| |
| |||||||
Log-Analyse und Auswertung: System Care Antivirus-OTL LogWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
30.05.2013, 16:56
| #1 |
| |  System Care Antivirus-OTL Log Hallo zusammen, bei mir hat der System Care Antivirus auch zugeschlagen. Hab erstmal direkt den OTL Scan drüberlaufen lassen. Hier das Ergebnis: Code:
ATTFilter OTL logfile created on: 5/30/2013 6:42:17 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: | Country: | Language: | Date Format:
1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 81.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149.05 Gb Total Space | 77.26 Gb Free Space | 51.83% Space Free | Partition Type: NTFS
Drive D: | 149.05 Gb Total Space | 148.17 Gb Free Space | 99.41% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto] -- -- (NetTcpPortSharingseclogon)
SRV - File not found [On_Demand] -- -- (de_serv)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2013/05/15 05:25:38 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/08 02:07:44 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013/04/08 10:36:14 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/03/29 04:12:11 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/03/29 04:11:57 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/03/27 10:17:42 | 000,185,688 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto] -- C:\Programme\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2012/12/02 10:14:18 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- C:\Programme\Gemeinsame Dateien\EPSON\EPW!3 SSRP\E_S50ST7.EXE -- (EPSON_EB_RPCV4_04) EPSON V5 Service4(04)
SRV - [2012/12/02 10:14:18 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- C:\Programme\Gemeinsame Dateien\EPSON\EPW!3 SSRP\E_S50RP7.EXE -- (EPSON_PM_RPCV4_04) EPSON V3 Service4(04)
SRV - [2011/10/24 16:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2011/07/20 00:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2008/05/01 20:42:06 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2006/12/19 13:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
SRV - [2006/10/26 09:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/09/21 06:33:22 | 000,249,954 | ---- | M] () [Auto] -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2005/09/21 06:33:22 | 000,114,784 | ---- | M] () [Auto] -- C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2005/09/21 06:33:02 | 000,061,440 | ---- | M] (Cyberlink) [Auto] -- C:\Program Files\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005/04/03 18:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/06/19 17:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | Auto] -- -- (Scutum50)
DRV - File not found [Kernel | On_Demand] -- -- (rt2870)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (NETFWDSL)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2013/03/29 04:12:13 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/03/29 04:12:13 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/03/29 04:12:13 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/02/24 06:39:42 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011/01/20 05:14:29 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011/01/20 05:14:29 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010/09/30 19:00:00 | 000,926,080 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fwlanusb4.sys -- (fwlanusb4)
DRV - [2010/09/30 19:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avmeject.sys -- (avmeject)
DRV - [2008/08/29 06:50:50 | 000,034,816 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\SSHDRV5C.sys -- (SSHDRV5C)
DRV - [2008/08/21 13:49:56 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2008/08/21 13:49:22 | 000,018,688 | ---- | M] (Motorola) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\motccgp.sys -- (motccgp)
DRV - [2008/05/16 06:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 06:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 06:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 06:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 06:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 06:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 06:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008/02/28 21:13:24 | 000,036,880 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2008/02/28 21:13:16 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007/10/10 12:41:50 | 000,042,112 | ---- | M] (Motorola Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\motodrv.sys -- (MotDev)
DRV - [2007/06/18 10:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007/04/04 07:43:38 | 000,098,952 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s716unic.sys -- (s716unic) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM)
DRV - [2007/04/04 07:43:36 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s716obex.sys -- (s716obex)
DRV - [2007/04/04 07:43:36 | 000,023,176 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s716nd5.sys -- (s716nd5) Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS)
DRV - [2007/04/04 07:43:34 | 000,108,552 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s716mdm.sys -- (s716mdm)
DRV - [2007/04/04 07:43:34 | 000,100,360 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s716mgmt.sys -- (s716mgmt) Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/04 07:43:32 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s716mdfl.sys -- (s716mdfl)
DRV - [2007/04/04 07:43:20 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s716bus.sys -- (s716bus) Sony Ericsson Device 716 driver (WDM)
DRV - [2007/02/16 10:58:33 | 000,271,360 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2007/02/16 10:58:33 | 000,018,048 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2007/02/15 20:57:04 | 000,034,760 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2006/11/02 01:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\winusb.sys -- (winusb)
DRV - [2005/09/05 05:25:03 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005/08/18 09:35:00 | 003,856,896 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/08/03 14:30:22 | 000,098,176 | ---- | M] (Micronas GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MicNgTun.sys -- (MicNgTun)
DRV - [2005/08/03 14:30:22 | 000,048,896 | ---- | M] (Micronas GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MicNgCap.sys -- (MicNgCap)
DRV - [2005/08/03 14:30:22 | 000,044,160 | ---- | M] (Micronas GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MicNgBas.sys -- (MicNgBas)
DRV - [2005/02/23 09:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/01/07 11:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - [2004/03/25 11:11:20 | 000,053,632 | ---- | M] (Siemens AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Gigusb.sys -- (Gigusb)
DRV - [2004/03/25 11:01:50 | 000,008,448 | ---- | M] (Siemens AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DectEnum.sys -- (DectEnum)
DRV - [2004/03/25 10:59:38 | 000,113,280 | ---- | M] (Siemens AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\siellif.sys -- (siellif)
DRV - [2004/03/24 14:21:30 | 000,024,288 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune)
DRV - [2004/03/24 12:35:12 | 000,334,944 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134)
DRV - [2003/08/28 02:44:22 | 000,249,910 | ---- | M] (SIEMENS AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hrcmpa.sys -- (HRCMPA) ISDN Wan driver (Ver. 1.20.0029)
DRV - [2003/08/19 11:46:10 | 000,053,552 | ---- | M] (SIEMENS AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\IUAPIWDM.sys -- (IUAPIWDM) ISDN USB Interface (Ver. 1.20.0029)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://de.search.yahoo.com/ [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Anne_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.gmx.net/br/ie8_startpage
IE - HKU\Anne_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Anne_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Anne_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\Anne_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\Anne_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gmx.de/
IE - HKU\Anne_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\Anne_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\Anne_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\Anne_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Anne_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\Gast_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/fsc/
IE - HKU\Gast_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Programme\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Programme\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2010/10/17 12:04:13 | 000,422,495 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14566 more lines...
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (GMX Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (GMX Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - File not found
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Anne_ON_C\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\Anne_ON_C\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\Anne_ON_C\..\Toolbar\WebBrowser: (GMX Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKU\Anne_ON_C\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - File not found
O3 - HKU\Anne_ON_C\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [{1290A33C-85F5-4164-A1BE-7DD299D4986A}] C:\Program Files\CyberLink\PowerBackup\PBKScheduler.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CloneCDTray] C:\Programme\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MyGarminAgent] C:\Programme\Garmin\myGarminAgent.exe ()
O4 - HKLM..\Run: [NBKeyScan] File not found
O4 - HKLM..\Run: [PCMService] C:\Program Files\CyberLink\PowerCinema\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [RegistryMonitor1] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] File not found
O4 - HKLM..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)
O4 - HKU\Anne_ON_C..\Run: [{1AB22013-1ACE-B43E-DA31-1DD362CD9026}] File not found
O4 - HKU\Anne_ON_C..\Run: [{27B0DC9C-E8E5-82F2-D107-284A10FF5909}] File not found
O4 - HKU\Anne_ON_C..\Run: [GarminExpressTrayApp] C:\Programme\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\Anne_ON_C..\Run: [IncrediMail] File not found
O4 - HKU\Anne_ON_C..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] File not found
O4 - HKU\Anne_ON_C..\Run: [Power2GoExpress] File not found
O4 - HKU\Anne_ON_C..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\Anne_ON_C..\Run: [updateMgr] File not found
O4 - HKU\Gast_ON_C..\Run: [Power2GoExpress] C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe (Cyberlink)
O4 - HKU\Anne_ON_C..\RunOnce: [4C6A4D2442D7F85C00004C6A00BFFE18] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\4C6A4D2442D7F85C00004C6A00BFFE18\4C6A4D2442D7F85C00004C6A00BFFE18.exe ()
O4 - HKU\Anne_ON_C..\RunOnce: [Shockwave Updater] File not found
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Anne_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\Gast_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab (Geräteerkennung)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} https://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1170798064640 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1361876548265 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 1.7.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 1.7.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 1.7.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} hxxp://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe (Virtools WebPlayer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\gmx {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll - C:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/09/23 12:22:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/05/30 10:54:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Anne\Startmenü\Programme\System Care Antivirus
[2013/05/30 03:46:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\4C6A4D2442D7F85C00004C6A00BFFE18
[2008/02/04 12:12:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Anne\usbsermptxp.sys
[2008/02/04 12:12:04 | 000,022,768 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Anne\usbsermpt.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/05/30 11:33:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/05/30 11:32:00 | 000,000,224 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2013/05/30 11:25:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/05/30 11:14:32 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/05/30 11:14:30 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/30 11:13:35 | 1610,141,696 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/30 11:02:01 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/30 10:53:57 | 000,000,355 | ---- | M] () -- C:\Dokumente und Einstellungen\Anne\Desktop\Kreissparkasse Grafschaft Bentheim zu Nordhorn - Privatekunden Homepage (2).url
[2013/05/29 15:53:59 | 000,000,412 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0D519067-02F1-4663-A406-155872697957}.job
[2013/05/19 06:18:09 | 000,000,826 | ---- | M] () -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk
[2013/05/19 04:05:09 | 001,629,855 | ---- | M] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2404341298-360915809-3850529198-1008-0.dat
[2013/05/19 04:04:49 | 000,298,690 | ---- | M] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2013/05/15 11:37:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Garmin
[2013/05/15 11:30:41 | 000,299,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/05/15 05:32:05 | 000,684,286 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013/05/15 05:32:05 | 000,639,626 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/05/15 05:32:05 | 000,159,638 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013/05/15 05:32:05 | 000,130,478 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/05/15 05:25:35 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/05/15 05:25:35 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/05/15 05:24:32 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/05/14 02:35:09 | 001,168,473 | ---- | M] () -- C:\Dokumente und Einstellungen\Anne\Desktop\b_scientific_programming_201201.pdf
[2013/05/07 00:27:17 | 006,015,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/05/14 02:35:09 | 001,168,473 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\Desktop\b_scientific_programming_201201.pdf
[2013/04/14 08:39:47 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/04/14 08:39:46 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/04/14 08:39:46 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/02/07 23:03:08 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/09/20 06:46:48 | 000,049,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\fwlanusb4.bin
[2012/02/15 03:37:47 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/11/20 15:19:15 | 000,062,192 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011/04/14 04:33:32 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/12/11 10:42:51 | 001,629,855 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2404341298-360915809-3850529198-1008-0.dat
[2010/12/01 08:30:47 | 000,298,690 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2010/07/12 10:18:58 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\setup_ldm.iss
[2010/06/24 04:08:12 | 002,722,937 | -HS- | C] () -- C:\WINDOWS\System32\3com_dmia.sys
[2010/06/11 02:09:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\adsldpcc.sys
[2010/05/28 09:43:20 | 000,000,976 | --S- | C] () -- C:\WINDOWS\System32\2391860477.dat
[2010/05/28 09:42:54 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\ovczpx.dat
[2010/05/28 09:42:32 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\avdrn.dat
[2010/04/27 10:12:03 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Gast\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008/09/18 10:45:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\odbcddp.ini
[2008/08/29 06:50:50 | 000,034,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV5C.sys
[2008/08/29 06:42:56 | 000,000,316 | ---- | C] () -- C:\WINDOWS\KLETT.INI
[2008/08/08 13:40:38 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2008/08/08 12:50:16 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008/08/08 12:40:45 | 000,001,024 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\.rnd
[2008/02/04 13:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2008/02/04 12:12:04 | 000,009,232 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\USB_MOT_BRIT.INF
[2008/02/04 12:12:04 | 000,006,947 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\USBMOT2000.INF
[2008/02/04 12:12:04 | 000,006,009 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\USBMOT2000XP.INF
[2008/02/04 12:12:04 | 000,005,877 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\USB_CMCS_2000.INF
[2008/02/04 12:12:04 | 000,005,813 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\USB_MOT_A1000.INF
[2008/01/15 04:35:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2008/01/13 05:48:47 | 000,000,125 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2007/11/24 09:52:04 | 000,350,208 | ---- | C] () -- C:\WINDOWS\System32\Rivet200.dll
[2007/08/31 08:50:42 | 000,002,182 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2007/08/22 10:36:18 | 000,000,253 | ---- | C] () -- C:\WINDOWS\tm.ini
[2007/04/24 12:24:13 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007/04/20 08:30:00 | 000,000,064 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\wklnhst.dat
[2007/04/04 10:49:58 | 000,103,024 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2007/03/11 08:12:06 | 000,000,015 | ---- | C] () -- C:\WINDOWS\WDZ3.ini
[2007/03/02 04:00:59 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/02/26 08:38:04 | 000,002,372 | ---- | C] () -- C:\WINDOWS\Loewe_4.ini
[2007/02/18 14:49:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2007/02/18 14:31:17 | 000,046,128 | ---- | C] () -- C:\WINDOWS\System32\DLLPRF32.DAT
[2007/02/16 10:58:33 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2007/02/16 10:58:33 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2007/02/06 12:06:35 | 000,000,071 | ---- | C] () -- C:\WINDOWS\pex.INI
[2007/02/05 14:29:05 | 000,000,039 | ---- | C] () -- C:\WINDOWS\System32\mscandc.ini
[2007/02/05 14:28:28 | 000,000,156 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2007/02/05 14:26:52 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsreged.sys
[2007/02/05 14:26:50 | 000,285,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsio.sys
[2007/02/05 12:28:21 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\TXTUSER.EXE
[2007/02/03 12:11:30 | 000,008,192 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/03 10:37:48 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\Anne\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006/11/28 04:42:24 | 000,042,195 | ---- | C] () -- C:\WINDOWS\System32\compare.dat
[2006/10/22 07:22:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/22 07:22:00 | 001,622,016 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/10/22 07:22:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/22 07:22:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/10/22 07:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/22 07:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/22 07:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/22 07:22:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/10/22 07:22:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/10/22 07:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/09/23 13:31:11 | 000,684,286 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2005/09/23 13:31:11 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2005/09/23 13:31:11 | 000,159,638 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2005/09/23 13:31:11 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2005/09/23 13:31:08 | 000,009,232 | ---- | C] () -- C:\WINDOWS\System32\advpackz.dat
[2005/09/23 13:31:08 | 000,009,232 | ---- | C] () -- C:\WINDOWS\System32\1033i.dat
[2005/09/23 13:31:06 | 000,639,626 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/09/23 13:31:06 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/09/23 13:31:06 | 000,130,478 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/09/23 13:31:06 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/09/23 13:31:06 | 000,004,643 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/09/23 13:31:06 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/09/23 13:31:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/09/23 13:31:04 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/09/23 13:31:03 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/09/23 13:31:03 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/09/23 13:31:01 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/09/23 13:30:59 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/09/23 13:17:48 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/09/23 13:16:45 | 000,004,429 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/09/23 13:16:06 | 000,299,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/09/23 13:06:19 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2005/09/23 13:05:31 | 000,002,881 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/09/23 13:02:22 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2005/09/23 13:00:43 | 000,001,208 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2005/09/23 12:51:06 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/09/23 12:46:17 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/09/23 12:25:15 | 000,000,778 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/09/23 12:24:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/09/23 12:21:17 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/09/23 12:20:25 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/02/20 11:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2013/03/15 03:38:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Garmin
[2012/05/13 11:08:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\AskToolbar
[2010/06/22 02:18:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Ceis
[2007/10/10 03:46:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Cornelsen
[2010/12/06 12:37:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011/04/14 09:46:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Efiren
[2011/11/16 14:55:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\EPSON
[2012/08/30 12:59:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\FRITZ!
[2013/03/15 03:38:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\GARMIN
[2010/05/20 11:02:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\GrabPro
[2010/06/11 01:21:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Hoixm
[2007/04/16 11:23:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\ICAClient
[2010/07/08 07:35:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Ihut
[2010/07/12 10:19:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Leadertech
[2010/10/12 09:49:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Loseu
[2007/02/18 14:18:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\MAGIX
[2010/05/20 11:02:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Orbit
[2008/09/18 10:35:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Phase6
[2010/07/01 07:58:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Poely
[2008/01/14 09:26:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\SlySoft
[2010/05/28 08:49:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Sony
[2010/05/28 08:45:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Sony Setup
[2012/11/21 10:22:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\TeamViewer
[2011/01/20 05:00:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Teleca
[2007/04/20 08:30:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Template
[2011/04/07 03:38:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Ucfya
[2007/02/06 12:06:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Ulead Systems
[2010/05/25 05:42:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\uTorrent
[2010/06/21 14:22:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Ycbiys
[2010/06/11 02:24:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Anne\Anwendungsdaten\Zyzeg
[2010/04/27 10:13:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Gast\Anwendungsdaten\Teleca
[2013/05/30 10:53:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\4C6A4D2442D7F85C00004C6A00BFFE18
[2011/04/21 03:34:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avanquest
[2008/01/13 11:38:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Brockhaus Multimedia
[2011/01/20 05:27:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2012/02/27 08:14:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DesktopIcons
[2008/01/14 09:21:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Elaborate Bytes
[2011/08/20 05:07:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON
[2013/05/15 11:37:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GARMIN
[2007/12/16 12:45:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Global Software Publishing
[2011/05/14 13:25:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2008/10/08 02:39:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IM
[2008/10/08 02:38:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IncrediMail
[2008/08/28 09:13:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Klett
[2013/05/19 05:01:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Package Cache
[2008/09/18 10:38:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Phase6
[2008/01/13 05:48:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft
[2007/06/08 07:04:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Terzio
[2011/08/20 05:05:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL
[2007/02/05 14:28:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2010/05/24 06:46:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2010/07/31 03:48:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/03/02 08:01:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/09 09:19:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2013/05/30 11:32:00 | 000,000,224 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
[2013/05/29 15:53:59 | 000,000,412 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{0D519067-02F1-4663-A406-155872697957}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 24 bytes -> C:\WINDOWS:61A4716179FC1793
< End of report >
Schonmal danke im Voraus  |
| Themen zu System Care Antivirus-OTL Log |
| adobe, antivirus, avira, avira searchfree toolbar, bho, bonjour, desktop, einstellungen, error, explorer, flash player, format, hdaudio.sys, helper, homepage, launch, log, logfile, object, opera, plug-in, realtek, registry, safer networking, scan, software, system, system care, usb, windows, windows xp |
Baum-Darstellung