/ 43 (0.0%)
    	
    VT Community
    
    not reviewed
     Safety score: - 
    Compact
    Print results
    Antivirus 	Version 	Last Update 	Result
    AhnLab-V3	2010.09.05.00	2010.09.04	-
    AntiVir	8.2.4.50	2010.09.03	-
    Antiy-AVL	2.0.3.7	2010.09.03	-
    Authentium	5.2.0.5	2010.09.04	-
    Avast	4.8.1351.0	2010.09.05	-
    Avast5	5.0.594.0	2010.09.05	-
    AVG	9.0.0.851	2010.09.05	-
    BitDefender	7.2	2010.09.05	-
    CAT-QuickHeal	11.00	2010.09.03	-
    ClamAV	0.96.2.0-git	2010.09.04	-
    Comodo	5970	2010.09.04	-
    DrWeb	5.0.2.03300	2010.09.05	-
    Emsisoft	5.0.0.37	2010.09.04	-
    eSafe	7.0.17.0	2010.09.01	-
    eTrust-Vet	36.1.7835	2010.09.03	-
    F-Prot	4.6.1.107	2010.09.01	-
    F-Secure	9.0.15370.0	2010.09.04	-
    Fortinet	4.1.143.0	2010.09.04	-
    GData	21	2010.09.05	-
    Ikarus	T3.1.1.88.0	2010.09.04	-
    Jiangmin	13.0.900	2010.09.04	-
    K7AntiVirus	9.63.2442	2010.09.04	-
    Kaspersky	7.0.0.125	2010.09.05	-
    McAfee	5.400.0.1158	2010.09.05	-
    McAfee-GW-Edition	2010.1B	2010.09.04	-
    Microsoft	1.6103	2010.09.04	-
    NOD32	5423	2010.09.04	-
    Norman	6.05.11	2010.09.04	-
    nProtect	2010-09-04.01	2010.09.04	-
    Panda	10.0.2.7	2010.09.04	-
    PCTools	7.0.3.5	2010.09.04	-
    Prevx	3.0	2010.09.05	-
    Rising	22.63.05.01	2010.09.04	-
    Sophos	4.57.0	2010.09.04	-
    Sunbelt	6831	2010.09.04	-
    SUPERAntiSpyware	4.40.0.1006	2010.09.04	-
    Symantec	20101.1.1.7	2010.09.04	-
    TheHacker	6.5.2.1.364	2010.09.04	-
    TrendMicro	9.120.0.1004	2010.09.04	-
    TrendMicro-HouseCall	9.120.0.1004	2010.09.05	-
    VBA32	3.12.14.0	2010.09.03	-
    ViRobot	2010.8.31.4017	2010.09.04	-
    VirusBuster	12.64.17.1	2010.09.04	-
    Additional information
    Show all
    MD5   : bf315ab8a18b2e52e50f0a4b02c58e93
    SHA1  : 0760636598dd17ce7975a37a613e492cb9b2bf9e
    SHA256: c6edbc00b4fc901766fccaa06a300352dc5ab806b5c721a1f0b36190faca1aa5
    ssdeep: 6144:uGX6OGj1TUXU3BGu/yln2tXsTkHZuVfApCFEDXbB8TZs6OS3e:9X6NTUX0bMovZui4FEDX
    7ae
    File size : 330256 bytes
    First seen: 2009-11-26 15:41:39
    Last seen : 2010-09-04 23:01:29
    TrID:
    Win32 Executable MS Visual C++ (generic) (65.2%)
    Win32 Executable Generic (14.7%)
    Win32 Dynamic Link Library (generic) (13.1%)
    Generic Win/DOS Executable (3.4%)
    DOS Executable Generic (3.4%)
    sigcheck:
    publisher....: Kaspersky Lab
    copyright....: Copyright (c) Kaspersky Lab 1997-2009.
    product......: Kaspersky Anti-Virus
    description..: Kaspersky Virus Removal Tool
    original name: AVP.EXE
    internal name: AVP
    file version.: 9.0.0.722
    comments.....: n/a
    signers......: Kaspersky Lab
    VeriSign Class 3 Code Signing 2004 CA
    Class 3 Public Primary Certification Authority
    signing date.: 12:55 PM 10/1/2009
    verified.....: -
    PEInfo: PE structure information
    
    [[ basic data ]]
    entrypointaddress: 0x31E90
    timedatestamp....: 0x4AC4890E (Thu Oct 01 10:48:46 2009)
    machinetype......: 0x14c (I386)
    
    [[ 5 section(s) ]]
    name, viradd, virsiz, rawdsiz, ntropy, md5
    .text, 0x1000, 0x352E5, 0x36000, 6.41, e19d3580f5f0735dbee22d9e64177f46
    .rdata, 0x37000, 0xDFC0, 0xE000, 5.23, ba8fced861e5c43ffc7a9a714f3c8d9c
    .data, 0x45000, 0x2050, 0x2000, 3.26, 4e9bd82db2c06d81d2c767ed9230f00b
    .rsrc, 0x48000, 0x33BC, 0x4000, 4.28, dd68f80a9a7f08a2c6403f1c742b4a79
    .reloc, 0x4C000, 0x3E74, 0x4000, 6.29, 5b6b3015209a31cc70f3028e1109d38d
    
    [[ 10 import(s) ]]
    memmng.dll: _InitMemMng@@YAHXZ
    prremote.dll: PRRegisterObject, PRCreateProcess, PRStopServer, PRIsValidProxy, PRInitialize, PRCloseProcessRequest, PRDeinitialize, PRUnregisterObject, PRGetObjectProxy, PRReleaseObjectProxy
    fssync.dll: FSSync_ScreeSet, FSSync_Init, FSSync_DR, FSSync_DUR, FSSync_DACL, FSSync_ScreeState, FSSync_ScreeStateEx, FSSync_ScreeStateEx2, FSSync_Done, FSSync_SetCheck, FSSync_ScreeActive, FSSync_Remove, FSSync_ScreeNotify
    KERNEL32.dll: GetCurrentProcessId, GetCurrentThreadId, CompareFileTime, GetLastError, GetDiskFreeSpaceExA, UnmapViewOfFile, WaitForMultipleObjects, CreateProcessA, MultiByteToWideChar, MapViewOfFile, DuplicateHandle, CreateEventA, CreateFileMappingA, GetFileAttributesA, GetModuleFileNameA, WideCharToMultiByte, SetEvent, DeleteFileA, FindClose, FindNextFileA, FindFirstFileA, ReleaseMutex, lstrcpynA, GetComputerNameA, lstrlenA, GetExitCodeProcess, GetDriveTypeA, GetCommandLineW, GetModuleHandleA, OutputDebugStringA, CreateMutexW, GetFileSize, GetModuleFileNameW, GetVersionExA, GetFileType, GetStdHandle, CreateMutexA, OpenMutexA, ExpandEnvironmentStringsW, GetPrivateProfileStringW, GetPrivateProfileIntW, FindFirstFileW, CreateProcessW, SetProcessAffinityMask, SetErrorMode, InitializeCriticalSection, DeleteCriticalSection, lstrcpyA, LeaveCriticalSection, EnterCriticalSection, SetProcessWorkingSetSize, FreeConsole, SetConsoleCtrlHandler, LoadLibraryW, lstrcatA, ExpandEnvironmentStringsA, GetTickCount, LocalFree, FormatMessageA, SetConsoleMode, GetConsoleMode, SetConsoleTitleA, AllocConsole, GetCurrentThread, SetConsoleCursorPosition, FillConsoleOutputAttribute, FillConsoleOutputCharacterA, GetConsoleScreenBufferInfo, GetFullPathNameA, GetTempFileNameA, CreateDirectoryA, GetTempPathA, lstrlenW, GetVersion, GetLocalTime, CreateSemaphoreA, ReleaseSemaphore, VirtualAlloc, VirtualFree, FileTimeToLocalFileTime, GetSystemTimeAsFileTime, SetUnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, CreateThread, WaitForSingleObject, GetExitCodeThread, CreateFileA, WriteFile, CloseHandle, FlushFileBuffers, LoadLibraryA, GetProcAddress, QueryPerformanceCounter, FreeLibrary, Sleep, HeapFree, GetProcessHeap, HeapAlloc, InterlockedExchange, InterlockedCompareExchange, GetStartupInfoA, UnhandledExceptionFilter, IsDebuggerPresent, OpenMutexW
    USER32.dll: wsprintfA, CharUpperBuffA, GetSystemMetrics, RegisterWindowMessageA, PostMessageA, ExitWindowsEx, DefWindowProcA, IsWindow, DispatchMessageA, TranslateMessage, GetMessageA, PeekMessageA, MsgWaitForMultipleObjects, DestroyWindow, CreateWindowExA, RegisterClassA
    ADVAPI32.dll: LookupAccountNameA, RegOpenKeyExW, SetFileSecurityA, RegQueryValueExA, RegOpenKeyExA, RegSetValueExA, RegNotifyChangeKeyValue, OpenThreadToken, RevertToSelf, SetThreadToken, InitializeAcl, AddAccessAllowedAce, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, SetSecurityDescriptorSacl, AllocateAndInitializeSid, FreeSid, StartServiceCtrlDispatcherA, RegisterServiceCtrlHandlerA, StartServiceA, ControlService, QueryServiceStatus, DeleteService, RegCloseKey, RegQueryValueExW, CopySid, GetLengthSid, IsValidSid, GetUserNameA, CloseServiceHandle, OpenServiceA, OpenSCManagerA, RegCreateKeyA, UnlockServiceDatabase, ChangeServiceConfigA, LockServiceDatabase, SetServiceStatus, RegDeleteValueA, RegSetValueExW, CreateServiceA, RegOpenKeyA
    SHELL32.dll: SHFileOperationA, ShellExecuteExA
    MSVCR80.dll: _except_handler4_common, _amsg_exit, _onexit, __getmainargs, _cexit, _exit, _XcptFilter, exit, _acmdln, _initterm, _initterm_e, _configthreadlocale, __setusermatherr, _adjust_fdiv, __p__commode, _decode_pointer, ___U@YAPAXI@Z, _controlfp_s, _invoke_watson, __type_info_dtor_internal_method@type_info@@QAEXXZ, _terminate@@YAXXZ, _crt_debugger_hook, __set_app_type, _lock, _encode_pointer, __dllonexit, memcpy, memmove, _set_invalid_parameter_handler, atoi, __0exception@std@@QAE@ABQBD@Z, _what@exception@std@@UBEPBDXZ, __1exception@std@@UAE@XZ, __3@YAXPAX@Z, __0exception@std@@QAE@XZ, __CxxFrameHandler3, _vsnprintf_s, sscanf_s, memset, sprintf_s, strcpy_s, _CxxThrowException, __0exception@std@@QAE@ABV01@@Z, _invalid_parameter_noinfo, __2@YAPAXI@Z, strrchr, wcsrchr, _mbsicmp, _mbsnbicmp, _time32, printf, _getch, sprintf, _wmakepath, _wsplitpath, vsprintf_s, _set_error_mode, malloc, free, __argc, __argv, _wcsicmp, _beginthreadex, setlocale, _mbslen, _unlock, ___V@YAXPAX@Z, setvbuf, _fdopen, _open_osfhandle, __iob_func, _ismbblead, _localtime32, fflush, fprintf, _vsnprintf, fclose, fgets, fopen, strerror, _errno, _snprintf, getchar, getc, _flushall, _itoa, sscanf, _splitpath, _mbsnbcat_s, _mbsnbcpy_s, _snprintf_s, strchr, _wtoi, _mbscmp, __p__fmode
    MSVCP80.dll: __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@ABV01@@Z, __0_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@PBD@Z, __4_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV01@ABV01@@Z, __Y_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV01@ABV01@@Z, __Y_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV01@PBD@Z, __Y_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAEAAV01@D@Z, __$_HDU_$char_traits@D@std@@V_$allocator@D@1@@std@@YA_AV_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@0@ABV10@PBD@Z, __1_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@XZ, __0_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@ABV01@@Z, __Y_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@PB_W@Z, __Y_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAEAAV01@_W@Z, __0_$basic_string@_WU_$char_traits@_W@std@@V_$allocator@_W@2@@std@@QAE@PB_W@Z, __1_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@QAE@XZ
    VERSION.dll: GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA
    
    VT Community
    
    0
    
        This file has never been reviewed by any VT Community member. Be the first one to comment on it! 
    
    VirusTotal Team

Seite 1 von 7 123 ... LetzteLetzte

Aktive Benutzer

Aktive Benutzer

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)

Ähnliche Themen

  1. Mein Logfile/ Computer fährt nach 60 sek runter
    Von Starkiller im Forum Archiv
    Antworten: 22
    Letzter Beitrag: 25.07.2008, 20:39
  2. Windows XP fährt von alleine runter!
    Von merkur06 im Forum Archiv
    Antworten: 1
    Letzter Beitrag: 20.07.2008, 22:57
  3. PC fährt nach 30 Sekunden runter
    Von Whizzey im Forum Archiv
    Antworten: 1
    Letzter Beitrag: 19.07.2008, 12:07
  4. windows fährt nicht richtig runter?
    Von Surfer im Forum Archiv
    Antworten: 2
    Letzter Beitrag: 01.06.2008, 23:33
  5. Antworten: 1
    Letzter Beitrag: 04.10.2005, 21:54

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •