Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Pc Reboot/ Pc reinigen Programme die das unterstützen.

Pc Reboot/ Pc reinigen Programme die das unterstützen.


Log-Analyse und Auswertung: Pc Reboot/ Pc reinigen Programme die das unterstützen.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 27.12.2011, 16:38   #3
timweger
 
Pc Reboot/ Pc reinigen Programme die das unterstützen. - Standard

Pc Reboot/ Pc reinigen Programme die das unterstützen.


Code:
ATTFilter
OTL logfile created on: 27.12.2011 16:24:27 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Weger\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,37 Gb Available Physical Memory | 59,35% Memory free
7,99 Gb Paging File | 6,40 Gb Available in Paging File | 80,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,94 Gb Total Space | 271,82 Gb Free Space | 59,88% Space Free | Partition Type: NTFS
Drive D: | 3,83 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: WEGER-PC | User Name: Weger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Weger\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft Limited)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Verbindungsassistent\WTGService.exe ()
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Dell V105\dldnmon.exe ()
PRC - C:\Program Files (x86)\Dell V105\dldnMsdMon.exe ()
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
PRC - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
PRC - C:\Windows\PLFSetI.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko8.dll ()
MOD - C:\Program Files (x86)\firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d76221993c2fdfb991b8c12ae50a30eb\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\0e245eb9c1067cabd5673fe832d28613\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4126e864e7da7ac7eb3e9db527c355d3\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e9ebeb7959f1c916ebf6fca8f7077d6c\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\95b9866ab6e4437ef5dc5855ebab4e33\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Dell V105\dldnmon.exe ()
MOD - C:\Program Files (x86)\Dell V105\dldnMsdMon.exe ()
MOD - C:\Program Files (x86)\Dell V105\dldnDRS.dll ()
MOD - C:\Program Files (x86)\Dell V105\dldnscw.dll ()
MOD - C:\Program Files (x86)\Dell V105\dldncaps.dll ()
MOD - C:\Program Files (x86)\Dell V105\dldnmonr.dll ()
MOD - C:\Program Files (x86)\Dell V105\App4R.Monitor.Core.dll ()
MOD - C:\Program Files (x86)\Dell V105\App4R.Monitor.Common.dll ()
MOD - C:\Program Files (x86)\Dell V105\app4r.devmons.mcmdevmon.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - C:\Program Files (x86)\Dell V105\dldncfg.dll ()
MOD - C:\Program Files (x86)\Dell V105\app4r.devmons.mcmdevmon.autoplayutil.dll ()
MOD - C:\Program Files (x86)\Dell V105\dldncnv4.dll ()
MOD - C:\Program Files (x86)\Dell V105\dldndatr.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (dldn_device) -- C:\Windows\SysNative\dldncoms.exe ( )
SRV:64bit: - (dldnCATSCustConnectService) -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\dldnserv.exe ()
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (WTGService) -- C:\Program Files (x86)\Verbindungsassistent\WTGService.exe ()
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe ()
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (dldn_device) -- C:\Windows\SysWow64\dldncoms.exe ( )
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (AgereModemAudio) -- C:\Programme\LSI SoftModem\agr64svc.exe (LSI Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (Lbd) -- C:\Windows\SysNative\drivers\Lbd.sys (Lavasoft AB)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (seehcri) -- C:\Windows\SysNative\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (dc3d) MS Hardware Device Detection Driver (HID) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corporation)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (NuidFltr) -- C:\Windows\SysNative\drivers\nuidfltr.sys (Microsoft Corporation)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (s1018mdm) -- C:\Windows\SysNative\drivers\s1018mdm.sys (MCCI Corporation)
DRV:64bit: - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\Windows\SysNative\drivers\s1018unic.sys (MCCI Corporation)
DRV:64bit: - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\drivers\s1018mgmt.sys (MCCI Corporation)
DRV:64bit: - (s1018obex) -- C:\Windows\SysNative\drivers\s1018obex.sys (MCCI Corporation)
DRV:64bit: - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\Windows\SysNative\drivers\s1018bus.sys (MCCI Corporation)
DRV:64bit: - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\Windows\SysNative\drivers\s1018nd5.sys (MCCI Corporation)
DRV:64bit: - (s1018mdfl) -- C:\Windows\SysNative\drivers\s1018mdfl.sys (MCCI Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys ()
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (hwdatacard) -- C:\Windows\SysWOW64\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7540&r=27361209i226l0338z1k5t48i1a07p
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7540&r=27361209i226l0338z1k5t48i1a07p
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7540&r=27361209i226l0338z1k5t48i1a07p
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7540&r=27361209i226l0338z1k5t48i1a07p
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7540&r=27361209i226l0338z1k5t48i1a07p
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.8
FF - prefs.js..extensions.enabledItems: {b677fa16-ac2f-410c-8ea5-3bc98ed515d3}:1.2
FF - prefs.js..extensions.enabledItems: quickstores@quickstores.de:1.0.0
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.1.2
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:21.1.10084.997
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.1.4&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Creative Software Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Weger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Users\Weger\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.13 15:29:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Users\Weger\components [2011.12.01 15:38:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Users\Weger\plugins [2011.12.01 15:38:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\firefox\components [2011.12.01 15:38:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Users\Weger\components [2011.12.01 15:38:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Users\Weger\plugins [2011.12.01 15:38:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Program Files\BullGuard Ltd\BullGuard\files32\backup\thunderbirdbkplugin
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\files32\antispam\tbspamfilter
 
[2010.01.03 20:15:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Weger\AppData\Roaming\mozilla\Extensions
[2011.12.21 20:17:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Weger\AppData\Roaming\mozilla\Firefox\Profiles\w49ejra8.default\extensions
[2011.12.20 23:03:40 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Weger\AppData\Roaming\mozilla\Firefox\Profiles\w49ejra8.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.12.07 13:33:40 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Weger\AppData\Roaming\mozilla\Firefox\Profiles\w49ejra8.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.11.18 16:36:24 | 000,000,000 | ---D | M] (kikin plugin (NO23 Edition)) -- C:\Users\Weger\AppData\Roaming\mozilla\Firefox\Profiles\w49ejra8.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
[2011.03.28 13:49:06 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Weger\AppData\Roaming\mozilla\Firefox\Profiles\w49ejra8.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.16 14:14:05 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Weger\AppData\Roaming\mozilla\Firefox\Profiles\w49ejra8.default\extensions\battlefieldplay4free@ea.com
[2011.04.16 17:44:11 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Weger\AppData\Roaming\mozilla\Firefox\Profiles\w49ejra8.default\extensions\engine@conduit.com
[2011.08.27 19:36:43 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Weger\AppData\Roaming\mozilla\Firefox\Profiles\w49ejra8.default\extensions\ffxtlbr@Facemoods.com
[2011.12.23 13:22:31 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-1.xml
[2010.10.26 19:33:55 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-10.xml
[2010.10.28 14:48:09 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-11.xml
[2010.10.28 18:19:49 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-12.xml
[2010.12.29 19:02:40 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-13.xml
[2011.03.24 16:33:06 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-14.xml
[2011.04.29 21:31:56 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-15.xml
[2011.07.04 17:38:33 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-16.xml
[2011.08.22 19:14:59 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-17.xml
[2011.09.04 19:57:01 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-18.xml
[2011.09.08 19:32:49 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-19.xml
[2010.09.16 16:01:39 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-2.xml
[2011.11.15 16:14:37 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-20.xml
[2010.06.24 18:12:35 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-3.xml
[2010.06.27 00:09:26 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-4.xml
[2010.07.23 18:55:40 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-5.xml
[2010.07.25 15:15:55 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-6.xml
[2010.07.25 17:20:46 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-7.xml
[2010.07.26 10:02:13 | 000,000,656 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-8.xml
[2010.09.17 18:56:31 | 000,000,950 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin-9.xml
[2011.12.19 11:34:42 | 000,000,168 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin.gif
[2011.12.19 11:34:42 | 000,000,618 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin.src
[2010.05.12 17:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\icqplugin.xml
[2011.02.21 16:19:03 | 000,002,306 | ---- | M] () -- C:\Users\Weger\AppData\Roaming\Mozilla\Firefox\Profiles\w49ejra8.default\searchplugins\wot-safe-search.xml
() (No name found) -- C:\USERS\WEGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W49EJRA8.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
() (No name found) -- C:\USERS\WEGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\W49EJRA8.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.08.27 21:40:06 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: facemoods (Enabled)
CHR - default_search_provider: search_url = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
CHR - default_search_provider: suggest_url = 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Users\Weger\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Users\Weger\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Weger\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Game Face Plugin (Enabled) = C:\Users\Weger\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll
CHR - plugin: Media Go Detector (Enabled) = c:\Program Files (x86)\Sony\Media Go\npmediago.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Users\Weger\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1289_0\
CHR - Extension: Facemoods = C:\Users\Weger\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.0_0\
 
O1 HOSTS File: ([2011.11.20 18:33:57 | 000,000,895 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.google-analytics.com
O1 - Hosts: 127.0.0.1 google-analytics.com
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll File not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7018.1622\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Adobe Reader) - {147FEC3F-6DE9-437C-8FC1-6B8A20AA0A72} - C:\Users\Weger\AppData\Roaming\AdobeReader\IE\AdobeReader.dll (Adobe Systems, Incorporated)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [dldnamon] C:\Program Files (x86)\Dell V105\dldnamon.exe ()
O4:64bit: - HKLM..\Run: [dldnmon.exe] C:\Program Files (x86)\Dell V105\dldnmon.exe ()
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [facemoods] C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKCU..\Run: [BrowserMask] C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26646856-B3C4-419D-802F-2A4B53A16519}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A156E0BA-F892-4F99-810C-33563A413E58}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.10.07 20:20:41 | 000,045,056 | R--- | M] () - D:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2007.01.25 10:51:25 | 000,000,172 | R--- | M] () - D:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{2a33bea3-b33c-11df-9951-eaff7e8b459b}\Shell - "" = AutoRun
O33 - MountPoints2\{2a33bea3-b33c-11df-9951-eaff7e8b459b}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{2a33bea6-b33c-11df-9951-eaff7e8b459b}\Shell - "" = AutoRun
O33 - MountPoints2\{2a33bea6-b33c-11df-9951-eaff7e8b459b}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{4005f895-f904-11de-9c4e-00262d5d983b}\Shell - "" = AutoRun
O33 - MountPoints2\{4005f895-f904-11de-9c4e-00262d5d983b}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{6a7d4e25-cc6d-11de-a0ff-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6a7d4e25-cc6d-11de-a0ff-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2006.10.07 20:20:41 | 000,045,056 | R--- | M] ()
O33 - MountPoints2\{79dcf412-683d-11e0-8918-b01bb1c15bb0}\Shell - "" = AutoRun
O33 - MountPoints2\{79dcf412-683d-11e0-8918-b01bb1c15bb0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{7bba653c-56b3-11df-a281-fe8fe956b99a}\Shell - "" = AutoRun
O33 - MountPoints2\{7bba653c-56b3-11df-a281-fe8fe956b99a}\Shell\AutoRun\command - "" = E:\Startme.exe
O33 - MountPoints2\{a829564b-a096-11df-930f-ed04c2e45ca5}\Shell - "" = AutoRun
O33 - MountPoints2\{a829564b-a096-11df-930f-ed04c2e45ca5}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a8295650-a096-11df-930f-ed04c2e45ca5}\Shell - "" = AutoRun
O33 - MountPoints2\{a8295650-a096-11df-930f-ed04c2e45ca5}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a8295679-a096-11df-930f-ed04c2e45ca5}\Shell - "" = AutoRun
O33 - MountPoints2\{a8295679-a096-11df-930f-ed04c2e45ca5}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a829567c-a096-11df-930f-ed04c2e45ca5}\Shell - "" = AutoRun
O33 - MountPoints2\{a829567c-a096-11df-930f-ed04c2e45ca5}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{af37c126-cfe4-11df-9d24-8b4ec05059a0}\Shell - "" = AutoRun
O33 - MountPoints2\{af37c126-cfe4-11df-9d24-8b4ec05059a0}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.27 16:20:15 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Weger\Desktop\OTL.exe
[2011.12.26 22:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2011.12.26 22:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012
[2011.12.24 18:11:04 | 000,000,000 | ---D | C] -- C:\Users\Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Atari
[2011.12.15 21:41:41 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011.12.15 21:41:11 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.12.15 21:41:10 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.15 21:41:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.15 21:41:08 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.12.15 21:41:08 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.12.15 21:41:08 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.15 21:41:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.15 21:41:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.12.15 21:41:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.12.15 21:41:06 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.15 21:41:06 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.15 21:41:06 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.12.15 21:41:06 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.12.15 21:41:04 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.12.15 21:41:04 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.12.15 21:40:48 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.15 21:40:47 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.12.09 19:55:34 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2011.12.08 16:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011.12.08 16:22:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011.12.01 15:38:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.12.01 15:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.12.01 15:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.12.01 15:33:55 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.12.01 15:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.12.01 15:33:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.12.01 15:30:13 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.12.01 15:30:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.11.30 19:04:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2011.11.30 13:57:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2011.11.30 13:57:24 | 000,558,592 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\ensppmon.dll
[2011.11.30 13:57:24 | 000,558,592 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\enppmon.dll
[2011.11.30 13:57:24 | 000,538,112 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\ensppui.dll
[2011.11.30 13:57:24 | 000,538,112 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\enppui.dll
[2011.11.30 13:57:24 | 000,250,880 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\enspres.dll
[2011.11.30 13:57:24 | 000,250,880 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\enpres.dll
[2011.11.30 13:54:49 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL
[2011.11.30 13:54:42 | 000,118,784 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMGBU.DLL
[2011.11.30 13:54:40 | 000,088,064 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBGBU.DLL
[2011.11.30 13:54:11 | 000,464,384 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esxw2ud.dll
[2011.11.30 13:54:11 | 000,128,392 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\SysNative\esdevapp.exe
[2011.11.30 13:54:11 | 000,017,408 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxcdev.dll
[2011.11.27 19:11:56 | 000,055,384 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011.11.27 19:07:52 | 000,069,376 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2011.11.27 19:07:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2011.11.27 19:07:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2011.11.27 19:07:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2011.11.27 19:06:55 | 000,000,000 | ---D | C] -- C:\Users\Weger\AppData\Roaming\Malwarebytes
[2011.11.27 19:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.27 19:06:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.11.27 19:06:36 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.11.27 19:06:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.10.07 13:29:19 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\dldninpa.dll
[2010.10.07 13:29:19 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\dldniesc.dll
[2010.10.07 13:29:17 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\dldnpmui.dll
[2010.10.07 13:29:13 | 000,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\dldnusb1.dll
[2010.10.07 13:29:12 | 001,105,920 | ---- | C] ( ) -- C:\Windows\SysWow64\dldnserv.dll
[2010.10.07 13:29:12 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\dldnprox.dll
[2010.10.07 13:29:11 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\dldnlmpm.dll
[2010.10.07 13:29:10 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\dldnhbn3.dll
[2010.10.07 13:29:10 | 000,320,168 | ---- | C] ( ) -- C:\Windows\SysWow64\dldnih.exe
[2010.10.07 13:29:09 | 000,594,600 | ---- | C] ( ) -- C:\Windows\SysWow64\dldncoms.exe
[2010.10.07 13:29:09 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\dldncomm.dll
[2010.10.07 13:29:08 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\dldncomc.dll
[2010.10.07 13:29:08 | 000,365,224 | ---- | C] ( ) -- C:\Windows\SysWow64\dldncfg.exe
[2009.08.22 10:01:18 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[2007.11.07 07:44:20 | 000,855,040 | ---- | C] (Microsoft Corporation) -- C:\Program Files\install.exe
[2007.11.07 07:44:20 | 000,096,272 | ---- | C] (Microsoft Corporation) -- C:\Program Files\install.res.1036.dll
[2007.11.07 07:44:20 | 000,095,248 | ---- | C] (Microsoft Corporation) -- C:\Program Files\install.res.3082.dll
[2007.11.07 07:44:20 | 000,095,248 | ---- | C] (Microsoft Corporation) -- C:\Program Files\install.res.1031.dll
[2007.11.07 07:44:20 | 000,094,224 | ---- | C] (Microsoft Corporation) -- C:\Program Files\install.res.1040.dll
[2007.11.07 07:44:20 | 000,090,128 | ---- | C] (Microsoft Corporation) -- C:\Program Files\install.res.1033.dll
[2007.11.07 07:44:20 | 000,080,400 | ---- | C] (Microsoft Corporation) -- C:\Program Files\install.res.1041.dll
[2007.11.07 07:44:20 | 000,078,864 | ---- | C] (Microsoft Corporation) -- C:\Program Files\install.res.1042.dll
[2007.11.07 07:44:20 | 000,075,280 | ---- | C] (Microsoft Corporation) -- C:\Program Files\install.res.1028.dll
[2007.11.07 07:44:20 | 000,074,768 | ---- | C] (Microsoft Corporation) -- C:\Program Files\install.res.2052.dll
[2007.08.13 16:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\Weger\AppData\Local\CDRip.dll
[2007.01.18 20:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\Weger\AppData\Local\No23 Recorder.exe
[2006.12.11 18:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\Weger\AppData\Local\basscd.dll
[2006.12.11 18:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\Weger\AppData\Local\bass.dll
[2006.12.01 23:37:14 | 000,904,704 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msdia80.dll
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.27 16:20:21 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Weger\Desktop\OTL.exe
[2011.12.27 16:06:01 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.27 16:06:00 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.27 16:04:05 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.27 15:59:47 | 000,000,437 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2011.12.27 15:55:49 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011.12.27 15:52:36 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011.12.27 15:52:31 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.27 15:51:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.27 15:51:04 | 3219,935,232 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.26 22:15:23 | 000,002,213 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2011.12.26 22:15:23 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2011.12.26 19:27:03 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2011.12.26 16:46:19 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.26 16:46:19 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.26 16:46:19 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.26 16:46:19 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.26 16:46:19 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.24 18:15:48 | 000,002,187 | ---- | M] () -- C:\Users\Weger\Desktop\Test Drive Unlimited starten.lnk
[2011.12.24 17:24:08 | 000,000,448 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Weger.job
[2011.12.21 19:09:49 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.12.21 19:09:49 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2011.12.17 14:03:45 | 000,525,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.16 12:41:22 | 000,002,344 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.12.14 12:23:40 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011.12.14 12:23:22 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011.12.14 12:23:22 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011.12.13 15:34:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.12.08 16:55:46 | 000,017,553 | ---- | M] () -- C:\Users\Weger\Documents\tim strauss 08.12.odt
[2011.12.01 15:38:21 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011.12.01 15:36:35 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2011.12.01 15:35:17 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.11.30 13:59:36 | 000,000,306 | ---- | M] () -- C:\Windows\setup.iss
[2011.11.30 13:54:12 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2011.11.27 19:11:56 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2011.11.27 19:07:54 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011.11.27 19:06:41 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.26 22:15:23 | 000,002,193 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2011.12.26 22:15:22 | 000,002,205 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2011.12.26 21:50:38 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011.12.24 18:15:48 | 000,002,187 | ---- | C] () -- C:\Users\Weger\Desktop\Test Drive Unlimited starten.lnk
[2011.12.08 16:55:44 | 000,017,553 | ---- | C] () -- C:\Users\Weger\Documents\tim strauss 08.12.odt
[2011.12.04 19:50:04 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.12.04 19:50:04 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011.12.01 15:38:21 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2011.12.01 15:35:17 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.11.30 13:59:13 | 000,000,306 | ---- | C] () -- C:\Windows\setup.iss
[2011.11.30 13:54:12 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2011.11.27 19:07:54 | 000,001,064 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011.11.27 19:06:41 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.18 16:36:22 | 000,000,112 | ---- | C] () -- C:\Windows\wininit.ini
[2011.10.12 17:02:30 | 000,000,000 | ---- | C] () -- C:\Users\Weger\AppData\Local\{4D1C7DF2-7865-4374-9EDB-A4AE97F94A3D}
[2011.08.03 20:49:23 | 000,000,000 | ---- | C] () -- C:\Users\Weger\AppData\Local\{E9C96EF5-5077-4DEC-AC84-6F43FE410A94}
[2011.06.04 20:55:27 | 000,215,256 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.05.16 14:39:55 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.05.16 14:39:44 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.10.07 13:29:19 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\DLDNinst.dll
[2010.10.07 13:29:19 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\dldncomx.dll
[2010.10.07 13:29:18 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\dldnjswr.dll
[2010.10.07 13:29:18 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\dldninsr.dll
[2010.10.07 13:29:18 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dldncur.dll
[2010.10.07 13:29:17 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\dldnutil.dll
[2010.10.07 13:29:16 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dldninsb.dll
[2010.10.07 13:29:16 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dldnins.dll
[2010.10.07 13:29:14 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dldncub.dll
[2010.10.07 13:29:14 | 000,077,824 | ---- | C] () -- C:\Windows\SysWow64\dldncu.dll
[2010.10.07 13:29:08 | 000,077,906 | ---- | C] () -- C:\Windows\SysWow64\DLDNcfg.dll
[2010.04.19 21:13:04 | 000,000,118 | ---- | C] () -- C:\Windows\Podcasts.INI
[2010.04.17 08:13:53 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2010.04.14 19:30:56 | 000,000,000 | ---- | C] () -- C:\Users\Weger\AppData\Roaming\wklnhst.dat
[2010.04.03 15:20:54 | 000,000,000 | ---- | C] () -- C:\Users\Weger\AppData\Roaming\FileOut.cns
[2010.04.03 15:20:54 | 000,000,000 | ---- | C] () -- C:\Users\Weger\AppData\Roaming\FileIn.cns
[2010.01.03 20:15:12 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.12.28 07:03:28 | 000,069,632 | R--- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2009.12.28 07:03:28 | 000,036,864 | R--- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2009.11.25 12:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.11.08 23:30:56 | 000,000,481 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.11.08 23:16:58 | 000,001,667 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2009.11.08 15:18:22 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini
[2009.11.08 14:56:06 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009.11.08 14:56:06 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2009.11.08 14:56:06 | 000,020,480 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe
[2009.11.08 14:56:06 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2009.08.22 07:01:04 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2009.08.22 07:01:04 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2009.08.22 07:01:02 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2009.08.22 07:01:02 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2009.08.22 07:01:02 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini
[2009.08.22 06:08:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.23 20:49:19 | 000,782,336 | ---- | C] () -- C:\Windows\SysWow64\dldndrs.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:59:36 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009.07.13 22:59:36 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.07.13 22:59:36 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009.07.13 22:59:35 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.05.14 14:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\dldncaps.dll
[2007.11.07 07:53:12 | 000,242,176 | ---- | C] () -- C:\Program Files\VC_RED.MSI
[2007.11.07 07:50:40 | 001,927,956 | ---- | C] () -- C:\Program Files\VC_RED.cab
[2007.11.07 07:00:40 | 000,005,686 | ---- | C] () -- C:\Program Files\vcredist.bmp
[2007.11.07 07:00:40 | 000,001,110 | ---- | C] () -- C:\Program Files\globdata.ini
[2007.11.07 07:00:40 | 000,000,843 | ---- | C] () -- C:\Program Files\install.ini
[2007.10.02 15:51:09 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\dldncnv4.dll
[2007.08.13 16:46:00 | 000,155,136 | ---- | C] () -- C:\Users\Weger\AppData\Local\lame_enc.dll
[2007.04.27 09:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2006.10.26 00:06:48 | 000,064,000 | ---- | C] () -- C:\Users\Weger\AppData\Local\vorbisenc.dll
[2006.10.26 00:06:48 | 000,019,456 | ---- | C] () -- C:\Users\Weger\AppData\Local\vorbisfile.dll
[2006.10.26 00:06:46 | 000,143,872 | ---- | C] () -- C:\Users\Weger\AppData\Local\vorbis.dll
[2006.10.26 00:06:36 | 000,015,872 | ---- | C] () -- C:\Users\Weger\AppData\Local\ogg.dll
[2005.08.23 21:34:06 | 000,029,184 | ---- | C] () -- C:\Users\Weger\AppData\Local\no23xwrapper.dll
[1997.06.14 12:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:1D32EC29
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >
__________________
 

Themen zu Pc Reboot/ Pc reinigen Programme die das unterstützen.
acer, acer aspire, aspire, jahre, langsam, lösch, löscht, nicht mehr, nötig, pc reinigen, pc sehr langsam, programm, programme, reboot, reinigen, sache, sachen, sehr langsam, suche, wichtig


« Entfernen von PDF Creator Toolbar und vill anderen schädlingen | Technisat BDA Treiber wird als Virus erkannt Trojann »


Ähnliche Themen: Pc Reboot/ Pc reinigen Programme die das unterstützen.


  1. Avira Fund TR/Bprotector.1752104 - PC reinigen
    Log-Analyse und Auswertung - 09.05.2015 (18)
  2. Laptop hat nach neu aufsetzen und reinigen den an aus bug
    Log-Analyse und Auswertung - 02.02.2015 (1)
  3. PC Richtig reinigen, eventuell Viren ?
    Plagegeister aller Art und deren Bekämpfung - 30.12.2013 (19)
  4. wsys control und qvo6.com löschen? browser reinigen?
    Plagegeister aller Art und deren Bekämpfung - 22.07.2013 (9)
  5. c't Bankix und c't Surfix unterstützen UEFI Secure Boot
    Nachrichten - 09.03.2013 (0)
  6. Cybercrime unit Belgien Verschlüsselungstrojaner: wie Computer vollständig reinigen?
    Plagegeister aller Art und deren Bekämpfung - 04.02.2013 (5)
  7. ich möchte meinen PC reinigen
    Plagegeister aller Art und deren Bekämpfung - 04.08.2012 (57)
  8. Computer reinigen nach Entfernen des BKA-Trojaners
    Log-Analyse und Auswertung - 16.06.2011 (23)
  9. komplettes Reinigen meines PC's ...
    Plagegeister aller Art und deren Bekämpfung - 11.02.2011 (6)
  10. Verschiedene Trojaner - wie systematisch reinigen
    Plagegeister aller Art und deren Bekämpfung - 04.03.2010 (15)
  11. Komprommitierte Wechseldatenträger reinigen
    Plagegeister aller Art und deren Bekämpfung - 23.10.2009 (8)
  12. Festplatte reinigen!!
    Alles rund um Windows - 12.08.2008 (9)
  13. Spywareflut überwältigt, brauche Hilfe beim reinigen!
    Log-Analyse und Auswertung - 21.05.2006 (2)
  14. Lüfter reinigen?
    Netzwerk und Hardware - 13.01.2005 (11)
  15. Wie lässt sich infizierte outlook.pst reinigen?
    Plagegeister aller Art und deren Bekämpfung - 30.11.2004 (2)
  16. Hilfe! Infizierte outlook.pst nicht zu reinigen
    Plagegeister aller Art und deren Bekämpfung - 30.11.2004 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Pc Reboot/ Pc reinigen Programme die das unterstützen. - Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 27.12.2011 16:24:27 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Weger\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Pc Reboot/ Pc reinigen Programme die das unterstützen....
Archiv
Du betrachtest: Pc Reboot/ Pc reinigen Programme die das unterstützen. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131