PUP.VShareRedir" Absturz bei Scan mit Malewarebyte

cosmicus · 01.06.2013, 22:39

Guten Abend in die Runde,
auch ich bin nun Opfer vom PUP.VShareRedir" geworden.
Ich hoffe jemand kann helfen.
Habe gestern mit einen Scan durchgeführt und die Schädlinge endeckt.
Log s.u.
Der Rechner war bei MS Outlook und Mozzila ziemlich langsam.
Beim 2. Scan heute mit Malewarebyte stürzt nun das System immer nach ca. 30 sek ab.

Da ich hier gelesen habe, das die Bereinigung nur mit fachkundigen Begleitung werden sollte, hoffe ich, dass sich nun jemand bereit erklärt zu helfen.

Dafür schon vorab vielen Dank.

Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.05.31.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Luxhaus :: NOTEBOOK-LORENS [Administrator]

Schutz: Aktiviert

31.05.2013 22:03:51
mbam-log-2013-05-31 (22-03-51).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 315401
Laufzeit: 32 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 7
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe (Security.Hijack) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Daten: ;áÃzÊ;XA³0öm»Áµ -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Daten: -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus · 02.06.2013, 00:37

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

cosmicus · 02.06.2013, 13:06

Hi, Danke für die schnelle Rückmeldung,
von avira finde ich keine Funde -nur das:

Code:

ATTFilter


Typ:	Datei
Quelle:	C:\Dokumente und Einstellungen\Luxhaus\Eigene Dateien\1RAPID\poucne izreke.exe
Status:	Infiziert
Quarantäne-Objekt:	5464ff35.qua
Wiederhergestellt:	NEIN
Zu Avira hochgeladen:	NEIN
Betriebssystem:	Windows XP/VISTA Workstation/Windows 7
Suchengine:	8.02.10.224
Virendefinitionsdatei:	7.11.54.164
Meldung:	TR/Rogue.8433992
Datum/Uhrzeit:	23.12.2012, 21:25


Typ:	Datei
Quelle:	C:\System Volume Information\_restore{02F74226-ADAD-4233-BA14-8748A46718E6}\RP1532\A0314486.exe
Status:	Infiziert
Quarantäne-Objekt:	55535624.qua
Wiederhergestellt:	NEIN
Zu Avira hochgeladen:	NEIN
Betriebssystem:	Windows XP/VISTA Workstation/Windows 7
Suchengine:	8.02.10.222
Virendefinitionsdatei:	7.11.54.74
Meldung:	TR/Rogue.8433992
Datum/Uhrzeit:	18.12.2012, 20:12


Typ:	Datei
Quelle:	C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Anwendungsdaten\GetBooks\GetBooks.exe
Status:	Infiziert
Quarantäne-Objekt:	5528b3d9.qua
Wiederhergestellt:	NEIN
Zu Avira hochgeladen:	NEIN
Betriebssystem:	Windows XP/VISTA Workstation/Windows 7
Suchengine:	8.02.10.222
Virendefinitionsdatei:	7.11.54.10
Meldung:	TR/Rogue.8433992
Datum/Uhrzeit:	16.12.2012, 20:47


Typ:	Datei
Quelle:	C:\Dokumente und Einstellungen\All Users\Dokumente\Downloads\handyspiele\handyspiele\Handy Pack XXL\Games\Java\Fieldstone.Technologies.36Sudoku.v1.60.S60.J2ME.Retail-SyMPDA\sym-0244.zip
Status:	Infiziert
Quarantäne-Objekt:	7ed8e7b8.qua
Wiederhergestellt:	NEIN
Zu Avira hochgeladen:	NEIN
Betriebssystem:	Windows XP/VISTA Workstation/Windows 7
Suchengine:	8.02.10.222
Virendefinitionsdatei:	7.11.53.210
Meldung:	EXP/Java.AI
Datum/Uhrzeit:	14.12.2012, 01:54


Typ:	Datei
Quelle:	C:\Dokumente und Einstellungen\All Users\Dokumente\Downloads\handyspiele\handyspiele\Handy Pack XXL\Games\Java\Fieldstone.Technologies.64Sudoku.v1.60.S60.J2ME.Retail-SyMPDA\sym-0245.zip
Status:	Infiziert
Quarantäne-Objekt:	18efa87a.qua
Wiederhergestellt:	NEIN
Zu Avira hochgeladen:	NEIN
Betriebssystem:	Windows XP/VISTA Workstation/Windows 7
Suchengine:	8.02.10.222
Virendefinitionsdatei:	7.11.53.210
Meldung:	EXP/Java.AI
Datum/Uhrzeit:	14.12.2012, 01:54


Typ:	Datei
Quelle:	C:\Dokumente und Einstellungen\All Users\Dokumente\Downloads\handyspiele\handyspiele\Handy Pack XXL\Games\Java\Fieldstone.Technologies.81Sudoku.v1.50.S60.J2ME.Retail-SyMPDA\sym-0150.zip
Status:	Infiziert
Quarantäne-Objekt:	4ab0f292.qua
Wiederhergestellt:	NEIN
Zu Avira hochgeladen:	NEIN
Betriebssystem:	Windows XP/VISTA Workstation/Windows 7
Suchengine:	8.02.10.222
Virendefinitionsdatei:	7.11.53.210
Meldung:	EXP/Java.AI
Datum/Uhrzeit:	14.12.2012, 01:54


Typ:	Datei
Quelle:	C:\Dokumente und Einstellungen\All Users\Dokumente\Downloads\handyspiele\handyspiele\Handy Pack XXL\Games\Java\Fieldstone.Technologies.81Sudoku.v1.60.S60.J2ME.Retail-SyMPDA\sym-0247.zip
Status:	Infiziert
Quarantäne-Objekt:	5227dd35.qua
Wiederhergestellt:	NEIN
Zu Avira hochgeladen:	NEIN
Betriebssystem:	Windows XP/VISTA Workstation/Windows 7
Suchengine:	8.02.10.222
Virendefinitionsdatei:	7.11.53.210
Meldung:	EXP/Java.AI
Datum/Uhrzeit:	14.12.2012, 01:54

das habe ich noch gefunden:

[CODE]
[CODE]Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4629

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

30.12.2012 19:16:27
mbam-log-2012-12-30 (19-16-27).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 171659
Laufzeit: 17 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\END (Trojan.FakeAlert) -> Quarantined and deleted successfully.
[CODE]Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4629

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

06.02.2012 15:28:18
mbam-log-2012-02-06 (15-28-18).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 161874
Laufzeit: 15 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Temp\0.23772505544316902.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
[CODE]Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4629

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

04.02.2012 21:46:43
mbam-log-2012-02-04 (21-46-43).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 162465
Laufzeit: 41 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
C:\Programme\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll (Adware.WidgiToolbar) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Programme\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll (Adware.WidgiToolbar) -> Delete on reboot.
C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Temp\0.8613628312684669.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Temp\0.8818351004034779.exe (Trojan.Dropper) -> Delete on reboot.
[CODE]Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4629

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

04.02.2012 21:46:43
mbam-log-2012-02-04 (21-46-43).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 162465
Laufzeit: 41 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
C:\Programme\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll (Adware.WidgiToolbar) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Programme\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll (Adware.WidgiToolbar) -> Delete on reboot.
C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Temp\0.8613628312684669.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Temp\0.8818351004034779.exe (Trojan.Dropper) -> Delete on reboot.

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4629

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

04.02.2012 21:46:43
mbam-log-2012-02-04 (21-46-43).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 162465
Laufzeit: 41 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
C:\Programme\YouTube Downloader Toolbar\IE\4.3\youtubedownloaderToolbarIE.dll (Adware.WidgiToolbar) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{f3fee66e-e034-436a-86e4-9690573bee8a} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

[CODE]Search results from Spybot - Search & Destroy

01.06.2013 17:38:13
Scan took 00:00:20.
1 items found.

Error: Service check: the Services.sbs file is missing. Please use the update to get a new copy!

Statcounter: Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)

--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

2013-05-16 blindman.exe (2.1.18.151)
2013-05-16 explorer.exe (2.1.18.177)
2013-05-16 SDBootCD.exe (2.1.18.109)
2013-05-16 SDCleaner.exe (2.1.18.110)
2013-05-16 SDDelFile.exe (2.1.18.94)
2013-05-16 SDFiles.exe (2.1.18.135)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2013-05-16 SDFSSvc.exe (2.1.18.208)
2013-05-16 SDHookHelper.exe (2.1.18.2)
2013-05-16 SDHookInst32.exe (2.1.18.2)
2013-05-16 SDImmunize.exe (2.1.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-05-16 SDOnAccess.exe (2.1.18.4)
2013-05-16 SDPESetup.exe (2.1.18.3)
2013-05-16 SDPEStart.exe (2.1.18.86)
2013-05-16 SDPhoneScan.exe (2.1.18.28)
2013-05-16 SDPRE.exe (2.1.18.22)
2013-05-16 SDPrepPos.exe (2.1.18.10)
2013-05-16 SDQuarantine.exe (2.1.18.103)
2013-05-16 SDRootAlyzer.exe (2.1.18.116)
2013-05-16 SDSBIEdit.exe (2.1.18.39)
2013-05-16 SDScan.exe (2.1.18.177)
2013-05-16 SDScript.exe (2.1.18.53)
2013-05-16 SDSettings.exe (2.1.18.136)
2013-05-16 SDShell.exe (2.1.18.2)
2013-05-16 SDShred.exe (2.1.18.107)
2013-05-16 SDSysRepair.exe (2.1.18.101)
2013-05-16 SDTools.exe (2.1.18.150)
2013-05-16 SDTray.exe (2.1.18.127)
2013-05-16 SDUpdate.exe (2.1.18.91)
2013-05-16 SDUpdSvc.exe (2.1.18.76)
2013-05-16 SDWelcome.exe (2.1.18.129)
2013-05-15 SDWSCSvc.exe (2.1.18.2)
2013-06-01 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
2013-05-16 SDHook32.dll (2.1.18.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2010-08-13 Includes\Cookies.sbi (*)

[CODE]Search results from Spybot - Search & Destroy

01.06.2013 17:38:13
Scan took 00:00:20.
1 items found.

Error: Service check: the Services.sbs file is missing. Please use the update to get a new copy!

Statcounter: Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)

--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

2013-05-16 blindman.exe (2.1.18.151)
2013-05-16 explorer.exe (2.1.18.177)
2013-05-16 SDBootCD.exe (2.1.18.109)
2013-05-16 SDCleaner.exe (2.1.18.110)
2013-05-16 SDDelFile.exe (2.1.18.94)
2013-05-16 SDFiles.exe (2.1.18.135)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2013-05-16 SDFSSvc.exe (2.1.18.208)
2013-05-16 SDHookHelper.exe (2.1.18.2)
2013-05-16 SDHookInst32.exe (2.1.18.2)
2013-05-16 SDImmunize.exe (2.1.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-05-16 SDOnAccess.exe (2.1.18.4)
2013-05-16 SDPESetup.exe (2.1.18.3)
2013-05-16 SDPEStart.exe (2.1.18.86)
2013-05-16 SDPhoneScan.exe (2.1.18.28)
2013-05-16 SDPRE.exe (2.1.18.22)
2013-05-16 SDPrepPos.exe (2.1.18.10)
2013-05-16 SDQuarantine.exe (2.1.18.103)
2013-05-16 SDRootAlyzer.exe (2.1.18.116)
2013-05-16 SDSBIEdit.exe (2.1.18.39)
2013-05-16 SDScan.exe (2.1.18.177)
2013-05-16 SDScript.exe (2.1.18.53)
2013-05-16 SDSettings.exe (2.1.18.136)
2013-05-16 SDShell.exe (2.1.18.2)
2013-05-16 SDShred.exe (2.1.18.107)
2013-05-16 SDSysRepair.exe (2.1.18.101)
2013-05-16 SDTools.exe (2.1.18.150)
2013-05-16 SDTray.exe (2.1.18.127)
2013-05-16 SDUpdate.exe (2.1.18.91)
2013-05-16 SDUpdSvc.exe (2.1.18.76)
2013-05-16 SDWelcome.exe (2.1.18.129)
2013-05-15 SDWSCSvc.exe (2.1.18.2)
2013-06-01 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
2013-05-16 SDHook32.dll (2.1.18.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2010-08-13 Includes\Cookies.sbi (*)

[CODE]Search results from Spybot - Search & Destroy

01.06.2013 17:38:13
Scan took 00:00:20.
1 items found.

Error: Service check: the Services.sbs file is missing. Please use the update to get a new copy!

Statcounter: Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)

--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

2013-05-16 blindman.exe (2.1.18.151)
2013-05-16 explorer.exe (2.1.18.177)
2013-05-16 SDBootCD.exe (2.1.18.109)
2013-05-16 SDCleaner.exe (2.1.18.110)
2013-05-16 SDDelFile.exe (2.1.18.94)
2013-05-16 SDFiles.exe (2.1.18.135)
2013-03-20 SDFileScanHelper.exe (2.1.16.1)
2013-05-16 SDFSSvc.exe (2.1.18.208)
2013-05-16 SDHookHelper.exe (2.1.18.2)
2013-05-16 SDHookInst32.exe (2.1.18.2)
2013-05-16 SDImmunize.exe (2.1.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-05-16 SDOnAccess.exe (2.1.18.4)
2013-05-16 SDPESetup.exe (2.1.18.3)
2013-05-16 SDPEStart.exe (2.1.18.86)
2013-05-16 SDPhoneScan.exe (2.1.18.28)
2013-05-16 SDPRE.exe (2.1.18.22)
2013-05-16 SDPrepPos.exe (2.1.18.10)
2013-05-16 SDQuarantine.exe (2.1.18.103)
2013-05-16 SDRootAlyzer.exe (2.1.18.116)
2013-05-16 SDSBIEdit.exe (2.1.18.39)
2013-05-16 SDScan.exe (2.1.18.177)
2013-05-16 SDScript.exe (2.1.18.53)
2013-05-16 SDSettings.exe (2.1.18.136)
2013-05-16 SDShell.exe (2.1.18.2)
2013-05-16 SDShred.exe (2.1.18.107)
2013-05-16 SDSysRepair.exe (2.1.18.101)
2013-05-16 SDTools.exe (2.1.18.150)
2013-05-16 SDTray.exe (2.1.18.127)
2013-05-16 SDUpdate.exe (2.1.18.91)
2013-05-16 SDUpdSvc.exe (2.1.18.76)
2013-05-16 SDWelcome.exe (2.1.18.129)
2013-05-15 SDWSCSvc.exe (2.1.18.2)
2013-06-01 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-05-16 SDFileScanLibrary.dll (2.1.18.12)
2013-05-16 SDHook32.dll (2.1.18.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2010-08-13 Includes\Cookies.sbi (*)

Code:

ATTFilter

Search results from Spybot - Search & Destroy

24.03.2013 21:56:49
Scan took 00:57:06.
35 items found.

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\s.ytimg.com\soundData.sol
  Properties.size=49
  Properties.md5=A0EA46CFB3941C1821293B2149ECAA7B
  Properties.filedate=1364115936
  Properties.filedatetext=2013-03-24 10:05:36

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\s.ytimg.com\videostats.sol
  Properties.size=275
  Properties.md5=D080086402E9A708FECFB81956738539
  Properties.filedate=1364115464
  Properties.filedatetext=2013-03-24 09:57:43

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\secureinclude.ebaystatic.com\ebayLSO.sol
  Properties.size=131
  Properties.md5=E040952C5FFA14A0C34B06DA1D1ED91B
  Properties.filedate=1363709466
  Properties.filedatetext=2013-03-19 17:11:05

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\secureinclude.ebaystatic.com\ebayT.sol
  Properties.size=39
  Properties.md5=B43F43445AA3414DDC22EC80FBB22871
  Properties.filedate=1363709466
  Properties.filedatetext=2013-03-19 17:11:05

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\staticloads.com\com.jeroenwijering.sol
  Properties.size=54
  Properties.md5=2A5BBE2DBDF5BBB0D72D399868E43109
  Properties.filedate=1363740526
  Properties.filedatetext=2013-03-20 01:48:46

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\www.baur.de\REGISTRY.sol
  Properties.size=42
  Properties.md5=F10611AA2C3676CBFB75469623E46626
  Properties.filedate=1364074814
  Properties.filedatetext=2013-03-23 22:40:13

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\www.baur.de\sol.sol
  Properties.size=342
  Properties.md5=0070C470AD181E7C3B127EA93C89167A
  Properties.filedate=1364107033
  Properties.filedatetext=2013-03-24 07:37:12

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\www.paypalobjects.com\ppLsoTest.sol
  Properties.size=48
  Properties.md5=74EE4375686A2069414EEF13E7B62789
  Properties.filedate=1363712539
  Properties.filedatetext=2013-03-19 18:02:18

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\www.xatech.com\chat.sol
  Properties.size=88
  Properties.md5=A464942AF96F080B4DFA9704CA94125A
  Properties.filedate=1363983362
  Properties.filedatetext=2013-03-22 21:16:02

Statcounter: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Luxhaus) (Browser: Cookie, nothing done)
  

WebTrends live: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

Common Dialogs: [SBI $8E73A7FB] History  (20 files) (Registry Key, nothing done)
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Log: [SBI $8E73A7FB]  Activity: SchedLgU.Txt (File, nothing done)
  C:\WINDOWS\SchedLgU.Txt
  Properties.size=1474
  Properties.md5=57ACF7A4FC1C8FBF39AA1C50B1A288C7
  Properties.filedate=1364152886
  Properties.filedatetext=2013-03-24 20:21:25

Log: [SBI $8E73A7FB]  Install: setupapi.log (File, nothing done)
  C:\WINDOWS\setupapi.log
  Properties.size=1112
  Properties.md5=DBD7ECFC8480FF3E8EAA91B57215CF07
  Properties.filedate=1363982991
  Properties.filedatetext=2013-03-22 21:09:50

Log: [SBI $8E73A7FB]  Shutdown: System32\wbem\logs\wbemcore.log (File, nothing done)
  C:\WINDOWS\System32\wbem\logs\wbemcore.log
  Properties.size=55414
  Properties.md5=C1CA93C2EC7C43F2082A5152199560D7
  Properties.filedate=1364158029
  Properties.filedatetext=2013-03-24 21:47:08

Log: [SBI $8E73A7FB]  Shutdown: System32\wbem\logs\wbemess.log (File, nothing done)
  C:\WINDOWS\System32\wbem\logs\wbemess.log
  Properties.size=31714
  Properties.md5=D8DAEC02FADCA60266DF04A78480E063
  Properties.filedate=1364158044
  Properties.filedatetext=2013-03-24 21:47:24

Log: [SBI $8E73A7FB]  Shutdown: System32\wbem\logs\wbemprox.log (File, nothing done)
  C:\WINDOWS\System32\wbem\logs\wbemprox.log
  Properties.size=2403
  Properties.md5=79C6CB9B854506E68DE7C6F58F452AD9
  Properties.filedate=1364156554
  Properties.filedatetext=2013-03-24 21:22:33

Log: [SBI $8E73A7FB]  Shutdown: System32\wbem\logs\wmiprov.log (File, nothing done)
  C:\WINDOWS\System32\wbem\logs\wmiprov.log
  Properties.size=829
  Properties.md5=76BA68E90E0856CB160CD129374F46FE
  Properties.filedate=1364153245
  Properties.filedatetext=2013-03-24 20:27:24

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS Office 11.0 (Word): [SBI $15AC27CE] Recent file list (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\Word\Data\Settings

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $B7EBA926] Last visited history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Cookie: [SBI $49804B54] Browser: Cookie (5) (Browser: Cookie, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (9) (Browser: Cache, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (69) (Browser: History, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (19) (Browser: Cookie, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (29) (Browser: Cache, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (4) (Browser: History, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (13) (Browser: Cache, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (1) (Browser: History, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (552) (Browser: Cookie, nothing done)
  


--- Spybot - Search & Destroy version: 2.0.12.131  DLL (build: 20121113) ---

2012-11-13 blindman.exe (2.0.12.151)
2012-11-13 explorer.exe (2.0.12.173)
2012-11-13 SDBootCD.exe (2.0.12.109)
2012-11-13 SDCleaner.exe (2.0.12.110)
2012-11-13 SDDelFile.exe (2.0.12.94)
2012-11-13 SDFiles.exe (2.0.12.135)
2012-11-13 SDFileScanHelper.exe (2.0.12.1)
2012-11-13 SDFSSvc.exe (2.0.12.205)
2012-11-13 SDImmunize.exe (2.0.12.130)
2012-11-13 SDLogReport.exe (2.0.12.107)
2012-11-13 SDPESetup.exe (2.0.12.3)
2012-11-13 SDPEStart.exe (2.0.12.86)
2012-11-13 SDPhoneScan.exe (2.0.12.27)
2012-11-13 SDPRE.exe (2.0.12.13)
2012-11-13 SDPrepPos.exe (2.0.12.10)
2012-11-13 SDQuarantine.exe (2.0.12.103)
2012-11-13 SDRootAlyzer.exe (2.0.12.116)
2012-11-13 SDSBIEdit.exe (2.0.12.39)
2012-11-13 SDScan.exe (2.0.12.173)
2012-11-13 SDScript.exe (2.0.12.53)
2012-11-13 SDSettings.exe (2.0.12.130)
2012-11-13 SDShred.exe (2.0.12.105)
2012-11-13 SDSysRepair.exe (2.0.12.101)
2012-11-13 SDTools.exe (2.0.12.150)
2012-11-13 SDTray.exe (2.0.12.127)
2012-11-13 SDUpdate.exe (2.0.12.89)
2012-11-13 SDUpdSvc.exe (2.0.12.76)
2012-11-13 SDWelcome.exe (2.0.12.126)
2012-11-13 SDWSCSvc.exe (2.0.12.2)
2013-03-18 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.
	Code: 

 ATTFilter

  
	exe
         
 2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98)
2012-11-13 SDECon32.dll (2.0.12.113)
2012-11-13 SDEvents.dll (2.0.12.2)
2012-11-13 SDFileScanLibrary.dll (2.0.12.9)
2012-11-13 SDHelper.dll (2.0.12.88)
2012-11-13 SDImmunizeLibrary.dll (2.0.12.2)
2012-11-13 SDLists.dll (2.0.12.4)
2012-11-13 SDResources.dll (2.0.12.7)
2012-11-13 SDScanLibrary.dll (2.0.12.131)
2012-11-13 SDTasks.dll (2.0.12.15)
2012-11-13 SDWinLogon.dll (2.0.12.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2012-11-13 Tools.dll (2.0.12.36)
2012-11-13 UninsSrv.dll (2.0.12.52)
2012-11-14 Includes\Adware.sbi (*)
2012-11-14 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2012-11-14 Includes\KeyloggersC.sbi (*)
2012-11-14 Includes\Malware.sbi (*)
2012-11-14 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2012-11-14 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2012-11-14 Includes\Spyware.sbi (*)
2012-11-14 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2005-02-17 Includes\Tracks.uti (*)
2012-11-14 Includes\Trojans.sbi (*)
2012-11-14 Includes\TrojansC-02.sbi (*)
2012-11-14 Includes\TrojansC-03.sbi (*)
2012-11-14 Includes\TrojansC-04.sbi (*)
2012-11-14 Includes\TrojansC-05.sbi (*)
2012-11-14 Includes\TrojansC.sbi (*)

Search results from Spybot - Search & Destroy

18.03.2013 23:29:08
Scan took 00:54:51.
162 items found.

Babylon.Toolbar: [SBI $38C57020] Library (File, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll
Properties.size=323584
Properties.md5=5F933C75510CE7064600770488159453
Properties.filedate=1289121712
Properties.filedatetext=2010-11-07 10:21:52

Babylon.Toolbar: [SBI $554A5FF0] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylnApp.appCore

Babylon.Toolbar: [SBI $554A5FF0] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylnApp.appCore.1

Babylon.Toolbar: [SBI $554A5FF0] Class ID (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}

Babylon.Toolbar: [SBI $5CBA2194] Library (File, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
Properties.size=184760
Properties.md5=CF158FAC1864EE97BFE3221285FEC23A
Properties.filedate=1289137528
Properties.filedatetext=2010-11-07 14:45:28

Babylon.Toolbar: [SBI $86348D5E] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd

Babylon.Toolbar: [SBI $86348D5E] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd.1

Babylon.Toolbar: [SBI $86348D5E] Class ID (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}

Babylon.Toolbar: [SBI $B04483F7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Babylon.Toolbar: [SBI $B04483F7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Babylon.Toolbar: [SBI $B04483F7] Class ID (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}

Babylon.Toolbar: [SBI $5601E539] Library (File, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll
Properties.size=421888
Properties.md5=CE5D74D6AC19E94164DE0506D46B8AE8
Properties.filedate=1289121708
Properties.filedatetext=2010-11-07 10:21:48

Babylon.Toolbar: [SBI $7A3F9AD7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.xtrnl

Babylon.Toolbar: [SBI $7A3F9AD7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.xtrnl.1

Babylon.Toolbar: [SBI $7A3F9AD7] Class ID (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}

Babylon.Toolbar: [SBI $360EE791] Library (File, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
Properties.size=225720
Properties.md5=91BCFFE9095DFE033125ADD31EE7FFC1
Properties.filedate=1289137526
Properties.filedatetext=2010-11-07 14:45:26

Babylon.Toolbar: [SBI $52C6ABB7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc

Babylon.Toolbar: [SBI $52C6ABB7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc.1

Babylon.Toolbar: [SBI $52C6ABB7] Class ID (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}

Babylon.Toolbar: [SBI $4E46F835] Program directory (Directory, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\BabylonToolbar\

Babylon.Toolbar: [SBI $1AA9620D] Program directory (Directory, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\BabylonToolbar\BabylonToolbar\

Babylon.Toolbar: [SBI $C2E2DFDF] Program directory (Directory, nothing done)
C:\Programme\BabylonToolbar\
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx
Directory.subfile.size=93502
Directory.subfile.md5=AA02A79239A33EEF3B2DE2D2D33BC84E
Directory.subfile.filedate=1293535580
Directory.subfile.filedatetext=2010-12-28 12:26:20
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll
Directory.subfile.size=323584
Directory.subfile.md5=5F933C75510CE7064600770488159453
Directory.subfile.filedate=1289121712
Directory.subfile.filedatetext=2010-11-07 10:21:52
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll
Directory.subfile.size=421888
Directory.subfile.md5=CE5D74D6AC19E94164DE0506D46B8AE8
Directory.subfile.filedate=1289121708
Directory.subfile.filedatetext=2010-11-07 10:21:48
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
Directory.subfile.size=286720
Directory.subfile.md5=000A83380536DF86EFE77D020D812F96
Directory.subfile.filedate=1289121720
Directory.subfile.filedatetext=2010-11-07 10:22:00
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
Directory.subfile.size=184760
Directory.subfile.md5=CF158FAC1864EE97BFE3221285FEC23A
Directory.subfile.filedate=1289137528
Directory.subfile.filedatetext=2010-11-07 14:45:28
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe
Directory.subfile.size=94413
Directory.subfile.md5=2054AB2A45B1CF380D02D070D6DFE379
Directory.subfile.filedate=1308499538
Directory.subfile.filedatetext=2011-06-19 17:05:38
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
Directory.subfile.size=225720
Directory.subfile.md5=91BCFFE9095DFE033125ADD31EE7FFC1
Directory.subfile.filedate=1289137526
Directory.subfile.filedatetext=2010-11-07 14:45:26

Babylon.Toolbar: [SBI $6FD65E4E] Program directory (Directory, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx
Directory.subfile.size=93502
Directory.subfile.md5=AA02A79239A33EEF3B2DE2D2D33BC84E
Directory.subfile.filedate=1293535580
Directory.subfile.filedatetext=2010-12-28 12:26:20
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll
Directory.subfile.size=323584
Directory.subfile.md5=5F933C75510CE7064600770488159453
Directory.subfile.filedate=1289121712
Directory.subfile.filedatetext=2010-11-07 10:21:52
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll
Directory.subfile.size=421888
Directory.subfile.md5=CE5D74D6AC19E94164DE0506D46B8AE8
Directory.subfile.filedate=1289121708
Directory.subfile.filedatetext=2010-11-07 10:21:48
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
Directory.subfile.size=286720
Directory.subfile.md5=000A83380536DF86EFE77D020D812F96
Directory.subfile.filedate=1289121720
Directory.subfile.filedatetext=2010-11-07 10:22:00
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
Directory.subfile.size=184760
Directory.subfile.md5=CF158FAC1864EE97BFE3221285FEC23A
Directory.subfile.filedate=1289137528
Directory.subfile.filedatetext=2010-11-07 14:45:28
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe
Directory.subfile.size=94413
Directory.subfile.md5=2054AB2A45B1CF380D02D070D6DFE379
Directory.subfile.filedate=1308499538
Directory.subfile.filedatetext=2011-06-19 17:05:38
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
Directory.subfile.size=225720
Directory.subfile.md5=91BCFFE9095DFE033125ADD31EE7FFC1
Directory.subfile.filedate=1289137526
Directory.subfile.filedatetext=2010-11-07 14:45:26

Babylon.Toolbar: [SBI $B2252BB5] Program directory (File, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx
Properties.size=93502
Properties.md5=AA02A79239A33EEF3B2DE2D2D33BC84E
Properties.filedate=1293535580
Properties.filedatetext=2010-12-28 12:26:20

Babylon.Toolbar: [SBI $B7E3BC8B] Executable (File, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
Properties.size=286720
Properties.md5=000A83380536DF86EFE77D020D812F96
Properties.filedate=1289121720
Properties.filedatetext=2010-11-07 10:22:00

Babylon.Toolbar: [SBI $247AFEA8] Executable (File, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe
Properties.size=94413
Properties.md5=2054AB2A45B1CF380D02D070D6DFE379
Properties.filedate=1308499538
Properties.filedatetext=2011-06-19 17:05:38

Widgi.Toolbar: [SBI $16C3A07B] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\

Widgi.Toolbar: [SBI $000389AB] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\

Widgi.Toolbar: [SBI $1E14509F] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\Res\

Widgi.Toolbar: [SBI $51A36620] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\

Widgi.Toolbar: [SBI $14EAB21D] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\

Widgi.Toolbar: [SBI $65C7C8B1] Shared DLL (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Programme\Application Updater\ApplicationUpdater.exe

Widgi.Toolbar: [SBI $65C7C8B1] System file (File, nothing done)
C:\Programme\Application Updater\ApplicationUpdater.exe
Properties.size=387072
Properties.md5=CF46A776D2E44F180AF2773A9844D260
Properties.filedate=1296231028
Properties.filedatetext=2011-01-28 17:10:28

Widgi.Toolbar: [SBI $5AE37010] Shared DLL (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe

Widgi.Toolbar: [SBI $5AE37010] System file (File, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe
Properties.size=526336
Properties.md5=B8F85EACBBBF7A36A542ED35105B10AF
Properties.filedate=1296232602
Properties.filedatetext=2011-01-28 17:36:42

Widgi.Toolbar: [SBI $1FDB1566] Shared DLL (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll

Widgi.Toolbar: [SBI $1FDB1566] System file (File, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll
Properties.size=596992
Properties.md5=187ECE8D6A5ACDC876C73A9B9B99FCC1
Properties.filedate=1296232576
Properties.filedatetext=2011-01-28 17:36:16

Widgi.Toolbar: [SBI $A3625505] Application data folder (Directory, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Search Settings\

Widgi.Toolbar: [SBI $7C436CA1] Application data folder (Directory, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Search Settings\res\

Widgi.Toolbar: [SBI $B7BA3A77] Application data folder (Directory, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Search Settings\temp\

Widgi.Toolbar: [SBI $0B12F9B5] Program directory (Directory, nothing done)
C:\Programme\Application Updater\
Directory.subfile=C:\Programme\Application Updater\ApplicationUpdater.exe
Directory.subfile.size=387072
Directory.subfile.md5=CF46A776D2E44F180AF2773A9844D260
Directory.subfile.filedate=1296231028
Directory.subfile.filedatetext=2011-01-28 17:10:28
Directory.subfile=C:\Programme\Application Updater\config.ini
Directory.subfile.size=85
Directory.subfile.md5=9E44EB00BBA056FA9B8440EF1D6C356E
Directory.subfile.filedate=1298355323
Directory.subfile.filedatetext=2011-02-22 07:15:23

Widgi.Toolbar: [SBI $B5E507B2] Text file (File, nothing done)
C:\Programme\Application Updater\config.ini
Properties.size=85
Properties.md5=9E44EB00BBA056FA9B8440EF1D6C356E
Properties.filedate=1298355323
Properties.filedatetext=2011-02-22 07:15:23

Widgi.Toolbar: [SBI $05E59E37] Program directory (Directory, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\config.ini
Directory.subfile.size=45
Directory.subfile.md5=DD9603D0052E892266D2C9AE59062A4B
Directory.subfile.filedate=1298355323
Directory.subfile.filedatetext=2011-02-22 07:15:23
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe
Directory.subfile.size=526336
Directory.subfile.md5=B8F85EACBBBF7A36A542ED35105B10AF
Directory.subfile.filedate=1296232602
Directory.subfile.filedatetext=2011-01-28 17:36:42
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\yahoo_ff.xml
Directory.subfile.size=849
Directory.subfile.md5=ACF1EF4F2C71EB8FBBADC340153D920A
Directory.subfile.filedate=1298355323
Directory.subfile.filedatetext=2011-02-22 07:15:23
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\yahoo_ie.xml
Directory.subfile.size=460
Directory.subfile.md5=2D42E2CEF20A53BF068FAF3CA18D9108
Directory.subfile.filedate=1298355323
Directory.subfile.filedatetext=2011-02-22 07:15:23
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\chrome.manifest
Directory.subfile.size=146
Directory.subfile.md5=739A1DBBC5969F0560B61421F23573E5
Directory.subfile.filedate=1296232782
Directory.subfile.filedatetext=2011-01-28 17:39:42
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\install.rdf
Directory.subfile.size=990
Directory.subfile.md5=9A9AB91D3606EBE4684A4EB57549F7C5
Directory.subfile.filedate=1296232782
Directory.subfile.filedatetext=2011-01-28 17:39:42
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
Directory.subfile.size=232
Directory.subfile.md5=D2FE788EDBFAFCB041A266FAA706251A
Directory.subfile.filedate=1295313066
Directory.subfile.filedatetext=2011-01-18 02:11:06
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
Directory.subfile.size=308
Directory.subfile.md5=78790228A0F4CACC233ED694B6C70CB2
Directory.subfile.filedate=1295313066
Directory.subfile.filedatetext=2011-01-18 02:11:06
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll
Directory.subfile.size=596992
Directory.subfile.md5=187ECE8D6A5ACDC876C73A9B9B99FCC1
Directory.subfile.filedate=1296232576
Directory.subfile.filedatetext=2011-01-28 17:36:16

Widgi.Toolbar: [SBI $9DDBABD2] Program directory (Directory, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\config.ini
Directory.subfile.size=45
Directory.subfile.md5=DD9603D0052E892266D2C9AE59062A4B
Directory.subfile.filedate=1298355323
Directory.subfile.filedatetext=2011-02-22 07:15:23
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe
Directory.subfile.size=526336
Directory.subfile.md5=B8F85EACBBBF7A36A542ED35105B10AF
Directory.subfile.filedate=1296232602
Directory.subfile.filedatetext=2011-01-28 17:36:42
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\yahoo_ff.xml
Directory.subfile.size=849
Directory.subfile.md5=ACF1EF4F2C71EB8FBBADC340153D920A
Directory.subfile.filedate=1298355323
Directory.subfile.filedatetext=2011-02-22 07:15:23
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\yahoo_ie.xml
Directory.subfile.size=460
Directory.subfile.md5=2D42E2CEF20A53BF068FAF3CA18D9108
Directory.subfile.filedate=1298355323
Directory.subfile.filedatetext=2011-02-22 07:15:23

Widgi.Toolbar: [SBI $10B6A612] Data (File, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\config.ini
Properties.size=45
Properties.md5=DD9603D0052E892266D2C9AE59062A4B
Properties.filedate=1298355323
Properties.filedatetext=2011-02-22 07:15:23

Widgi.Toolbar: [SBI $2CCE143F] Program directory (Directory, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\Res\

Widgi.Toolbar: [SBI $2CEF1646] Program directory (Directory, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\chrome.manifest
Directory.subfile.size=146
Directory.subfile.md5=739A1DBBC5969F0560B61421F23573E5
Directory.subfile.filedate=1296232782
Directory.subfile.filedatetext=2011-01-28 17:39:42
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\install.rdf
Directory.subfile.size=990
Directory.subfile.md5=9A9AB91D3606EBE4684A4EB57549F7C5
Directory.subfile.filedate=1296232782
Directory.subfile.filedatetext=2011-01-28 17:39:42
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
Directory.subfile.size=232
Directory.subfile.md5=D2FE788EDBFAFCB041A266FAA706251A
Directory.subfile.filedate=1295313066
Directory.subfile.filedatetext=2011-01-18 02:11:06
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
Directory.subfile.size=308
Directory.subfile.md5=78790228A0F4CACC233ED694B6C70CB2
Directory.subfile.filedate=1295313066
Directory.subfile.filedatetext=2011-01-18 02:11:06
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll
Directory.subfile.size=596992
Directory.subfile.md5=187ECE8D6A5ACDC876C73A9B9B99FCC1
Directory.subfile.filedate=1296232576
Directory.subfile.filedatetext=2011-01-28 17:36:16

Widgi.Toolbar: [SBI $AA0B055F] Data (File, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\chrome.manifest
Properties.size=146
Properties.md5=739A1DBBC5969F0560B61421F23573E5
Properties.filedate=1296232782
Properties.filedatetext=2011-01-28 17:39:42

Widgi.Toolbar: [SBI $56E021F7] Program directory (Directory, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
Directory.subfile.size=232
Directory.subfile.md5=D2FE788EDBFAFCB041A266FAA706251A
Directory.subfile.filedate=1295313066
Directory.subfile.filedatetext=2011-01-18 02:11:06
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
Directory.subfile.size=308
Directory.subfile.md5=78790228A0F4CACC233ED694B6C70CB2
Directory.subfile.filedate=1295313066
Directory.subfile.filedatetext=2011-01-18 02:11:06
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll
Directory.subfile.size=596992
Directory.subfile.md5=187ECE8D6A5ACDC876C73A9B9B99FCC1
Directory.subfile.filedate=1296232576
Directory.subfile.filedatetext=2011-01-28 17:36:16

Widgi.Toolbar: [SBI $2B7574E7] Data (File, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
Properties.size=232
Properties.md5=D2FE788EDBFAFCB041A266FAA706251A
Properties.filedate=1295313066
Properties.filedatetext=2011-01-18 02:11:06

Widgi.Toolbar: [SBI $B3254F10] Data (File, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
Properties.size=308
Properties.md5=78790228A0F4CACC233ED694B6C70CB2
Properties.filedate=1295313066
Properties.filedatetext=2011-01-18 02:11:06

Widgi.Toolbar: [SBI $E4808FA3] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Application Updater\

Click.GiftLoad: [SBI $5ABC7D37] User settings (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\enablehttp1_1

Uniblue.DriverScanner: [SBI $EE6536E6] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\driverscanner

Microsoft.WindowsSecurityCenter.AntiVirusOverride: [SBI $3604910C] Settings (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\s.ytimg.com\soundData.sol
Properties.size=49
Properties.md5=18350A328022541115D248C2EA04C860
Properties.filedate=1363600032
Properties.filedatetext=2013-03-18 10:47:12

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\s.ytimg.com\videostats.sol
Properties.size=275
Properties.md5=2351928AD51424CF333C8C33035B7F00
Properties.filedate=1363633163
Properties.filedatetext=2013-03-18 19:59:22

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\secureinclude.ebaystatic.com\ebayLSO.sol
Properties.size=131
Properties.md5=6B8C1ADE576AAE2DB14F24B3834174CA
Properties.filedate=1363433196
Properties.filedatetext=2013-03-16 12:26:36

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\secureinclude.ebaystatic.com\ebayT.sol
Properties.size=39
Properties.md5=B43F43445AA3414DDC22EC80FBB22871
Properties.filedate=1363433196
Properties.filedatetext=2013-03-16 12:26:36

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\static.afcdn.com\com.jeroenwijering.sol
Properties.size=50
Properties.md5=283B44FC0AC0DC2B75215D991B61C210
Properties.filedate=1363589265
Properties.filedatetext=2013-03-18 07:47:45

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\streamcloud.eu\com.jeroenwijering.sol
Properties.size=64
Properties.md5=1F823EB48C0B57444200E645153D8F54
Properties.filedate=1363453153
Properties.filedatetext=2013-03-16 17:59:12

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\www.paypalobjects.com\ppLsoTest.sol
Properties.size=48
Properties.md5=74EE4375686A2069414EEF13E7B62789
Properties.filedate=1363601614
Properties.filedatetext=2013-03-18 11:13:33

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Dokumente und Einstellungen\computeradministrar\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\6LLJMKDR\skype.com\#ui\preferences.sol
Properties.size=235
Properties.md5=1D7D04F31FE16A67CECFB96D82C67B0B
Properties.filedate=1358102109
Properties.filedatetext=2013-01-13 19:35:09

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\static.putlocker.com\video_player.swf\org.flowplayer.sol
Properties.size=60
Properties.md5=11B628CEABE61125FA85414F1AC515EA
Properties.filedate=1363450129
Properties.filedatetext=2013-03-16 17:08:49

Right Media: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Luxhaus) (Browser: Cookie, nothing done)

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Luxhaus) (Browser: Cookie, nothing done)

Statcounter: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Luxhaus) (Browser: Cookie, nothing done)

FastClick: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Inaktive Benutzer): computeradministrar) (Browser: Cookie, nothing done)

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Inaktive Benutzer): computeradministrar) (Browser: Cookie, nothing done)

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Inaktive Benutzer): computeradministrar) (Browser: Cookie, nothing done)

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)

Statcounter: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)

WebTrends live: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)

LinkSynergy: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)

LinkSynergy: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)

LinkSynergy: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)

LinkSynergy: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)

Statcounter: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)

Common Dialogs: [SBI $8E73A7FB] History (12 files) (Registry Key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Log: [SBI $8E73A7FB] Activity: SchedLgU.Txt (File, nothing done)
C:\WINDOWS\SchedLgU.Txt
Properties.size=32338
Properties.md5=61653B1D03CDFE4C9E9F703194653198
Properties.filedate=1363630354
Properties.filedatetext=2013-03-18 19:12:33

Log: [SBI $8E73A7FB] Install: setupapi.log (File, nothing done)
C:\WINDOWS\setupapi.log
Properties.size=2504
Properties.md5=19D5316223C689F717BDEE3362024E86
Properties.filedate=1363633655
Properties.filedatetext=2013-03-18 20:07:34

Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wbemcore.log (File, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemcore.log
Properties.size=53878
Properties.md5=4C7880AB4F8A0DD6F55D4B6C39AB40F6
Properties.filedate=1363645474
Properties.filedatetext=2013-03-18 23:24:34

Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wbemess.log (File, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemess.log
Properties.size=49985
Properties.md5=C972ADB81B9C81850A42DD2FC1BF6E2A
Properties.filedate=1363642756
Properties.filedatetext=2013-03-18 22:39:16

Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wbemprox.log (File, nothing done)
C:\WINDOWS\System32\wbem\logs\wbemprox.log
Properties.size=3352
Properties.md5=531C35F1E800C0B18CB324380ABCB1D3
Properties.filedate=1363639984
Properties.filedatetext=2013-03-18 21:53:03

Log: [SBI $8E73A7FB] Shutdown: System32\wbem\logs\wmiprov.log (File, nothing done)
C:\WINDOWS\System32\wbem\logs\wmiprov.log
Properties.size=527
Properties.md5=BEE4B7E2D964B7D1615E5337F2FDF96D
Properties.filedate=1363630961
Properties.filedatetext=2013-03-18 19:22:41

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Isobuster: [SBI $FFCD5808] Last save folder (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Smart Projects\IsoBuster\LastSavedPath

MS Media Player: [SBI $6D2E50D8] Last selected node (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\MediaPlayer\MediaLibraryUI\MLLastSelectedNode

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS Office 11.0 (Access): [SBI $7F916EA4] Recent database #1 (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\Access\Settings\MRU1

MS Office 11.0 (Cliparts): [SBI $D2A56AFD] Last search made (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\Clip Organizer\Search\Last Query

MS Office 11.0 (PowerPoint): [SBI $45221EA4] Recent template list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\PowerPoint\Recent Templates

MS Office 11.0 (PowerPoint): [SBI $81078145] Recent animation list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\PowerPoint\RecentAnimationList

MS Office 11.0 (PowerPoint): [SBI $8C3C6CBB] Recent folder list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\PowerPoint\RecentFolderList

MS Office 11.0 (PowerPoint): [SBI $C04A11CB] Recent template list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\PowerPoint\RecentTemplateList

MS Office 11.0 (Word): [SBI $15AC27CE] Recent file list (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\Word\Data\Settings

MS Fax: [SBI $F2D1A0E8] Last country ID (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Fax\UserInfo\LastCountryID

MS Fax: [SBI $8F651DE1] Last recipient name (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Fax\UserInfo\LastRecipientName

MS Fax: [SBI $17E7FB0C] Last recipient number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Fax\UserInfo\LastRecipientNumber

MS Windows Backup 5.0: [SBI $9CE336F6] Last created backup set (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Ntbackup\Hardware\Logical Disk File

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $6CBE8CD7] Open with list - .ASP extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASP\OpenWithList

Windows.OpenWith: [SBI $CDE7D0A6] Open with list - .ASX extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASX\OpenWithList

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList

Windows.OpenWith: [SBI $3A470490] Open with list - .CCF extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList

Windows.OpenWith: [SBI $9E8D5C8A] Open with list - .CDA extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList

Windows.OpenWith: [SBI $E9115E4D] Open with list - .CER extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CER\OpenWithList

Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList

Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList

Windows.OpenWith: [SBI $F34FE1D0] Open with list - .CUE extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUE\OpenWithList

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $B7EBA926] Last visited history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Explorer: [SBI $85C2C910] Last Copy/MoveTo folder (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\CopyMoveTo\LastFolder

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: [SBI $49804B54] Browser: Cookie (16) (Browser: Cookie, nothing done)

Cache: [SBI $49804B54] Browser: Cache (335) (Browser: Cache, nothing done)

Verlauf: [SBI $49804B54] Browser: History (88) (Browser: History, nothing done)

Cookie: [SBI $49804B54] Browser: Cookie (19) (Browser: Cookie, nothing done)

Cache: [SBI $49804B54] Browser: Cache (29) (Browser: Cache, nothing done)

Verlauf: [SBI $49804B54] Browser: History (4) (Browser: History, nothing done)

Cache: [SBI $49804B54] Browser: Cache (13) (Browser: Cache, nothing done)

Verlauf: [SBI $49804B54] Browser: History (1) (Browser: History, nothing done)

Cookie: [SBI $49804B54] Browser: Cookie (1148) (Browser: Cookie, nothing done)

Cookie: [SBI $49804B54] Browser: Cookie (104) (Browser: Cookie, nothing done)

--- Spybot - Search & Destroy version: 2.0.12.131 DLL (build: 20121113) ---

2012-11-13 blindman.exe (2.0.12.151)
2012-11-13 explorer.exe (2.0.12.173)
2012-11-13 SDBootCD.exe (2.0.12.109)
2012-11-13 SDCleaner.exe (2.0.12.110)
2012-11-13 SDDelFile.exe (2.0.12.94)
2012-11-13 SDFiles.exe (2.0.12.135)
2012-11-13 SDFileScanHelper.exe (2.0.12.1)
2012-11-13 SDFSSvc.exe (2.0.12.205)
2012-11-13 SDImmunize.exe (2.0.12.130)
2012-11-13 SDLogReport.exe (2.0.12.107)
2012-11-13 SDPESetup.exe (2.0.12.3)
2012-11-13 SDPEStart.exe (2.0.12.86)
2012-11-13 SDPhoneScan.exe (2.0.12.27)
2012-11-13 SDPRE.exe (2.0.12.13)
2012-11-13 SDPrepPos.exe (2.0.12.10)
2012-11-13 SDQuarantine.exe (2.0.12.103)
2012-11-13 SDRootAlyzer.exe (2.0.12.116)
2012-11-13 SDSBIEdit.exe (2.0.12.39)
2012-11-13 SDScan.exe (2.0.12.173)
2012-11-13 SDScript.exe (2.0.12.53)
2012-11-13 SDSettings.exe (2.0.12.130)
2012-11-13 SDShred.exe (2.0.12.105)
2012-11-13 SDSysRepair.exe (2.0.12.101)
2012-11-13 SDTools.exe (2.0.12.150)
2012-11-13 SDTray.exe (2.0.12.127)
2012-11-13 SDUpdate.exe (2.0.12.89)
2012-11-13 SDUpdSvc.exe (2.0.12.76)
2012-11-13 SDWelcome.exe (2.0.12.126)
2012-11-13 SDWSCSvc.exe (2.0.12.2)
2013-03-18 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98)
2012-11-13 SDECon32.dll (2.0.12.113)
2012-11-13 SDEvents.dll (2.0.12.2)
2012-11-13 SDFileScanLibrary.dll (2.0.12.9)
2012-11-13 SDHelper.dll (2.0.12.88)
2012-11-13 SDImmunizeLibrary.dll (2.0.12.2)
2012-11-13 SDLists.dll (2.0.12.4)
2012-11-13 SDResources.dll (2.0.12.7)
2012-11-13 SDScanLibrary.dll (2.0.12.131)
2012-11-13 SDTasks.dll (2.0.12.15)
2012-11-13 SDWinLogon.dll (2.0.12.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2012-11-13 Tools.dll (2.0.12.36)
2012-11-13 UninsSrv.dll (2.0.12.52)
2012-11-14 Includes\Adware.sbi (*)
2012-11-14 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2012-11-14 Includes\KeyloggersC.sbi (*)
2012-11-14 Includes\Malware.sbi (*)
2012-11-14 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2012-11-14 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2012-11-14 Includes\Spyware.sbi (*)
2012-11-14 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2005-02-17 Includes\Tracks.uti (*)
2012-11-14 Includes\Trojans.sbi (*)
2012-11-14 Includes\TrojansC-02.sbi (*)
2012-11-14 Includes\TrojansC-03.sbi (*)
2012-11-14 Includes\TrojansC-04.sbi (*)
2012-11-14 Includes\TrojansC-05.sbi (*)
2012-11-14 Includes\TrojansC.sbi (*)

[CODE]Search results from Spybot - Search & Destroy

18.03.2013 23:29:08
Scan took 00:54:51.
162 items found.

Babylon.Toolbar: [SBI $38C57020] Library (File, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll
Properties.size=323584
Properties.md5=5F933C75510CE7064600770488159453
Properties.filedate=1289121712
Properties.filedatetext=2010-11-07 10:21:52

Babylon.Toolbar: [SBI $554A5FF0] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylnApp.appCore

Babylon.Toolbar: [SBI $554A5FF0] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylnApp.appCore.1

Babylon.Toolbar: [SBI $554A5FF0] Class ID (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}

Babylon.Toolbar: [SBI $5CBA2194] Library (File, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
Properties.size=184760
Properties.md5=CF158FAC1864EE97BFE3221285FEC23A
Properties.filedate=1289137528
Properties.filedatetext=2010-11-07 14:45:28

Babylon.Toolbar: [SBI $86348D5E] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd

Babylon.Toolbar: [SBI $86348D5E] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd.1

Babylon.Toolbar: [SBI $86348D5E] Class ID (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}

Babylon.Toolbar: [SBI $B04483F7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Babylon.Toolbar: [SBI $B04483F7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Babylon.Toolbar: [SBI $B04483F7] Class ID (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}

Babylon.Toolbar: [SBI $5601E539] Library (File, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll
Properties.size=421888
Properties.md5=CE5D74D6AC19E94164DE0506D46B8AE8
Properties.filedate=1289121708
Properties.filedatetext=2010-11-07 10:21:48

Babylon.Toolbar: [SBI $7A3F9AD7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.xtrnl

Babylon.Toolbar: [SBI $7A3F9AD7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.xtrnl.1

Babylon.Toolbar: [SBI $7A3F9AD7] Class ID (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}

Babylon.Toolbar: [SBI $360EE791] Library (File, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
Properties.size=225720
Properties.md5=91BCFFE9095DFE033125ADD31EE7FFC1
Properties.filedate=1289137526
Properties.filedatetext=2010-11-07 14:45:26

Babylon.Toolbar: [SBI $52C6ABB7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc

Babylon.Toolbar: [SBI $52C6ABB7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc.1

Babylon.Toolbar: [SBI $52C6ABB7] Class ID (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}

Babylon.Toolbar: [SBI $4E46F835] Program directory (Directory, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\BabylonToolbar\

Babylon.Toolbar: [SBI $1AA9620D] Program directory (Directory, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\BabylonToolbar\BabylonToolbar\

Babylon.Toolbar: [SBI $C2E2DFDF] Program directory (Directory, nothing done)
C:\Programme\BabylonToolbar\
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx
Directory.subfile.size=93502
Directory.subfile.md5=AA02A79239A33EEF3B2DE2D2D33BC84E
Directory.subfile.filedate=1293535580
Directory.subfile.filedatetext=2010-12-28 12:26:20
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll
Directory.subfile.size=323584
Directory.subfile.md5=5F933C75510CE7064600770488159453
Directory.subfile.filedate=1289121712
Directory.subfile.filedatetext=2010-11-07 10:21:52
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll
Directory.subfile.size=421888
Directory.subfile.md5=CE5D74D6AC19E94164DE0506D46B8AE8
Directory.subfile.filedate=1289121708
Directory.subfile.filedatetext=2010-11-07 10:21:48
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
Directory.subfile.size=286720
Directory.subfile.md5=000A83380536DF86EFE77D020D812F96
Directory.subfile.filedate=1289121720
Directory.subfile.filedatetext=2010-11-07 10:22:00
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
Directory.subfile.size=184760
Directory.subfile.md5=CF158FAC1864EE97BFE3221285FEC23A
Directory.subfile.filedate=1289137528
Directory.subfile.filedatetext=2010-11-07 14:45:28
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe
Directory.subfile.size=94413
Directory.subfile.md5=2054AB2A45B1CF380D02D070D6DFE379
Directory.subfile.filedate=1308499538
Directory.subfile.filedatetext=2011-06-19 17:05:38
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
Directory.subfile.size=225720
Directory.subfile.md5=91BCFFE9095DFE033125ADD31EE7FFC1
Directory.subfile.filedate=1289137526
Directory.subfile.filedatetext=2010-11-07 14:45:26

Babylon.Toolbar: [SBI $6FD65E4E] Program directory (Directory, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx
Directory.subfile.size=93502
Directory.subfile.md5=AA02A79239A33EEF3B2DE2D2D33BC84E
Directory.subfile.filedate=1293535580
Directory.subfile.filedatetext=2010-12-28 12:26:20
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll
Directory.subfile.size=323584
Directory.subfile.md5=5F933C75510CE7064600770488159453
Directory.subfile.filedate=1289121712
Directory.subfile.filedatetext=2010-11-07 10:21:52
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll
Directory.subfile.size=421888
Directory.subfile.md5=CE5D74D6AC19E94164DE0506D46B8AE8
Directory.subfile.filedate=1289121708
Directory.subfile.filedatetext=2010-11-07 10:21:48
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
Directory.subfile.size=286720
Directory.subfile.md5=000A83380536DF86EFE77D020D812F96
Directory.subfile.filedate=1289121720
Directory.subfile.filedatetext=2010-11-07 10:22:00
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
Directory.subfile.size=184760
Directory.subfile.md5=CF158FAC1864EE97BFE3221285FEC23A
Directory.subfile.filedate=1289137528
Directory.subfile.filedatetext=2010-11-07 14:45:28
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe
Directory.subfile.size=94413
Directory.subfile.md5=2054AB2A45B1CF380D02D070D6DFE379
Directory.subfile.filedate=1308499538
Directory.subfile.filedatetext=2011-06-19 17:05:38
Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
Directory.subfile.size=225720
Directory.subfile.md5=91BCFFE9095DFE033125ADD31EE7FFC1
Directory.subfile.filedate=1289137526
Directory.subfile.filedatetext=2010-11-07 14:45:26

Babylon.Toolbar: [SBI $B2252BB5] Program directory (File, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx
Properties.size=93502
Properties.md5=AA02A79239A33EEF3B2DE2D2D33BC84E
Properties.filedate=1293535580
Properties.filedatetext=2010-12-28 12:26:20

Babylon.Toolbar: [SBI $B7E3BC8B] Executable (File, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
Properties.size=286720
Properties.md5=000A83380536DF86EFE77D020D812F96
Properties.filedate=1289121720
Properties.filedatetext=2010-11-07 10:22:00

Babylon.Toolbar: [SBI $247AFEA8] Executable (File, nothing done)
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe
Properties.size=94413
Properties.md5=2054AB2A45B1CF380D02D070D6DFE379
Properties.filedate=1308499538
Properties.filedatetext=2011-06-19 17:05:38

Widgi.Toolbar: [SBI $16C3A07B] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\

Widgi.Toolbar: [SBI $000389AB] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\

Widgi.Toolbar: [SBI $1E14509F] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\Res\

Widgi.Toolbar: [SBI $51A36620] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\

Widgi.Toolbar: [SBI $14EAB21D] Settings (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\

Widgi.Toolbar: [SBI $65C7C8B1] Shared DLL (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Programme\Application Updater\ApplicationUpdater.exe

Widgi.Toolbar: [SBI $65C7C8B1] System file (File, nothing done)
C:\Programme\Application Updater\ApplicationUpdater.exe
Properties.size=387072
Properties.md5=CF46A776D2E44F180AF2773A9844D260
Properties.filedate=1296231028
Properties.filedatetext=2011-01-28 17:10:28

Widgi.Toolbar: [SBI $5AE37010] Shared DLL (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe

Widgi.Toolbar: [SBI $5AE37010] System file (File, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe
Properties.size=526336
Properties.md5=B8F85EACBBBF7A36A542ED35105B10AF
Properties.filedate=1296232602
Properties.filedatetext=2011-01-28 17:36:42

Widgi.Toolbar: [SBI $1FDB1566] Shared DLL (Registry Value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll

Widgi.Toolbar: [SBI $1FDB1566] System file (File, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll
Properties.size=596992
Properties.md5=187ECE8D6A5ACDC876C73A9B9B99FCC1
Properties.filedate=1296232576
Properties.filedatetext=2011-01-28 17:36:16

Widgi.Toolbar: [SBI $A3625505] Application data folder (Directory, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Search Settings\

Widgi.Toolbar: [SBI $7C436CA1] Application data folder (Directory, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Search Settings\res\

Widgi.Toolbar: [SBI $B7BA3A77] Application data folder (Directory, nothing done)
C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Search Settings\temp\

Widgi.Toolbar: [SBI $0B12F9B5] Program directory (Directory, nothing done)
C:\Programme\Application Updater\
Directory.subfile=C:\Programme\Application Updater\ApplicationUpdater.exe
Directory.subfile.size=387072
Directory.subfile.md5=CF46A776D2E44F180AF2773A9844D260
Directory.subfile.filedate=1296231028
Directory.subfile.filedatetext=2011-01-28 17:10:28
Directory.subfile=C:\Programme\Application Updater\config.ini
Directory.subfile.size=85
Directory.subfile.md5=9E44EB00BBA056FA9B8440EF1D6C356E
Directory.subfile.filedate=1298355323
Directory.subfile.filedatetext=2011-02-22 07:15:23

Widgi.Toolbar: [SBI $B5E507B2] Text file (File, nothing done)
C:\Programme\Application Updater\config.ini
Properties.size=85
Properties.md5=9E44EB00BBA056FA9B8440EF1D6C356E
Properties.filedate=1298355323
Properties.filedatetext=2011-02-22 07:15:23

Widgi.Toolbar: [SBI $05E59E37] Program directory (Directory, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\config.ini
Directory.subfile.size=45
Directory.subfile.md5=DD9603D0052E892266D2C9AE59062A4B
Directory.subfile.filedate=1298355323
Directory.subfile.filedatetext=2011-02-22 07:15:23
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe
Directory.subfile.size=526336
Directory.subfile.md5=B8F85EACBBBF7A36A542ED35105B10AF
Directory.subfile.filedate=1296232602
Directory.subfile.filedatetext=2011-01-28 17:36:42
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\yahoo_ff.xml
Directory.subfile.size=849
Directory.subfile.md5=ACF1EF4F2C71EB8FBBADC340153D920A
Directory.subfile.filedate=1298355323
Directory.subfile.filedatetext=2011-02-22 07:15:23
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\yahoo_ie.xml
Directory.subfile.size=460
Directory.subfile.md5=2D42E2CEF20A53BF068FAF3CA18D9108
Directory.subfile.filedate=1298355323
Directory.subfile.filedatetext=2011-02-22 07:15:23
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\chrome.manifest
Directory.subfile.size=146
Directory.subfile.md5=739A1DBBC5969F0560B61421F23573E5
Directory.subfile.filedate=1296232782
Directory.subfile.filedatetext=2011-01-28 17:39:42
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\install.rdf
Directory.subfile.size=990
Directory.subfile.md5=9A9AB91D3606EBE4684A4EB57549F7C5
Directory.subfile.filedate=1296232782
Directory.subfile.filedatetext=2011-01-28 17:39:42
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
Directory.subfile.size=232
Directory.subfile.md5=D2FE788EDBFAFCB041A266FAA706251A
Directory.subfile.filedate=1295313066
Directory.subfile.filedatetext=2011-01-18 02:11:06
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
Directory.subfile.size=308
Directory.subfile.md5=78790228A0F4CACC233ED694B6C70CB2
Directory.subfile.filedate=1295313066
Directory.subfile.filedatetext=2011-01-18 02:11:06
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll
Directory.subfile.size=596992
Directory.subfile.md5=187ECE8D6A5ACDC876C73A9B9B99FCC1
Directory.subfile.filedate=1296232576
Directory.subfile.filedatetext=2011-01-28 17:36:16

Widgi.Toolbar: [SBI $9DDBABD2] Program directory (Directory, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\config.ini
Directory.subfile.size=45
Directory.subfile.md5=DD9603D0052E892266D2C9AE59062A4B
Directory.subfile.filedate=1298355323
Directory.subfile.filedatetext=2011-02-22 07:15:23
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe
Directory.subfile.size=526336
Directory.subfile.md5=B8F85EACBBBF7A36A542ED35105B10AF
Directory.subfile.filedate=1296232602
Directory.subfile.filedatetext=2011-01-28 17:36:42
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\yahoo_ff.xml
Directory.subfile.size=849
Directory.subfile.md5=ACF1EF4F2C71EB8FBBADC340153D920A
Directory.subfile.filedate=1298355323
Directory.subfile.filedatetext=2011-02-22 07:15:23
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\yahoo_ie.xml
Directory.subfile.size=460
Directory.subfile.md5=2D42E2CEF20A53BF068FAF3CA18D9108
Directory.subfile.filedate=1298355323
Directory.subfile.filedatetext=2011-02-22 07:15:23

Widgi.Toolbar: [SBI $10B6A612] Data (File, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\config.ini
Properties.size=45
Properties.md5=DD9603D0052E892266D2C9AE59062A4B
Properties.filedate=1298355323
Properties.filedatetext=2011-02-22 07:15:23

Widgi.Toolbar: [SBI $2CCE143F] Program directory (Directory, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\Res\

Widgi.Toolbar: [SBI $2CEF1646] Program directory (Directory, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\chrome.manifest
Directory.subfile.size=146
Directory.subfile.md5=739A1DBBC5969F0560B61421F23573E5
Directory.subfile.filedate=1296232782
Directory.subfile.filedatetext=2011-01-28 17:39:42
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\install.rdf
Directory.subfile.size=990
Directory.subfile.md5=9A9AB91D3606EBE4684A4EB57549F7C5
Directory.subfile.filedate=1296232782
Directory.subfile.filedatetext=2011-01-28 17:39:42
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
Directory.subfile.size=232
Directory.subfile.md5=D2FE788EDBFAFCB041A266FAA706251A
Directory.subfile.filedate=1295313066
Directory.subfile.filedatetext=2011-01-18 02:11:06
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
Directory.subfile.size=308
Directory.subfile.md5=78790228A0F4CACC233ED694B6C70CB2
Directory.subfile.filedate=1295313066
Directory.subfile.filedatetext=2011-01-18 02:11:06
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll
Directory.subfile.size=596992
Directory.subfile.md5=187ECE8D6A5ACDC876C73A9B9B99FCC1
Directory.subfile.filedate=1296232576
Directory.subfile.filedatetext=2011-01-28 17:36:16

Widgi.Toolbar: [SBI $AA0B055F] Data (File, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\chrome.manifest
Properties.size=146
Properties.md5=739A1DBBC5969F0560B61421F23573E5
Properties.filedate=1296232782
Properties.filedatetext=2011-01-28 17:39:42

Widgi.Toolbar: [SBI $56E021F7] Program directory (Directory, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
Directory.subfile.size=232
Directory.subfile.md5=D2FE788EDBFAFCB041A266FAA706251A
Directory.subfile.filedate=1295313066
Directory.subfile.filedatetext=2011-01-18 02:11:06
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
Directory.subfile.size=308
Directory.subfile.md5=78790228A0F4CACC233ED694B6C70CB2
Directory.subfile.filedate=1295313066
Directory.subfile.filedatetext=2011-01-18 02:11:06
Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll
Directory.subfile.size=596992
Directory.subfile.md5=187ECE8D6A5ACDC876C73A9B9B99FCC1
Directory.subfile.filedate=1296232576
Directory.subfile.filedatetext=2011-01-28 17:36:16

Widgi.Toolbar: [SBI $2B7574E7] Data (File, nothing done)
C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
Properties.size=232
Properties.md5=D2FE788EDBFAFCB041A266FAA706251A
Properties.filedate=1295313066
Properties.filedatetext=2011-01-18 02:11:06

cosmicus · 02.06.2013, 13:10

Code:

ATTFilter

Widgi.Toolbar: [SBI $B3254F10]  Data (File, nothing done)
  C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
  Properties.size=308
  Properties.md5=78790228A0F4CACC233ED694B6C70CB2
  Properties.filedate=1295313066
  Properties.filedatetext=2011-01-18 02:11:06

Widgi.Toolbar: [SBI $E4808FA3] Settings (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Application Updater\

Click.GiftLoad: [SBI $5ABC7D37] User settings (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\enablehttp1_1

Uniblue.DriverScanner: [SBI $EE6536E6] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\driverscanner

Microsoft.WindowsSecurityCenter.AntiVirusOverride: [SBI $3604910C] Settings (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\s.ytimg.com\soundData.sol
  Properties.size=49
  Properties.md5=18350A328022541115D248C2EA04C860
  Properties.filedate=1363600032
  Properties.filedatetext=2013-03-18 10:47:12

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\s.ytimg.com\videostats.sol
  Properties.size=275
  Properties.md5=2351928AD51424CF333C8C33035B7F00
  Properties.filedate=1363633163
  Properties.filedatetext=2013-03-18 19:59:22

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\secureinclude.ebaystatic.com\ebayLSO.sol
  Properties.size=131
  Properties.md5=6B8C1ADE576AAE2DB14F24B3834174CA
  Properties.filedate=1363433196
  Properties.filedatetext=2013-03-16 12:26:36

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\secureinclude.ebaystatic.com\ebayT.sol
  Properties.size=39
  Properties.md5=B43F43445AA3414DDC22EC80FBB22871
  Properties.filedate=1363433196
  Properties.filedatetext=2013-03-16 12:26:36

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\static.afcdn.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=283B44FC0AC0DC2B75215D991B61C210
  Properties.filedate=1363589265
  Properties.filedatetext=2013-03-18 07:47:45

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\streamcloud.eu\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=1F823EB48C0B57444200E645153D8F54
  Properties.filedate=1363453153
  Properties.filedatetext=2013-03-16 17:59:12

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\www.paypalobjects.com\ppLsoTest.sol
  Properties.size=48
  Properties.md5=74EE4375686A2069414EEF13E7B62789
  Properties.filedate=1363601614
  Properties.filedatetext=2013-03-18 11:13:33

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\computeradministrar\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\6LLJMKDR\skype.com\#ui\preferences.sol
  Properties.size=235
  Properties.md5=1D7D04F31FE16A67CECFB96D82C67B0B
  Properties.filedate=1358102109
  Properties.filedatetext=2013-01-13 19:35:09

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\static.putlocker.com\video_player.swf\org.flowplayer.sol
  Properties.size=60
  Properties.md5=11B628CEABE61125FA85414F1AC515EA
  Properties.filedate=1363450129
  Properties.filedatetext=2013-03-16 17:08:49

Right Media: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Luxhaus) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Luxhaus) (Browser: Cookie, nothing done)
  

Statcounter: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Luxhaus) (Browser: Cookie, nothing done)
  

FastClick: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Inaktive Benutzer): computeradministrar) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Inaktive Benutzer): computeradministrar) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Inaktive Benutzer): computeradministrar) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

Statcounter: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

WebTrends live: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

LinkSynergy: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

LinkSynergy: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

LinkSynergy: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

LinkSynergy: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

Statcounter: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)
  

Common Dialogs: [SBI $8E73A7FB] History  (12 files) (Registry Key, nothing done)
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Log: [SBI $8E73A7FB]  Activity: SchedLgU.Txt (File, nothing done)
  C:\WINDOWS\SchedLgU.Txt
  Properties.size=32338
  Properties.md5=61653B1D03CDFE4C9E9F703194653198
  Properties.filedate=1363630354
  Properties.filedatetext=2013-03-18 19:12:33

Log: [SBI $8E73A7FB]  Install: setupapi.log (File, nothing done)
  C:\WINDOWS\setupapi.log
  Properties.size=2504
  Properties.md5=19D5316223C689F717BDEE3362024E86
  Properties.filedate=1363633655
  Properties.filedatetext=2013-03-18 20:07:34

Log: [SBI $8E73A7FB]  Shutdown: System32\wbem\logs\wbemcore.log (File, nothing done)
  C:\WINDOWS\System32\wbem\logs\wbemcore.log
  Properties.size=53878
  Properties.md5=4C7880AB4F8A0DD6F55D4B6C39AB40F6
  Properties.filedate=1363645474
  Properties.filedatetext=2013-03-18 23:24:34

Log: [SBI $8E73A7FB]  Shutdown: System32\wbem\logs\wbemess.log (File, nothing done)
  C:\WINDOWS\System32\wbem\logs\wbemess.log
  Properties.size=49985
  Properties.md5=C972ADB81B9C81850A42DD2FC1BF6E2A
  Properties.filedate=1363642756
  Properties.filedatetext=2013-03-18 22:39:16

Log: [SBI $8E73A7FB]  Shutdown: System32\wbem\logs\wbemprox.log (File, nothing done)
  C:\WINDOWS\System32\wbem\logs\wbemprox.log
  Properties.size=3352
  Properties.md5=531C35F1E800C0B18CB324380ABCB1D3
  Properties.filedate=1363639984
  Properties.filedatetext=2013-03-18 21:53:03

Log: [SBI $8E73A7FB]  Shutdown: System32\wbem\logs\wmiprov.log (File, nothing done)
  C:\WINDOWS\System32\wbem\logs\wmiprov.log
  Properties.size=527
  Properties.md5=BEE4B7E2D964B7D1615E5337F2FDF96D
  Properties.filedate=1363630961
  Properties.filedatetext=2013-03-18 19:22:41

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Isobuster: [SBI $FFCD5808] Last save folder (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Smart Projects\IsoBuster\LastSavedPath

MS Media Player: [SBI $6D2E50D8] Last selected node (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\MediaPlayer\MediaLibraryUI\MLLastSelectedNode

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS Office 11.0 (Access): [SBI $7F916EA4] Recent database #1 (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\Access\Settings\MRU1

MS Office 11.0 (Cliparts): [SBI $D2A56AFD] Last search made (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\Clip Organizer\Search\Last Query

MS Office 11.0 (PowerPoint): [SBI $45221EA4] Recent template list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\PowerPoint\Recent Templates

MS Office 11.0 (PowerPoint): [SBI $81078145] Recent animation list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\PowerPoint\RecentAnimationList

MS Office 11.0 (PowerPoint): [SBI $8C3C6CBB] Recent folder list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\PowerPoint\RecentFolderList

MS Office 11.0 (PowerPoint): [SBI $C04A11CB] Recent template list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\PowerPoint\RecentTemplateList

MS Office 11.0 (Word): [SBI $15AC27CE] Recent file list (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\Word\Data\Settings

MS Fax: [SBI $F2D1A0E8] Last country ID (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Fax\UserInfo\LastCountryID

MS Fax: [SBI $8F651DE1] Last recipient name (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Fax\UserInfo\LastRecipientName

MS Fax: [SBI $17E7FB0C] Last recipient number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Fax\UserInfo\LastRecipientNumber

MS Windows Backup 5.0: [SBI $9CE336F6] Last created backup set (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Ntbackup\Hardware\Logical Disk File

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $6CBE8CD7] Open with list - .ASP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASP\OpenWithList

Windows.OpenWith: [SBI $CDE7D0A6] Open with list - .ASX extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASX\OpenWithList

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList

Windows.OpenWith: [SBI $3A470490] Open with list - .CCF extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList

Windows.OpenWith: [SBI $9E8D5C8A] Open with list - .CDA extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList

Windows.OpenWith: [SBI $E9115E4D] Open with list - .CER extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CER\OpenWithList

Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList

Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList

Windows.OpenWith: [SBI $F34FE1D0] Open with list - .CUE extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUE\OpenWithList

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $B7EBA926] Last visited history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Explorer: [SBI $85C2C910] Last Copy/MoveTo folder (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\CopyMoveTo\LastFolder

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: [SBI $49804B54] Browser: Cookie (16) (Browser: Cookie, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (335) (Browser: Cache, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (88) (Browser: History, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (19) (Browser: Cookie, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (29) (Browser: Cache, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (4) (Browser: History, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (13) (Browser: Cache, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (1) (Browser: History, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (1148) (Browser: Cookie, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (104) (Browser: Cookie, nothing done)
  


--- Spybot - Search & Destroy version: 2.0.12.131  DLL (build: 20121113) ---

2012-11-13 blindman.exe (2.0.12.151)
2012-11-13 explorer.exe (2.0.12.173)
2012-11-13 SDBootCD.exe (2.0.12.109)
2012-11-13 SDCleaner.exe (2.0.12.110)
2012-11-13 SDDelFile.exe (2.0.12.94)
2012-11-13 SDFiles.exe (2.0.12.135)
2012-11-13 SDFileScanHelper.exe (2.0.12.1)
2012-11-13 SDFSSvc.exe (2.0.12.205)
2012-11-13 SDImmunize.exe (2.0.12.130)
2012-11-13 SDLogReport.exe (2.0.12.107)
2012-11-13 SDPESetup.exe (2.0.12.3)
2012-11-13 SDPEStart.exe (2.0.12.86)
2012-11-13 SDPhoneScan.exe (2.0.12.27)
2012-11-13 SDPRE.exe (2.0.12.13)
2012-11-13 SDPrepPos.exe (2.0.12.10)
2012-11-13 SDQuarantine.exe (2.0.12.103)
2012-11-13 SDRootAlyzer.exe (2.0.12.116)
2012-11-13 SDSBIEdit.exe (2.0.12.39)
2012-11-13 SDScan.exe (2.0.12.173)
2012-11-13 SDScript.exe (2.0.12.53)
2012-11-13 SDSettings.exe (2.0.12.130)
2012-11-13 SDShred.exe (2.0.12.105)
2012-11-13 SDSysRepair.exe (2.0.12.101)
2012-11-13 SDTools.exe (2.0.12.150)
2012-11-13 SDTray.exe (2.0.12.127)
2012-11-13 SDUpdate.exe (2.0.12.89)
2012-11-13 SDUpdSvc.exe (2.0.12.76)
2012-11-13 SDWelcome.exe (2.0.12.126)
2012-11-13 SDWSCSvc.exe (2.0.12.2)
2013-03-18 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98)
2012-11-13 SDECon32.dll (2.0.12.113)
2012-11-13 SDEvents.dll (2.0.12.2)
2012-11-13 SDFileScanLibrary.dll (2.0.12.9)
2012-11-13 SDHelper.dll (2.0.12.88)
2012-11-13 SDImmunizeLibrary.dll (2.0.12.2)
2012-11-13 SDLists.dll (2.0.12.4)
2012-11-13 SDResources.dll (2.0.12.7)
2012-11-13 SDScanLibrary.dll (2.0.12.131)
2012-11-13 SDTasks.dll (2.0.12.15)
2012-11-13 SDWinLogon.dll (2.0.12.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2012-11-13 Tools.dll (2.0.12.36)
2012-11-13 UninsSrv.dll (2.0.12.52)
2012-11-14 Includes\Adware.sbi (*)
2012-11-14 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2012-11-14 Includes\KeyloggersC.sbi (*)
2012-11-14 Includes\Malware.sbi (*)
2012-11-14 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2012-11-14 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2012-11-14 Includes\Spyware.sbi (*)
2012-11-14 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2005-02-17 Includes\Tracks.uti (*)
2012-11-14 Includes\Trojans.sbi (*)
2012-11-14 Includes\TrojansC-02.sbi (*)
2012-11-14 Includes\TrojansC-03.sbi (*)
2012-11-14 Includes\TrojansC-04.sbi (*)
2012-11-14 Includes\TrojansC-05.sbi (*)
2012-11-14 Includes\TrojansC.sbi (*)

Search results from Spybot - Search & Destroy

18.03.2013 23:29:08
Scan took 00:54:51.
162 items found.

Babylon.Toolbar: [SBI $38C57020]  Library (File, nothing done)
  C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll
  Properties.size=323584
  Properties.md5=5F933C75510CE7064600770488159453
  Properties.filedate=1289121712
  Properties.filedatetext=2010-11-07 10:21:52

Babylon.Toolbar: [SBI $554A5FF0] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylnApp.appCore

Babylon.Toolbar: [SBI $554A5FF0] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylnApp.appCore.1

Babylon.Toolbar: [SBI $554A5FF0] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}

Babylon.Toolbar: [SBI $5CBA2194]  Library (File, nothing done)
  C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
  Properties.size=184760
  Properties.md5=CF158FAC1864EE97BFE3221285FEC23A
  Properties.filedate=1289137528
  Properties.filedatetext=2010-11-07 14:45:28

Babylon.Toolbar: [SBI $86348D5E] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd

Babylon.Toolbar: [SBI $86348D5E] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Babylon.dskBnd.1

Babylon.Toolbar: [SBI $86348D5E] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}

Babylon.Toolbar: [SBI $B04483F7] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Babylon.Toolbar: [SBI $B04483F7] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Babylon.Toolbar: [SBI $B04483F7] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}

Babylon.Toolbar: [SBI $5601E539]  Library (File, nothing done)
  C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll
  Properties.size=421888
  Properties.md5=CE5D74D6AC19E94164DE0506D46B8AE8
  Properties.filedate=1289121708
  Properties.filedatetext=2010-11-07 10:21:48

Babylon.Toolbar: [SBI $7A3F9AD7] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.xtrnl

Babylon.Toolbar: [SBI $7A3F9AD7] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bbylntlbr.xtrnl.1

Babylon.Toolbar: [SBI $7A3F9AD7] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}

Babylon.Toolbar: [SBI $360EE791]  Library (File, nothing done)
  C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
  Properties.size=225720
  Properties.md5=91BCFFE9095DFE033125ADD31EE7FFC1
  Properties.filedate=1289137526
  Properties.filedatetext=2010-11-07 14:45:26

Babylon.Toolbar: [SBI $52C6ABB7] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc

Babylon.Toolbar: [SBI $52C6ABB7] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\esrv.BabylonESrvc.1

Babylon.Toolbar: [SBI $52C6ABB7] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}

Babylon.Toolbar: [SBI $4E46F835] Program directory (Directory, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\BabylonToolbar\

Babylon.Toolbar: [SBI $1AA9620D] Program directory (Directory, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\BabylonToolbar\BabylonToolbar\

Babylon.Toolbar: [SBI $C2E2DFDF] Program directory (Directory, nothing done)
  C:\Programme\BabylonToolbar\
  Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx
  Directory.subfile.size=93502
  Directory.subfile.md5=AA02A79239A33EEF3B2DE2D2D33BC84E
  Directory.subfile.filedate=1293535580
  Directory.subfile.filedatetext=2010-12-28 12:26:20
  Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll
  Directory.subfile.size=323584
  Directory.subfile.md5=5F933C75510CE7064600770488159453
  Directory.subfile.filedate=1289121712
  Directory.subfile.filedatetext=2010-11-07 10:21:52
  Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll
  Directory.subfile.size=421888
  Directory.subfile.md5=CE5D74D6AC19E94164DE0506D46B8AE8
  Directory.subfile.filedate=1289121708
  Directory.subfile.filedatetext=2010-11-07 10:21:48
  Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
  Directory.subfile.size=286720
  Directory.subfile.md5=000A83380536DF86EFE77D020D812F96
  Directory.subfile.filedate=1289121720
  Directory.subfile.filedatetext=2010-11-07 10:22:00
  Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
  Directory.subfile.size=184760
  Directory.subfile.md5=CF158FAC1864EE97BFE3221285FEC23A
  Directory.subfile.filedate=1289137528
  Directory.subfile.filedatetext=2010-11-07 14:45:28
  Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe
  Directory.subfile.size=94413
  Directory.subfile.md5=2054AB2A45B1CF380D02D070D6DFE379
  Directory.subfile.filedate=1308499538
  Directory.subfile.filedatetext=2011-06-19 17:05:38
  Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
  Directory.subfile.size=225720
  Directory.subfile.md5=91BCFFE9095DFE033125ADD31EE7FFC1
  Directory.subfile.filedate=1289137526
  Directory.subfile.filedatetext=2010-11-07 14:45:26

Babylon.Toolbar: [SBI $6FD65E4E] Program directory (Directory, nothing done)
  C:\Programme\BabylonToolbar\BabylonToolbar\
  Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx
  Directory.subfile.size=93502
  Directory.subfile.md5=AA02A79239A33EEF3B2DE2D2D33BC84E
  Directory.subfile.filedate=1293535580
  Directory.subfile.filedatetext=2010-12-28 12:26:20
  Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll
  Directory.subfile.size=323584
  Directory.subfile.md5=5F933C75510CE7064600770488159453
  Directory.subfile.filedate=1289121712
  Directory.subfile.filedatetext=2010-11-07 10:21:52
  Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll
  Directory.subfile.size=421888
  Directory.subfile.md5=CE5D74D6AC19E94164DE0506D46B8AE8
  Directory.subfile.filedate=1289121708
  Directory.subfile.filedatetext=2010-11-07 10:21:48
  Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
  Directory.subfile.size=286720
  Directory.subfile.md5=000A83380536DF86EFE77D020D812F96
  Directory.subfile.filedate=1289121720
  Directory.subfile.filedatetext=2010-11-07 10:22:00
  Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll
  Directory.subfile.size=184760
  Directory.subfile.md5=CF158FAC1864EE97BFE3221285FEC23A
  Directory.subfile.filedate=1289137528
  Directory.subfile.filedatetext=2010-11-07 14:45:28
  Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe
  Directory.subfile.size=94413
  Directory.subfile.md5=2054AB2A45B1CF380D02D070D6DFE379
  Directory.subfile.filedate=1308499538
  Directory.subfile.filedatetext=2011-06-19 17:05:38
  Directory.subfile=C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll
  Directory.subfile.size=225720
  Directory.subfile.md5=91BCFFE9095DFE033125ADD31EE7FFC1
  Directory.subfile.filedate=1289137526
  Directory.subfile.filedatetext=2010-11-07 14:45:26

Babylon.Toolbar: [SBI $B2252BB5]  Program directory (File, nothing done)
  C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx
  Properties.size=93502
  Properties.md5=AA02A79239A33EEF3B2DE2D2D33BC84E
  Properties.filedate=1293535580
  Properties.filedatetext=2010-12-28 12:26:20

Babylon.Toolbar: [SBI $B7E3BC8B]  Executable (File, nothing done)
  C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
  Properties.size=286720
  Properties.md5=000A83380536DF86EFE77D020D812F96
  Properties.filedate=1289121720
  Properties.filedatetext=2010-11-07 10:22:00

Babylon.Toolbar: [SBI $247AFEA8]  Executable (File, nothing done)
  C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe
  Properties.size=94413
  Properties.md5=2054AB2A45B1CF380D02D070D6DFE379
  Properties.filedate=1308499538
  Properties.filedatetext=2011-06-19 17:05:38

Widgi.Toolbar: [SBI $16C3A07B] Settings (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\

Widgi.Toolbar: [SBI $000389AB] Settings (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\

Widgi.Toolbar: [SBI $1E14509F] Settings (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\Res\

Widgi.Toolbar: [SBI $51A36620] Settings (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\

Widgi.Toolbar: [SBI $14EAB21D] Settings (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\

Widgi.Toolbar: [SBI $65C7C8B1] Shared DLL (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Programme\Application Updater\ApplicationUpdater.exe

Widgi.Toolbar: [SBI $65C7C8B1]  System file (File, nothing done)
  C:\Programme\Application Updater\ApplicationUpdater.exe
  Properties.size=387072
  Properties.md5=CF46A776D2E44F180AF2773A9844D260
  Properties.filedate=1296231028
  Properties.filedatetext=2011-01-28 17:10:28

Widgi.Toolbar: [SBI $5AE37010] Shared DLL (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe

Widgi.Toolbar: [SBI $5AE37010]  System file (File, nothing done)
  C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe
  Properties.size=526336
  Properties.md5=B8F85EACBBBF7A36A542ED35105B10AF
  Properties.filedate=1296232602
  Properties.filedatetext=2011-01-28 17:36:42

Widgi.Toolbar: [SBI $1FDB1566] Shared DLL (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll

Widgi.Toolbar: [SBI $1FDB1566]  System file (File, nothing done)
  C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll
  Properties.size=596992
  Properties.md5=187ECE8D6A5ACDC876C73A9B9B99FCC1
  Properties.filedate=1296232576
  Properties.filedatetext=2011-01-28 17:36:16

Widgi.Toolbar: [SBI $A3625505] Application data folder (Directory, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Search Settings\

Widgi.Toolbar: [SBI $7C436CA1] Application data folder (Directory, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Search Settings\res\

Widgi.Toolbar: [SBI $B7BA3A77] Application data folder (Directory, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Search Settings\temp\

Widgi.Toolbar: [SBI $0B12F9B5] Program directory (Directory, nothing done)
  C:\Programme\Application Updater\
  Directory.subfile=C:\Programme\Application Updater\ApplicationUpdater.exe
  Directory.subfile.size=387072
  Directory.subfile.md5=CF46A776D2E44F180AF2773A9844D260
  Directory.subfile.filedate=1296231028
  Directory.subfile.filedatetext=2011-01-28 17:10:28
  Directory.subfile=C:\Programme\Application Updater\config.ini
  Directory.subfile.size=85
  Directory.subfile.md5=9E44EB00BBA056FA9B8440EF1D6C356E
  Directory.subfile.filedate=1298355323
  Directory.subfile.filedatetext=2011-02-22 07:15:23

Widgi.Toolbar: [SBI $B5E507B2]  Text file (File, nothing done)
  C:\Programme\Application Updater\config.ini
  Properties.size=85
  Properties.md5=9E44EB00BBA056FA9B8440EF1D6C356E
  Properties.filedate=1298355323
  Properties.filedatetext=2011-02-22 07:15:23

Widgi.Toolbar: [SBI $05E59E37] Program directory (Directory, nothing done)
  C:\Programme\Gemeinsame Dateien\Spigot\
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\config.ini
  Directory.subfile.size=45
  Directory.subfile.md5=DD9603D0052E892266D2C9AE59062A4B
  Directory.subfile.filedate=1298355323
  Directory.subfile.filedatetext=2011-02-22 07:15:23
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe
  Directory.subfile.size=526336
  Directory.subfile.md5=B8F85EACBBBF7A36A542ED35105B10AF
  Directory.subfile.filedate=1296232602
  Directory.subfile.filedatetext=2011-01-28 17:36:42
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\yahoo_ff.xml
  Directory.subfile.size=849
  Directory.subfile.md5=ACF1EF4F2C71EB8FBBADC340153D920A
  Directory.subfile.filedate=1298355323
  Directory.subfile.filedatetext=2011-02-22 07:15:23
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\yahoo_ie.xml
  Directory.subfile.size=460
  Directory.subfile.md5=2D42E2CEF20A53BF068FAF3CA18D9108
  Directory.subfile.filedate=1298355323
  Directory.subfile.filedatetext=2011-02-22 07:15:23
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\chrome.manifest
  Directory.subfile.size=146
  Directory.subfile.md5=739A1DBBC5969F0560B61421F23573E5
  Directory.subfile.filedate=1296232782
  Directory.subfile.filedatetext=2011-01-28 17:39:42
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\install.rdf
  Directory.subfile.size=990
  Directory.subfile.md5=9A9AB91D3606EBE4684A4EB57549F7C5
  Directory.subfile.filedate=1296232782
  Directory.subfile.filedatetext=2011-01-28 17:39:42
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
  Directory.subfile.size=232
  Directory.subfile.md5=D2FE788EDBFAFCB041A266FAA706251A
  Directory.subfile.filedate=1295313066
  Directory.subfile.filedatetext=2011-01-18 02:11:06
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
  Directory.subfile.size=308
  Directory.subfile.md5=78790228A0F4CACC233ED694B6C70CB2
  Directory.subfile.filedate=1295313066
  Directory.subfile.filedatetext=2011-01-18 02:11:06
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll
  Directory.subfile.size=596992
  Directory.subfile.md5=187ECE8D6A5ACDC876C73A9B9B99FCC1
  Directory.subfile.filedate=1296232576
  Directory.subfile.filedatetext=2011-01-28 17:36:16

Widgi.Toolbar: [SBI $9DDBABD2] Program directory (Directory, nothing done)
  C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\config.ini
  Directory.subfile.size=45
  Directory.subfile.md5=DD9603D0052E892266D2C9AE59062A4B
  Directory.subfile.filedate=1298355323
  Directory.subfile.filedatetext=2011-02-22 07:15:23
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe
  Directory.subfile.size=526336
  Directory.subfile.md5=B8F85EACBBBF7A36A542ED35105B10AF
  Directory.subfile.filedate=1296232602
  Directory.subfile.filedatetext=2011-01-28 17:36:42
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\yahoo_ff.xml
  Directory.subfile.size=849
  Directory.subfile.md5=ACF1EF4F2C71EB8FBBADC340153D920A
  Directory.subfile.filedate=1298355323
  Directory.subfile.filedatetext=2011-02-22 07:15:23
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\yahoo_ie.xml
  Directory.subfile.size=460
  Directory.subfile.md5=2D42E2CEF20A53BF068FAF3CA18D9108
  Directory.subfile.filedate=1298355323
  Directory.subfile.filedatetext=2011-02-22 07:15:23

Widgi.Toolbar: [SBI $10B6A612]  Data (File, nothing done)
  C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\config.ini
  Properties.size=45
  Properties.md5=DD9603D0052E892266D2C9AE59062A4B
  Properties.filedate=1298355323
  Properties.filedatetext=2011-02-22 07:15:23

Widgi.Toolbar: [SBI $2CCE143F] Program directory (Directory, nothing done)
  C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\Res\

Widgi.Toolbar: [SBI $2CEF1646] Program directory (Directory, nothing done)
  C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\chrome.manifest
  Directory.subfile.size=146
  Directory.subfile.md5=739A1DBBC5969F0560B61421F23573E5
  Directory.subfile.filedate=1296232782
  Directory.subfile.filedatetext=2011-01-28 17:39:42
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\install.rdf
  Directory.subfile.size=990
  Directory.subfile.md5=9A9AB91D3606EBE4684A4EB57549F7C5
  Directory.subfile.filedate=1296232782
  Directory.subfile.filedatetext=2011-01-28 17:39:42
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
  Directory.subfile.size=232
  Directory.subfile.md5=D2FE788EDBFAFCB041A266FAA706251A
  Directory.subfile.filedate=1295313066
  Directory.subfile.filedatetext=2011-01-18 02:11:06
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
  Directory.subfile.size=308
  Directory.subfile.md5=78790228A0F4CACC233ED694B6C70CB2
  Directory.subfile.filedate=1295313066
  Directory.subfile.filedatetext=2011-01-18 02:11:06
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll
  Directory.subfile.size=596992
  Directory.subfile.md5=187ECE8D6A5ACDC876C73A9B9B99FCC1
  Directory.subfile.filedate=1296232576
  Directory.subfile.filedatetext=2011-01-28 17:36:16

Widgi.Toolbar: [SBI $AA0B055F]  Data (File, nothing done)
  C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\chrome.manifest
  Properties.size=146
  Properties.md5=739A1DBBC5969F0560B61421F23573E5
  Properties.filedate=1296232782
  Properties.filedatetext=2011-01-28 17:39:42

Widgi.Toolbar: [SBI $56E021F7] Program directory (Directory, nothing done)
  C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
  Directory.subfile.size=232
  Directory.subfile.md5=D2FE788EDBFAFCB041A266FAA706251A
  Directory.subfile.filedate=1295313066
  Directory.subfile.filedatetext=2011-01-18 02:11:06
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
  Directory.subfile.size=308
  Directory.subfile.md5=78790228A0F4CACC233ED694B6C70CB2
  Directory.subfile.filedate=1295313066
  Directory.subfile.filedatetext=2011-01-18 02:11:06
  Directory.subfile=C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\WidgiToolbarFF.dll
  Directory.subfile.size=596992
  Directory.subfile.md5=187ECE8D6A5ACDC876C73A9B9B99FCC1
  Directory.subfile.filedate=1296232576
  Directory.subfile.filedatetext=2011-01-28 17:36:16

Widgi.Toolbar: [SBI $2B7574E7]  Data (File, nothing done)
  C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt
  Properties.size=232
  Properties.md5=D2FE788EDBFAFCB041A266FAA706251A
  Properties.filedate=1295313066
  Properties.filedatetext=2011-01-18 02:11:06

Widgi.Toolbar: [SBI $B3254F10]  Data (File, nothing done)
  C:\Programme\Gemeinsame Dateien\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt
  Properties.size=308
  Properties.md5=78790228A0F4CACC233ED694B6C70CB2
  Properties.filedate=1295313066
  Properties.filedatetext=2011-01-18 02:11:06

Widgi.Toolbar: [SBI $E4808FA3] Settings (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Programme\Application Updater\

Click.GiftLoad: [SBI $5ABC7D37] User settings (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\enablehttp1_1

Uniblue.DriverScanner: [SBI $EE6536E6] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\driverscanner

Microsoft.WindowsSecurityCenter.AntiVirusOverride: [SBI $3604910C] Settings (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\s.ytimg.com\soundData.sol
  Properties.size=49
  Properties.md5=18350A328022541115D248C2EA04C860
  Properties.filedate=1363600032
  Properties.filedatetext=2013-03-18 10:47:12

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\s.ytimg.com\videostats.sol
  Properties.size=275
  Properties.md5=2351928AD51424CF333C8C33035B7F00
  Properties.filedate=1363633163
  Properties.filedatetext=2013-03-18 19:59:22

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\secureinclude.ebaystatic.com\ebayLSO.sol
  Properties.size=131
  Properties.md5=6B8C1ADE576AAE2DB14F24B3834174CA
  Properties.filedate=1363433196
  Properties.filedatetext=2013-03-16 12:26:36

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\secureinclude.ebaystatic.com\ebayT.sol
  Properties.size=39
  Properties.md5=B43F43445AA3414DDC22EC80FBB22871
  Properties.filedate=1363433196
  Properties.filedatetext=2013-03-16 12:26:36

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\static.afcdn.com\com.jeroenwijering.sol
  Properties.size=50
  Properties.md5=283B44FC0AC0DC2B75215D991B61C210
  Properties.filedate=1363589265
  Properties.filedatetext=2013-03-18 07:47:45

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\streamcloud.eu\com.jeroenwijering.sol
  Properties.size=64
  Properties.md5=1F823EB48C0B57444200E645153D8F54
  Properties.filedate=1363453153
  Properties.filedatetext=2013-03-16 17:59:12

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\www.paypalobjects.com\ppLsoTest.sol
  Properties.size=48
  Properties.md5=74EE4375686A2069414EEF13E7B62789
  Properties.filedate=1363601614
  Properties.filedatetext=2013-03-18 11:13:33

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\computeradministrar\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\6LLJMKDR\skype.com\#ui\preferences.sol
  Properties.size=235
  Properties.md5=1D7D04F31FE16A67CECFB96D82C67B0B
  Properties.filedate=1358102109
  Properties.filedatetext=2013-01-13 19:35:09

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Macromedia\Flash Player\#SharedObjects\BPCTR4RF\static.putlocker.com\video_player.swf\org.flowplayer.sol
  Properties.size=60
  Properties.md5=11B628CEABE61125FA85414F1AC515EA
  Properties.filedate=1363450129
  Properties.filedatetext=2013-03-16 17:08:49

Right Media: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Luxhaus) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Luxhaus) (Browser: Cookie, nothing done)
  

Statcounter: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Benutzer): Luxhaus) (Browser: Cookie, nothing done)
  

FastClick: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Inaktive Benutzer): computeradministrar) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Inaktive Benutzer): computeradministrar) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Internet Explorer (Inaktive Benutzer): computeradministrar) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

Statcounter: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

WebTrends live: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

LinkSynergy: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

LinkSynergy: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

LinkSynergy: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

LinkSynergy: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

Statcounter: [SBI $8E73A7FB] Tracking cookie (Firefox: PE_C_ALL USERS (default)) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)
  

MediaPlex: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)
  

DoubleClick: [SBI $8E73A7FB] Tracking cookie (Firefox: computeradministrar (default)) (Browser: Cookie, nothing done)
  

Common Dialogs: [SBI $8E73A7FB] History  (12 files) (Registry Key, nothing done)
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Log: [SBI $8E73A7FB]  Activity: SchedLgU.Txt (File, nothing done)
  C:\WINDOWS\SchedLgU.Txt
  Properties.size=32338
  Properties.md5=61653B1D03CDFE4C9E9F703194653198
  Properties.filedate=1363630354
  Properties.filedatetext=2013-03-18 19:12:33

Log: [SBI $8E73A7FB]  Install: setupapi.log (File, nothing done)
  C:\WINDOWS\setupapi.log
  Properties.size=2504
  Properties.md5=19D5316223C689F717BDEE3362024E86
  Properties.filedate=1363633655
  Properties.filedatetext=2013-03-18 20:07:34

Log: [SBI $8E73A7FB]  Shutdown: System32\wbem\logs\wbemcore.log (File, nothing done)
  C:\WINDOWS\System32\wbem\logs\wbemcore.log
  Properties.size=53878
  Properties.md5=4C7880AB4F8A0DD6F55D4B6C39AB40F6
  Properties.filedate=1363645474
  Properties.filedatetext=2013-03-18 23:24:34

Log: [SBI $8E73A7FB]  Shutdown: System32\wbem\logs\wbemess.log (File, nothing done)
  C:\WINDOWS\System32\wbem\logs\wbemess.log
  Properties.size=49985
  Properties.md5=C972ADB81B9C81850A42DD2FC1BF6E2A
  Properties.filedate=1363642756
  Properties.filedatetext=2013-03-18 22:39:16

Log: [SBI $8E73A7FB]  Shutdown: System32\wbem\logs\wbemprox.log (File, nothing done)
  C:\WINDOWS\System32\wbem\logs\wbemprox.log
  Properties.size=3352
  Properties.md5=531C35F1E800C0B18CB324380ABCB1D3
  Properties.filedate=1363639984
  Properties.filedatetext=2013-03-18 21:53:03

Log: [SBI $8E73A7FB]  Shutdown: System32\wbem\logs\wmiprov.log (File, nothing done)
  C:\WINDOWS\System32\wbem\logs\wmiprov.log
  Properties.size=527
  Properties.md5=BEE4B7E2D964B7D1615E5337F2FDF96D
  Properties.filedate=1363630961
  Properties.filedatetext=2013-03-18 19:22:41

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Isobuster: [SBI $FFCD5808] Last save folder (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Smart Projects\IsoBuster\LastSavedPath

MS Media Player: [SBI $6D2E50D8] Last selected node (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\MediaPlayer\MediaLibraryUI\MLLastSelectedNode

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS Office 11.0 (Access): [SBI $7F916EA4] Recent database #1 (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\Access\Settings\MRU1

MS Office 11.0 (Cliparts): [SBI $D2A56AFD] Last search made (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\Clip Organizer\Search\Last Query

MS Office 11.0 (PowerPoint): [SBI $45221EA4] Recent template list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\PowerPoint\Recent Templates

MS Office 11.0 (PowerPoint): [SBI $81078145] Recent animation list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\PowerPoint\RecentAnimationList

MS Office 11.0 (PowerPoint): [SBI $8C3C6CBB] Recent folder list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\PowerPoint\RecentFolderList

MS Office 11.0 (PowerPoint): [SBI $C04A11CB] Recent template list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\PowerPoint\RecentTemplateList

MS Office 11.0 (Word): [SBI $15AC27CE] Recent file list (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Office\11.0\Word\Data\Settings

MS Fax: [SBI $F2D1A0E8] Last country ID (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Fax\UserInfo\LastCountryID

MS Fax: [SBI $8F651DE1] Last recipient name (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Fax\UserInfo\LastRecipientName

MS Fax: [SBI $17E7FB0C] Last recipient number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Fax\UserInfo\LastRecipientNumber

MS Windows Backup 5.0: [SBI $9CE336F6] Last created backup set (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Ntbackup\Hardware\Logical Disk File

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $6CBE8CD7] Open with list - .ASP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASP\OpenWithList

Windows.OpenWith: [SBI $CDE7D0A6] Open with list - .ASX extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASX\OpenWithList

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList

Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList

Windows.OpenWith: [SBI $63036C95] Open with list - .CAB extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAB\OpenWithList

Windows.OpenWith: [SBI $3A470490] Open with list - .CCF extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CCF\OpenWithList

Windows.OpenWith: [SBI $9E8D5C8A] Open with list - .CDA extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CDA\OpenWithList

Windows.OpenWith: [SBI $E9115E4D] Open with list - .CER extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CER\OpenWithList

Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList

Windows.OpenWith: [SBI $ECC28BDF] Open with list - .CSV extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSV\OpenWithList

Windows.OpenWith: [SBI $F34FE1D0] Open with list - .CUE extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CUE\OpenWithList

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1011\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $B7EBA926] Last visited history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Explorer: [SBI $85C2C910] Last Copy/MoveTo folder (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\CopyMoveTo\LastFolder

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-2722348755-203697696-985015707-1005\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: [SBI $49804B54] Browser: Cookie (16) (Browser: Cookie, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (335) (Browser: Cache, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (88) (Browser: History, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (19) (Browser: Cookie, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (29) (Browser: Cache, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (4) (Browser: History, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (13) (Browser: Cache, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (1) (Browser: History, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (1148) (Browser: Cookie, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (104) (Browser: Cookie, nothing done)
  


--- Spybot - Search & Destroy version: 2.0.12.131  DLL (build: 20121113) ---

2012-11-13 blindman.exe (2.0.12.151)
2012-11-13 explorer.exe (2.0.12.173)
2012-11-13 SDBootCD.exe (2.0.12.109)
2012-11-13 SDCleaner.exe (2.0.12.110)
2012-11-13 SDDelFile.exe (2.0.12.94)
2012-11-13 SDFiles.exe (2.0.12.135)
2012-11-13 SDFileScanHelper.exe (2.0.12.1)
2012-11-13 SDFSSvc.exe (2.0.12.205)
2012-11-13 SDImmunize.exe (2.0.12.130)
2012-11-13 SDLogReport.exe (2.0.12.107)
2012-11-13 SDPESetup.exe (2.0.12.3)
2012-11-13 SDPEStart.exe (2.0.12.86)
2012-11-13 SDPhoneScan.exe (2.0.12.27)
2012-11-13 SDPRE.exe (2.0.12.13)
2012-11-13 SDPrepPos.exe (2.0.12.10)
2012-11-13 SDQuarantine.exe (2.0.12.103)
2012-11-13 SDRootAlyzer.exe (2.0.12.116)
2012-11-13 SDSBIEdit.exe (2.0.12.39)
2012-11-13 SDScan.exe (2.0.12.173)
2012-11-13 SDScript.exe (2.0.12.53)
2012-11-13 SDSettings.exe (2.0.12.130)
2012-11-13 SDShred.exe (2.0.12.105)
2012-11-13 SDSysRepair.exe (2.0.12.101)
2012-11-13 SDTools.exe (2.0.12.150)
2012-11-13 SDTray.exe (2.0.12.127)
2012-11-13 SDUpdate.exe (2.0.12.89)
2012-11-13 SDUpdSvc.exe (2.0.12.76)
2012-11-13 SDWelcome.exe (2.0.12.126)
2012-11-13 SDWSCSvc.exe (2.0.12.2)
2013-03-18 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98)
2012-11-13 SDECon32.dll (2.0.12.113)
2012-11-13 SDEvents.dll (2.0.12.2)
2012-11-13 SDFileScanLibrary.dll (2.0.12.9)
2012-11-13 SDHelper.dll (2.0.12.88)
2012-11-13 SDImmunizeLibrary.dll (2.0.12.2)
2012-11-13 SDLists.dll (2.0.12.4)
2012-11-13 SDResources.dll (2.0.12.7)
2012-11-13 SDScanLibrary.dll (2.0.12.131)
2012-11-13 SDTasks.dll (2.0.12.15)
2012-11-13 SDWinLogon.dll (2.0.12.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2012-11-13 Tools.dll (2.0.12.36)
2012-11-13 UninsSrv.dll (2.0.12.52)
2012-11-14 Includes\Adware.sbi (*)
2012-11-14 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2012-11-14 Includes\KeyloggersC.sbi (*)
2012-11-14 Includes\Malware.sbi (*)
2012-11-14 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2012-11-14 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2012-11-14 Includes\Spyware.sbi (*)
2012-11-14 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2005-02-17 Includes\Tracks.uti (*)
2012-11-14 Includes\Trojans.sbi (*)
2012-11-14 Includes\TrojansC-02.sbi (*)
2012-11-14 Includes\TrojansC-03.sbi (*)
2012-11-14 Includes\TrojansC-04.sbi (*)
2012-11-14 Includes\TrojansC-05.sbi (*)
2012-11-14 Includes\TrojansC.sbi (*)

[/CODE][/CODE]
[/CODE]

so ich hoffe - ich habe mit meinem unwissen keine zu grossen fehler gemacht.
falls doch bitte gleich melden

cosinus · 02.06.2013, 16:25

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Erstmal eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles hier in CODE-Tags in den Thread.

cosmicus · 02.06.2013, 20:56

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 02.06.2013 21:10:36 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Luxhaus\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,65 Gb Available Physical Memory | 32,59% Memory free
3,84 Gb Paging File | 2,54 Gb Available in Paging File | 66,12% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 3,86 Gb Free Space | 1,66% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK-LORENS | User Name: Luxhaus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Dokumente und Einstellungen\Luxhaus\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\PANDORA.TV\PanService\PanProcess.exe (PandoraTV)
PRC - C:\Programme\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV)
PRC - C:\Programme\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Programme\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Programme\Guard-ICQ\GuardICQ.exe ()
PRC - C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG)
PRC - C:\Programme\Gemeinsame Dateien\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe (ABBYY)
PRC - C:\WINDOWS\system32\lxebcoms.exe ( )
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\17440cd05eee7f87026b3c17119eed58\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\b6efe2639cf6d0f305cf4cb8d0a34304\System.ServiceModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e8172ec65cbfc6cb540889acb30f44a7\System.IdentityModel.ni.dll ()
MOD - C:\Programme\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - C:\Programme\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Programme\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\d7ee03714420b252415b952d40ef59e4\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\64bfc7fc01a4a79ce6b2c433c2e6e1a9\SMDiagnostics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\51e7151c1420690c754d7f986c4b1c42\System.Runtime.Serialization.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll ()
MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()
MOD - C:\Programme\PANDORA.TV\PanService\avformat-53.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\Guard-ICQ\GuardICQ.exe ()
MOD - C:\Programme\Spybot - Search & Destroy 2\sqlite3.dll ()
MOD - C:\Programme\PANDORA.TV\PanService\avcodec-53.dll ()
MOD - C:\Programme\Spybot - Search & Destroy 2\av\BDSmartDB.dll ()
MOD - C:\Programme\PANDORA.TV\PanService\libupnp.dll ()
MOD - C:\Programme\PANDORA.TV\PanService\avutil-51.dll ()
MOD - C:\Programme\TeraCopy\TeraCopyExt.dll ()
MOD - \\?\C:\Programme\Spybot - Search & Destroy 2\av\avxdisk.dll ()
MOD - C:\WINDOWS\system32\spool\prtprocs\w32x86\lxebdrpp.dll ()
MOD - C:\WINDOWS\system32\msdmo.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (SDWSCService) -- C:\Programme\Spybot File not found
SRV - (SDUpdateService) -- C:\Programme\Spybot File not found
SRV - (SDScannerService) -- C:\Programme\Spybot File not found
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Skype C2C Service) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (PanService) -- C:\Programme\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV)
SRV - (Secunia PSI Agent) -- C:\Programme\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Programme\Secunia\PSI\sua.exe (Secunia)
SRV - (Guard.Mail.ru) -- C:\Programme\Guard-ICQ\GuardICQ.exe ()
SRV - (Netzmanager Service) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG)
SRV - (TVersityMediaServer) -- C:\Programme\TVersity\Media Server\MediaServer.exe ()
SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (SZASSIST) -- C:\Programme\Clarus\Samsung SecretZone\SZAssistSVC.exe (Clarus, Inc.)
SRV - (PMBDeviceInfoProvider) -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (ABBYY.Licensing.FineReader.Corporate.10.0) -- C:\Programme\Gemeinsame Dateien\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe (ABBYY)
SRV - (UI Assistant Service) -- C:\Programme\Mobile Partner Manager\AssistantServices.exe ()
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Fabs) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (lxeb_device) -- C:\WINDOWS\system32\lxebcoms.exe ( )
SRV - (lxebCATSCustConnectService) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxebserv.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (NMIndexingService) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe (Nero AG)
SRV - (IGDCTRL) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)
SRV - (WisLMSvc) -- C:\Programme\Launch Manager\WisLMSvc.exe (Wistron Corp.)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (WDICA) --  File not found
DRV - (TelekomNM3) -- C:\PROGRA~1\NETZMA~1\NMINFR~1\TelekomNM3.SYS File not found
DRV - (SymIMMP) -- system32\DRIVERS\SymIM.sys File not found
DRV - (SymIM) -- system32\DRIVERS\SymIM.sys File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (mailKmd) --  File not found
DRV - (LMIInfo) -- C:\Programme\LogMeIn\x86\RaInfo.sys File not found
DRV - (lbrtfdc) --  File not found
DRV - (Changer) --  File not found
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (PSI) -- C:\WINDOWS\system32\drivers\psi_mf.sys (Secunia)
DRV - (ui11rdr) -- C:\WINDOWS\system32\drivers\ui11rdr.SYS (1&1 Internet AG)
DRV - (mvd22) -- C:\Programme\Clarus\Samsung SecretZone\mvd22.sys ()
DRV - (mdf16) -- C:\Programme\Clarus\Samsung SecretZone\mdf16.sys ()
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (Ndisprot) -- C:\WINDOWS\system32\drivers\Ndisprot.sys (Windows (R) 2000 DDK provider)
DRV - (ZTEusbser6k) -- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV - (ZTEusbnmea) -- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV - (ZTEusbmdm6k) -- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV - (massfilter) -- C:\WINDOWS\system32\drivers\massfilter.sys (ZTE Incorporated)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (PID_PEPI) -- C:\WINDOWS\system32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (mf) -- C:\WINDOWS\system32\drivers\mf.sys (Microsoft Corporation)
DRV - (auusb) -- C:\WINDOWS\system32\drivers\auusb.sys (Auerswald GmbH & Co.KG                         )
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (LVUSBSta) -- C:\WINDOWS\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (HdAudAddService) -- C:\WINDOWS\system32\drivers\CHDAud.sys (Conexant Systems Inc.)
DRV - (NETw4x32) -- C:\WINDOWS\system32\drivers\NETw4x32.sys (Intel Corporation)
DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTSERIAL) -- C:\WINDOWS\system32\drivers\btserial.sys (Broadcom Corporation.)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (btwmodem) -- C:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (S3SavageNB) -- C:\WINDOWS\system32\drivers\s3gnbm.sys (S3 Graphics, Inc.)
DRV - (Hotkey) -- C:\WINDOWS\System32\drivers\HOTKEY.sys ()
DRV - (BrUsbScn) -- C:\WINDOWS\system32\drivers\BrUsbScn.sys (Brother Industries Ltd.)
DRV - (brfilt) -- C:\WINDOWS\system32\drivers\BrFilt.sys (Brother Industries Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10
FF - prefs.js..extensions.enabledAddons: %7Bef4e370e-d9f0-4e00-b93e-a4f274cfdd5a%7D:1.4.9
FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.1.0
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.5
FF - prefs.js..extensions.enabledAddons: youtube2mp3%40mondayx.de:1.2.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Programme\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007.11.21 00:22:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Programme\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.14 06:12:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.05.24 11:50:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.05.24 11:49:39 | 000,000,000 | ---D | M]
 
[2008.12.24 18:52:42 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Extensions
[2013.06.01 03:12:21 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions
[2010.12.24 15:40:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.20 01:24:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(2)
[2010.03.20 01:24:22 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2013.05.10 10:42:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.03.20 01:24:22 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}(2)
[2011.06.19 16:30:12 | 000,000,000 | ---D | M] (Microsoft Choice Guard) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\ChoiceGuard@Microsoft
[2013.04.15 01:44:57 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\fb_add_on@avm.de
[2010.03.20 01:24:20 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\firefox@tvunetworks.com
[2012.09.22 01:49:57 | 000,101,871 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\ciuvo-extension@icq.de.xpi
[2013.05.20 20:19:27 | 000,194,311 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\jid0-c1av474BVPIHcGJfBp3GkhlhAa4@jetpack.xpi
[2012.12.16 17:50:43 | 000,259,172 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi
[2013.05.31 22:10:39 | 000,011,510 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\youtube2mp3@mondayx.de.xpi
[2013.05.27 08:37:03 | 000,534,431 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2013.05.28 11:09:42 | 000,067,831 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\{1f91cde0-c040-11da-a94d-0800200c9a66}.xpi
[2013.05.17 22:52:27 | 000,117,280 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2012.12.12 13:34:28 | 000,036,098 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.05.10 10:40:50 | 000,870,680 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.09.22 03:15:43 | 000,434,392 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2013.04.21 07:43:21 | 000,765,412 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2013.02.22 14:38:18 | 000,685,671 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
[2012.06.18 13:53:02 | 000,002,337 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\searchplugins\bing.xml
[2012.09.04 20:22:54 | 000,002,342 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\searchplugins\icq-search.xml
[2013.01.13 01:00:24 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\searchplugins\icqplugin-4.xml
[2012.06.18 13:53:02 | 000,002,079 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\searchplugins\{A9973FB0-7B6C-4350-9E25-709F02581D65}.xml
[2012.06.18 13:53:02 | 000,002,190 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\searchplugins\{CDFA7367-A4A4-447B-981F-7CD4CFFF4957}.xml
[2012.06.18 13:53:02 | 000,001,872 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Mozilla\Firefox\Profiles\ar39acro.default\searchplugins\{D6F49BE1-E8FB-4003-B58C-17B17D8C6501}.xml
[2013.05.31 22:44:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.05.31 22:44:44 | 000,000,000 | ---D | M] (Recorder Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2}
[2013.05.24 11:49:33 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.05.24 11:49:33 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}
[2013.05.24 11:49:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.05.24 11:49:33 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\search@searchsettings.com
[2013.05.24 11:50:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.24 11:50:02 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.03.08 00:29:38 | 000,244,736 | ---- | M] (Dassault Systèmes SolidWorks Corp.) -- C:\Programme\mozilla firefox\plugins\npEModelPlugin.dll
[1999.12.31 16:00:00 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Programme\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll
[2007.09.12 11:19:00 | 000,008,784 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\ractrlkeyhook.dll
[2007.09.12 11:22:00 | 000,245,408 | ---- | M] (Microsoft Corporation) -- C:\Programme\mozilla firefox\plugins\unicows.dll
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak
CHR - Extension: No name found = C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Recorder Toolbar) - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Programme\MedienTeam66\MP3 Recorder for YouTube\IEPlugin.dll (MedienTeam66)
O3 - HKLM\..\Toolbar: (PDFXChange 4.0) - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Programme\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll (Tracker Softaware)
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKCU..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\Luxhaus\Startmenü\Programme\Autostart\Dropbox.lnk = C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 [2012.12.08 16:09:08 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2012.12.08 16:09:08 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2012.12.08 16:09:08 | 000,000,000 | ---D | M]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\FRITZ!DSL\\sarah.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Programme\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D82218B-6DE2-4CFB-9303-F36FA77B7489}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - (LMIinit.dll) - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\applicationinstaller.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\backitup.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\contentcopier.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\coverdes.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\davsrv.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\discspeed.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\drivespeed.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\dw20.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\excel.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\friadr32.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\frifax32.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\fritzboxmonitor.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\friver32.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\frivw32.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\imagedrive.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\infopath.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\infotool.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\install.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mediaserver.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mspub.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nero.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neroburnrights.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nerohome.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neromediahome.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nerorescueagent.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\neroscoutoptions.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nerostartsmart.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\nerovision.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\npsguide.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\offdiag.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\ois.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\outlook.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\pcsuite.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\pcsynclv.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\photosnap.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\photosnapviewer.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\picasa3.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\picasaphotoviewer.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\pmbbrowser.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\pmblauncher.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\pmbmapview.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\proflwiz.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\recode.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\setupx.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\showtime.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\soundtrax.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\stcenter.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\szmgr.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\taskmgr.exe: Debugger - C:\Programme\TuneUp Utilities 2013\PMLauncher.exe (TuneUp Software)
O27 - HKLM IFEO\uimain.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\waveedit.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\winword.exe: Debugger - C:\Programme\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.07.24 19:03:40 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{412b64d0-239f-11e0-90ca-0013e89d0937}\Shell - "" = AutoRun
O33 - MountPoints2\{412b64d0-239f-11e0-90ca-0013e89d0937}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{412b64d0-239f-11e0-90ca-0013e89d0937}\Shell\AutoRun\command - "" = E:\laucher.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.02 21:07:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Luxhaus\Desktop\OTL.exe
[2013.06.02 12:20:38 | 000,000,000 | ---D | C] -- C:\f6e41b4ffd14a2e23e0ae8e98bf6c0
[2013.06.02 12:19:22 | 000,000,000 | ---D | C] -- C:\0a31f0dee16f16bbf128c7
[2013.06.01 22:46:54 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013.06.01 17:29:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Spybot - Search & Destroy 2
[2013.06.01 17:28:55 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\WINDOWS\System32\sdnclean.exe
[2013.05.31 22:44:52 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MT66 Software Update
[2013.05.31 22:44:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MedienTeam66
[2013.05.31 22:44:25 | 000,000,000 | ---D | C] -- C:\Programme\MedienTeam66
[2013.05.31 20:41:38 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Luxhaus\Recent
[2013.05.28 05:58:45 | 000,000,000 | ---D | C] -- C:\172be6b870bb58cd80f511a69cc030a3
[2013.05.28 05:56:09 | 000,000,000 | ---D | C] -- C:\82c3a61c9952bba9f80277
[2013.05.27 10:36:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\QuickTime
[2013.05.27 10:27:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes
[2013.05.27 10:26:34 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2013.05.27 10:26:11 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2013.05.27 10:26:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.05.24 11:49:29 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2013.05.21 00:05:22 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2013.05.20 20:18:55 | 000,000,000 | ---D | C] -- C:\a9588c73b9d298d88221
[2013.05.20 20:13:21 | 000,000,000 | ---D | C] -- C:\ddc4aa3b43611813e093a258a9e5
[2013.05.19 19:11:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PANDORATV
[2013.05.19 19:10:58 | 000,000,000 | ---D | C] -- C:\Programme\PANDORA.TV
[2013.05.16 09:39:31 | 017,613,192 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013.05.15 10:29:20 | 000,000,000 | ---D | C] -- C:\2053cd56c0e6fb0326
[2013.05.15 10:28:11 | 000,000,000 | ---D | C] -- C:\5f9f8d7e59427de816acd574d47fa3a1
[2013.05.04 17:26:45 | 000,000,000 | ---D | C] -- C:\243bbe1c0e8888ad24b3aecc34
[2013.05.04 17:23:34 | 000,000,000 | ---D | C] -- C:\3f171dc7afd288c059389fd3c2480722
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.02 21:39:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.02 21:07:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Luxhaus\Desktop\OTL.exe
[2013.06.02 16:10:16 | 000,000,636 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013.06.02 16:08:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.06.02 16:08:02 | 2137,444,352 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.02 00:12:57 | 1485,382,656 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Desktop\backup 11.3.2013 .pst
[2013.06.01 22:46:54 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013.06.01 22:44:20 | 000,000,310 | ---- | M] () -- C:\WINDOWS\tasks\MT66 Software Update.job
[2013.06.01 17:29:58 | 000,000,608 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013.06.01 17:29:58 | 000,000,438 | ---- | M] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2013.06.01 17:29:09 | 000,001,806 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Spybot-S&D Start Center.lnk
[2013.05.31 22:44:33 | 000,000,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MP3 Recorder for YouTube.lnk
[2013.05.31 21:45:46 | 000,000,762 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.31 20:53:08 | 000,009,656 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Eigene Dateien\cc_20130531_205256.reg
[2013.05.31 20:00:17 | 000,000,660 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2013.05.28 06:08:25 | 000,050,688 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.27 10:36:41 | 000,001,590 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2013.05.27 10:27:30 | 000,001,528 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2013.05.23 19:47:16 | 002,859,492 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Eigene Dateien\Scan0007.pdf
[2013.05.23 12:24:41 | 000,771,562 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Eigene Dateien\Scan0006.pdf
[2013.05.23 12:10:53 | 001,254,362 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Eigene Dateien\Scan.pdf
[2013.05.20 23:06:05 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.05.20 21:42:15 | 000,056,238 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Eigene Dateien\cc_20130520_214207.reg
[2013.05.19 19:10:28 | 000,000,688 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Desktop\KMPlayer.lnk
[2013.05.18 09:30:48 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.05.18 08:54:32 | 000,000,148 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\default.pls
[2013.05.18 04:14:49 | 000,380,040 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.05.18 03:25:58 | 000,604,204 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.05.18 03:25:58 | 000,573,916 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.05.18 03:25:58 | 000,137,002 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.05.18 03:25:58 | 000,116,832 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.05.16 16:07:59 | 000,067,316 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Desktop\Isartaler_zurFreigabe (3) (3).pdf
[2013.05.16 09:39:39 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.05.16 09:39:39 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.05.16 09:39:32 | 017,613,192 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013.05.15 10:47:00 | 009,332,369 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Desktop\My Fiat v0.2.ipa
[2013.05.13 13:52:40 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.13 13:52:40 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.13 08:53:20 | 000,245,288 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Desktop\TARIF All net Basic.pdf
[2013.05.10 10:55:48 | 000,366,151 | ---- | M] () -- C:\Dokumente und Einstellungen\Luxhaus\Eigene Dateien\Scan0005.pdf
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.01 17:29:57 | 000,000,438 | ---- | C] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2013.06.01 17:29:55 | 000,000,636 | ---- | C] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013.06.01 17:29:55 | 000,000,608 | ---- | C] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013.06.01 17:29:09 | 000,001,812 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Spybot-S&D Start Center.lnk
[2013.06.01 17:29:09 | 000,001,806 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Spybot-S&D Start Center.lnk
[2013.05.31 22:44:57 | 000,000,310 | ---- | C] () -- C:\WINDOWS\tasks\MT66 Software Update.job
[2013.05.31 22:44:33 | 000,000,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MP3 Recorder for YouTube.lnk
[2013.05.31 21:45:46 | 000,000,762 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.05.31 20:52:59 | 000,009,656 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Eigene Dateien\cc_20130531_205256.reg
[2013.05.27 10:36:41 | 000,001,590 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2013.05.27 10:27:30 | 000,001,528 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2013.05.23 19:47:06 | 002,859,492 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Eigene Dateien\Scan0007.pdf
[2013.05.23 12:24:39 | 000,771,562 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Eigene Dateien\Scan0006.pdf
[2013.05.23 12:10:50 | 001,254,362 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Eigene Dateien\Scan.pdf
[2013.05.20 21:42:12 | 000,056,238 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Eigene Dateien\cc_20130520_214207.reg
[2013.05.19 19:10:28 | 000,000,688 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Desktop\KMPlayer.lnk
[2013.05.16 16:07:59 | 000,067,316 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Desktop\Isartaler_zurFreigabe (3) (3).pdf
[2013.05.15 10:47:00 | 009,332,369 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Desktop\My Fiat v0.2.ipa
[2013.05.13 08:53:20 | 000,245,288 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Desktop\TARIF All net Basic.pdf
[2013.05.10 10:55:47 | 000,366,151 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Eigene Dateien\Scan0005.pdf
[2013.04.30 17:46:20 | 000,386,010 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2013.04.11 15:12:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2013.03.19 00:45:03 | 000,000,847 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013.01.21 19:15:43 | 000,010,455 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\fAertif_elster_2048.pfx
[2012.12.05 11:00:35 | 000,090,888 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012.10.31 14:32:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2012.09.28 15:13:18 | 000,022,819 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Microsoft Excel 97-2003.ADR
[2012.09.19 09:30:57 | 000,038,471 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Kommagetrennte Werte (DOS).ADR
[2012.08.13 10:57:00 | 000,012,927 | ---- | C] () -- C:\Programme\readme.html
[2012.06.18 13:52:15 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\sqlite36_engine.dll
[2012.06.15 18:13:43 | 000,074,762 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\6.2. dg.pdf
[2012.06.08 23:30:04 | 000,118,116 | ---- | C] () -- C:\WINDOWS\GXTranscoder v2 Uninstaller.exe
[2012.05.08 14:15:36 | 000,000,005 | ---- | C] () -- C:\Programme\basis-link
[2012.02.15 11:08:31 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.07.04 13:02:33 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.06.18 14:00:08 | 000,050,688 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.25 16:31:37 | 000,038,479 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Kommagetrennte Werte (Windows).ADR
[2010.09.15 15:06:43 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\$_hpcst$.hpc
[2008.01.01 22:56:11 | 000,000,148 | ---- | C] () -- C:\Dokumente und Einstellungen\Luxhaus\default.pls
[2007.12.20 14:25:47 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
 
========== ZeroAccess Check ==========
 
[2007.07.24 19:10:13 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 122 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:9FF7C773

< End of report >

--- --- ---

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 02.06.2013 21:10:36 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Luxhaus\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,65 Gb Available Physical Memory | 32,59% Memory free
3,84 Gb Paging File | 2,54 Gb Available in Paging File | 66,12% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 3,86 Gb Free Space | 1,66% Space Free | Partition Type: NTFS
 
Computer Name: NOTEBOOK-LORENS | User Name: Luxhaus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Betrachten mit XnView] -- "C:\Programme\XnView\xnview.exe" "%1" (XnView, hxxp://www.xnview.com)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [TVersity] -- "C:\Programme\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1 -- [2012.12.08 16:09:08 | 000,000,000 | ---D | M]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1 -- [2012.12.08 16:09:08 | 000,000,000 | ---D | M]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1 -- [2012.12.08 16:09:08 | 000,000,000 | ---D | M]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1 -- [2012.12.08 16:09:08 | 000,000,000 | ---D | M]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1 -- [2012.12.08 16:09:08 | 000,000,000 | ---D | M]
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5031:UDP" = 5031:UDP:LocalSubNet:Enabled:AVM TAPI Services for FRITZ!Box - UDP 5031
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\FRITZ!DSL\IGDCTRL.EXE" = C:\Programme\FRITZ!DSL\IGDCTRL.EXE:*:Enabled:AVM FRITZ!DSL - igdctrl.exe -- (AVM Berlin)
"C:\Programme\FRITZ!DSL\FBOXUPD.EXE" = C:\Programme\FRITZ!DSL\FBOXUPD.EXE:*:Enabled:AVM FRITZ!DSL - fboxupd.exe -- (AVM Berlin)
"C:\Programme\FRITZ!DSL\WebwaIgd.exe" = C:\Programme\FRITZ!DSL\WebwaIgd.exe:*:Enabled:AVM FRITZ!DSL - webwaigd.exe -- (AVM Berlin)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"D:\Drivers\Windows Utilities\Installer32\InstallationManager.exe" = D:\Drivers\Windows Utilities\Installer32\InstallationManager.exe:*:Enabled:Lexmark Windows Common Installer
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Programme\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Programme\Gemeinsame Dateien\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process  -- (Nokia Corporation)
"C:\Programme\Microsoft ActiveSync\rapimgr.exe" = C:\Programme\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Programme\Java\jre1.6.0_03\bin\javaw.exe" = C:\Programme\Java\jre1.6.0_03\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\lxebcoms.exe" = C:\WINDOWS\system32\lxebcoms.exe:*:Enabled:Pro200-S500 Series Server -- ( )
"C:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe" = C:\Programme\FRITZ!Box Monitor\FRITZBoxMonitor.exe:*:Enabled:FRITZ!Box Monitor -- (AVM Berlin)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Disabled:Microsoft  Fax Console -- (Microsoft Corporation)
"C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Dropbox\bin\Dropbox.exe" = C:\Dokumente und Einstellungen\Luxhaus\Anwendungsdaten\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Programme\BitTorrent\BitTorrent.exe" = C:\Programme\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Programme\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\Logitech\Vid HD\Vid.exe" = C:\Programme\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)
"C:\Programme\FRITZ!\igd_finder.exe" = C:\Programme\FRITZ!\igd_finder.exe:LocalSubNet:Enabled:AVM FRITZ!fax for FRITZ!Box - igd_finder.exe -- ()
"C:\Programme\FRITZ!\FriFax32.exe" = C:\Programme\FRITZ!\FriFax32.exe:*:Enabled:FRITZ!fax -- (AVM Berlin)
"C:\Programme\TeamViewer\Version7\TeamViewer.exe" = C:\Programme\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Programme\TAPI Services for FRITZ!Box\fboxset.exe" = C:\Programme\TAPI Services for FRITZ!Box\fboxset.exe:LocalSubNet:Enabled:AVM TAPI Services for FRITZ!Box - fboxset.exe -- (AVM GmbH)
"C:\Programme\TAPI Services for FRITZ!Box\igd_finder.exe" = C:\Programme\TAPI Services for FRITZ!Box\igd_finder.exe:LocalSubNet:Enabled:AVM TAPI Services for FRITZ!Box - igd_finder.exe -- ()
"C:\Programme\HP\HP Officejet 7500 E910\Bin\DeviceSetup.exe" = C:\Programme\HP\HP Officejet 7500 E910\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP Geräteeinrichtung -- (Hewlett-Packard Co.)
"C:\Programme\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe" = C:\Programme\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Netzwerkkommunikator -- (Hewlett-Packard Co.)
"C:\Programme\TVersity\Media Server\MediaServer.exe" = C:\Programme\TVersity\Media Server\MediaServer.exe:*:Disabled:TVersity Media Server -- ()
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour" -- (Apple Inc.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\Spybot - Search & Destroy 2\SDTray.exe" = C:\Programme\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Programme\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Programme\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Programme\PANDORA.TV\PanService\PanProcess.exe" = C:\Programme\PANDORA.TV\PanService\PanProcess.exe:*:Enabled:PanProcess -- (PandoraTV)
"C:\Programme\PANDORA.TV\PanService\PandoraService.exe" = C:\Programme\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService -- (Pandora.TV)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD}" = ICQ Sparberater
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Symbolleiste
"{11CF3ABC-DFB0-47DE-B31F-71CB995A12D7}_is1" = Mein Büro
"{11E568E0-3244-4BCB-875E-F334269DFDCB}" = iTunes
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.5
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{235211CA-D0E3-4EC8-95D4-C024CE37537C}" = WISO Mein Geld 2012 Professional
"{2457326B-C110-40C3-89B0-889CC913871A}" = AVM FRITZ!DSL
"{24DC9885-E759-4BD2-8A20-D4AC509A7FDE}" = HP Officejet 7500 E910 Hilfe
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (ACT7)
"{2ED4869A-6D7B-4a8f-8261-B842DA4852FA}_is1" = MP3 Recorder for YouTube 1.0 Professional-E
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31a52f2e-32e8-4c8f-9d99-6fd0c37c99ef}" = Gigaset QuickSync
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3BA4DE05-7021-4681-8AA4-457226C474AD}" = MAGIX Speed burnR (MSI)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{43772878-1749-6652-9318-487463599443}" = Gehirnjogging Vol. 6
"{43A36C7B-CE48-4E4F-9A5A-6B20FF4B05CA}" = Lexmark X560n Scanner-Treiber
"{43B74FAB-FB58-447D-8D3A-5F638AF36FD1}" = Netzmanager
"{48D605CB-2C01-49AA-97B2-983CC068847D}" = Studie zur Verbesserung von HP Officejet 7500 E910 Produkten
"{4985E90C-A34B-4768-8848-8559EA757A88}" = MAGIX Screenshare
"{49D59D86-7A0D-4217-979A-3D43F1F45CC8}" = BUHL-Lizenzmanagement-Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Fotostory 3 für Windows
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66491E5A-7899-4863-A2E9-057E10BCB578}" = Samsung SecretZone
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72CD4C5F-AB0B-4814-8780-9A4F26A2086B}" = Presto! PageManager 7.12.20
"{75426376-58A7-46A1-A868-B72A1D175F42}" = Type2018 TWAIN Driver Ver.3
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}" = Marketsplash Schnellzugriffe
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{821D6F49-1B20-4809-8C73-286CFC52B1B1}" = Samsung Auto Backup
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OUTLOOKSTD_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OUTLOOKSTD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_OUTLOOKSTD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_OUTLOOKSTD_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OUTLOOKSTD_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OUTLOOKSTD_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00E0-0000-0000-0000000FF1CE}" = Microsoft Office Outlook 2007
"{90120000-00E0-0000-0000-0000000FF1CE}_OUTLOOKSTD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92881120-6DA5-44A3-8BAB-2429A01D022E}" = YouTube Downloader Toolbar v4.3
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{A066194B-DC8F-449A-8E0F-B57BDD3A2072}" = SyncToy 2.1 (x86)
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Mobile Partner Manager
"{AA9E5C89-FE5F-41DE-A9FF-E88D801EEBB2}" = HP Officejet 7500 E910 - Grundlegende Software für das Gerät
"{AC76BA86-7AD7-1031-7B44-A70900000002}" = Adobe Reader 7.0.9 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B2AF05E3-4B0C-44A6-B146-322219BF3562}_is1" = Wondershare Dr.Fone(Build 2.0.0.12)
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}" = Free DWG Viewer 6.0
"{B944FA21-81AF-4A77-8328-CE4F4CC51031}" = Nero 8
"{C0513D6D-9B66-4FE8-A55A-4B26A87A95F4}" = SolidWorks eDrawings 2013
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C457BA5F-35F9-480C-90F8-5C91DB443A15}_is1" = Shutdown Manager
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager V1.4.6
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark 
"{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU 
"{D8EEDC94-EE82-46A0-A7DB-812E3C6A0A6E}_is1" = PSD Viewer
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E2D7E05E-C8C7-45F4-8D89-D6696075E0B7}" = Sansa Updater
"{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1" = PDF-XChange 4 Pro
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1" = PantsOff 2.0
"{ECF6FCDB-7B6D-4ED0-9C18-996FAA64CAF6}" = Dienstprogramme für Lexmark X560n Ver.1.0.0.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2E4F3A5-A8F0-46F4-8E91-E8C1DE1FCFE5}_is1" = MT66 Software Update
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F43CF77A-A8FA-4AFD-ADC6-08F4A35F12A5}" = MAGIX Music Maker 17 Premium
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU 
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows-Treiberpaket - Nokia Modem  (10/05/2009 4.2)
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem  (02/15/2007 3.1)
"1&1 EasyLogin" = 1&1 EasyLogin
"1&1 Upload-Manager" = 1&1 Upload-Manager
"2B77EDB2643AA62CA7DD23F4E52CA138F61AF7B8" = Windows Driver Package - Intel net  (02/25/2007 11.1.0.86)
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"560CEE382FE04EEE8EE428712CD776BE_is1" = Microsys Launcher
"6D7E910F-716D-41E2-98A4-29691C352C1A_is1" = Lookeen Version 8.3.1.5156
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.4)
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Windows-Treiberpaket - Nokia Modem  (05/22/2008 7.00.0.1)
"A5F682C869AF68EB8EDD49BDADFC08B7DF1C11C3" = Windows Driver Package - Intel (NETw4x32) net  (02/25/2007 11.1.0.86)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Anti-Twin 2011-01-05 17.57.22" = Anti-Twin (Installation 05.01.2011)
"Avira AntiVir Desktop" = Avira Antivirus Premium
"AVMFBoxMonitor" = AVM FRITZ!Box Monitor
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Windows-Treiberpaket - Nokia Modem  (05/22/2008 3.8)
"CCleaner" = CCleaner
"CNXT_HDAUDIO" = Conexant HD Audio
"D1E8C9A9258DD7BF813A3525430A4EB3576736EA" = Windows Driver Package - Intel net  (02/25/2007 11.1.0.86)
"DirSync" = DirSync  2.93
"doPDF 6  printer_is1" = doPDF 6.2  printer
"ElsterFormular für Privatanwender und Unternehmer 12.2.0.6412k" = ElsterFormular
"FC9E80E6E67400E836A009325C6E1CF5D77EFB1D" = Windows Driver Package - Intel (w29n51) net  (02/08/2007 9.0.4.33)
"ffdshow_is1" = ffdshow [rev 3154] [2009-12-09]
"Firefox Preloader_is1" = Firefox Preloader
"FotoWorks XL_is1" = FotoWorks XL
"Free Download Manager Language Pack_is1" = Free Download Manager Language Pack
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.1
"Free PDF to Word Converter_is1" = Free PDF to Word Converter 5.1.0.383
"Free YouTube Download_is1" = Free YouTube Download version 3.2.0.128
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128
"FreeFileSync" = FreeFileSync 5.10
"FRITZ! 2.0" = AVM FRITZ!fax für FRITZ!Box
"GIMP-2_is1" = GIMP 2.8.4
"Google Chrome" = Google Chrome
"Guard.Mail.ru" = Guard.ICQ
"GXTranscoder v2" = GXTranscoder v2
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ImgBurn" = ImgBurn
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InterActual Player" = InterActual Player
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"LetsTrade" = LetsTrade Komponenten
"Lexmark Pro200-S500 Series" = Lexmark Pro200-S500 Series
"Logitech Vid" = Logitech Vid HD
"MAGIX_MSI_mm17dlx" = MAGIX Music Maker 17 Premium
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mein Büro 2008_is1" = Mein Büro 2008
"meinHausplaner" = meinHausplaner
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MOBackup-DatensicherungfürOutlook" = MOBackup - Datensicherung für Outlook (Testversion)
"MODupRemover-E-MailDuplikateentfernen" = MODupRemover - Outlook E-Mail Duplikate entfernen
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"ODIR_is1" = ODIR
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"OpenAL" = OpenAL
"OUTLOOKSTD" = Microsoft Office Outlook 2007
"PDFTK Builder_is1" = PDFTK Builder 3.5.3
"Picasa 3" = Picasa 3
"picture-relate@walthelm.net" = PictureRelate
"Public Duplicate Eraser_is1" = Public Duplicate Eraser
"QuickPar" = QuickPar 0.9
"Secunia PSI" = Secunia PSI (3.0.0.4001)
"Security Task Manager" = Security Task Manager 1.8g
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"TeamViewer 7" = TeamViewer 7
"TeraCopy_is1" = TeraCopy 2.27
"The KMPlayer" = The KMPlayer (remove only)
"TIPP10_is1" = TIPP10 Version 2.1.0
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"TVAnts 1.0" = TVAnts 1.0
"TVersity Codec Pack" = TVersity Codec Pack 1.7
"TVersity Media Server" = TVersity Media Server 1.9.7
"Wdf01000" = Microsoft Kernel-Mode Driver Framework 1.0
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WISO Mein Geld 2012 Professional" = WISO Mein Geld 2012 Professional
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"XMedia Recode" = XMedia Recode 2.2.6.8
"XnView_is1" = XnView 1.99.6
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Free Internet TV_is1" = Free Internet TV v8.0
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31.05.2013 15:42:15 | Computer Name = NOTEBOOK-LORENS | Source = VSS | ID = 12292
Description = Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse
 mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422] ist ein Fehler aufgetreten.
 
Error - 31.05.2013 15:59:21 | Computer Name = NOTEBOOK-LORENS | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iTunes.exe, Version 11.0.3.42, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 31.05.2013 18:23:17 | Computer Name = NOTEBOOK-LORENS | Source = VSS | ID = 12292
Description = Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse
 mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422] ist ein Fehler aufgetreten.
 
Error - 31.05.2013 20:25:35 | Computer Name = NOTEBOOK-LORENS | Source = VSS | ID = 12292
Description = Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse
 mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422] ist ein Fehler aufgetreten.
 
Error - 31.05.2013 20:31:43 | Computer Name = NOTEBOOK-LORENS | Source = VSS | ID = 12292
Description = Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse
 mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422] ist ein Fehler aufgetreten.
 
Error - 31.05.2013 21:07:22 | Computer Name = NOTEBOOK-LORENS | Source = CltMngSvc | ID = 1000
Description = 
 
Error - 01.06.2013 05:42:06 | Computer Name = NOTEBOOK-LORENS | Source = ESENT | ID = 490
Description = svchost (732) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
 
Error - 01.06.2013 05:42:08 | Computer Name = NOTEBOOK-LORENS | Source = ESENT | ID = 490
Description = svchost (732) Versuch, Datei "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
 für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der
 Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
 wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
 
Error - 01.06.2013 06:19:37 | Computer Name = NOTEBOOK-LORENS | Source = PandoraService.exe | ID = 0
Description = 
 
Error - 01.06.2013 06:24:13 | Computer Name = NOTEBOOK-LORENS | Source = PandoraService.exe | ID = 0
Description = 
 
[ OSession Events ]
Error - 25.02.2013 05:15:50 | Computer Name = NOTEBOOK-LORENS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 280
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 25.02.2013 05:17:44 | Computer Name = NOTEBOOK-LORENS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 108
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 25.02.2013 15:40:06 | Computer Name = NOTEBOOK-LORENS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 33553
 seconds with 14580 seconds of active time.  This session ended with a crash.
 
Error - 01.03.2013 04:05:42 | Computer Name = NOTEBOOK-LORENS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 56791
 seconds with 6000 seconds of active time.  This session ended with a crash.
 
Error - 02.03.2013 10:20:21 | Computer Name = NOTEBOOK-LORENS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 108151
 seconds with 5040 seconds of active time.  This session ended with a crash.
 
Error - 27.03.2013 14:56:45 | Computer Name = NOTEBOOK-LORENS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4580
 seconds with 2100 seconds of active time.  This session ended with a crash.
 
Error - 11.04.2013 02:11:00 | Computer Name = NOTEBOOK-LORENS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 171
 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 07.05.2013 06:32:44 | Computer Name = NOTEBOOK-LORENS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 240286
 seconds with 8760 seconds of active time.  This session ended with a crash.
 
Error - 14.05.2013 10:35:49 | Computer Name = NOTEBOOK-LORENS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 180313
 seconds with 12240 seconds of active time.  This session ended with a crash.
 
Error - 14.05.2013 12:10:47 | Computer Name = NOTEBOOK-LORENS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4853
 seconds with 1380 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 02.06.2013 09:53:52 | Computer Name = NOTEBOOK-LORENS | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Spybot-S&D
 2 Security Center Service.
 
Error - 02.06.2013 09:53:52 | Computer Name = NOTEBOOK-LORENS | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 02.06.2013 10:09:48 | Computer Name = NOTEBOOK-LORENS | Source = Service Control Manager | ID = 7000
Description = Der Dienst "LogMeIn Kernel Information Provider" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%3
 
Error - 02.06.2013 10:09:48 | Computer Name = NOTEBOOK-LORENS | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst lxebCATSCustConnectService.
 
Error - 02.06.2013 10:09:48 | Computer Name = NOTEBOOK-LORENS | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxebCATSCustConnectService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 02.06.2013 10:09:48 | Computer Name = NOTEBOOK-LORENS | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Spybot-S&D
 2 Security Center Service.
 
Error - 02.06.2013 10:09:48 | Computer Name = NOTEBOOK-LORENS | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 02.06.2013 10:10:30 | Computer Name = NOTEBOOK-LORENS | Source = DCOM | ID = 10010
Description = Der Server "{4EB61BAC-A3B6-4760-9581-655041EF4D69}" konnte innerhalb
 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error - 02.06.2013 10:30:01 | Computer Name = NOTEBOOK-LORENS | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "upnphost"
 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {204810B9-73B2-11D4-BF42-00B0D0118B56}
 
Error - 02.06.2013 11:54:40 | Computer Name = NOTEBOOK-LORENS | Source = Dhcp | ID = 1001
Description = Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server
 für die  Netzwerkkarte mit der Netzwerkadresse 0013E89D0937 zugeteilt werden. Der
 folgende Fehler  ist aufgetreten:   %%1223.  Es wird weiterhin im Hintergrund versucht,
 eine Adresse vom  Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
 
 
< End of report >

--- --- ---

cosinus · 02.06.2013, 23:08

Zitat:

Windows XP Professional Edition Service Pack 3

Warum hast du eine Professional-Edition von Windows, brauchst du das als Heimanwender?
Oder ist das rein zufällig ein Büro-/Firmen-PC bzw. ein Uni-Rechner?

cosmicus · 03.06.2013, 12:41

Ich hatte es damals beim laptopkauf dazubekommen-wahlweise Vista oder XP. ich habe mich für XP entschieden.

cosinus · 03.06.2013, 14:36

Das ist aber kein gewerblich genutztes System?

cosmicus · 03.06.2013, 17:22

ich hatte es mal für die arbeit genutzt, da ich selbsständig war-aktuell nicht mehr.
was schlägst du weiter vor?

cosinus · 04.06.2013, 09:58

Ok, weil es gewerbliche Daten noch enthalten könnte poste ich mal diesen Hinweis

Zitat:

3. Grundsätzlich bereinigen wir keine gewerblich genutzten Rechner. Dafür ist die IT Abteilung eurer Firma zuständig.

Bei Kleinunternehmen, welche keinen IT Support haben, machen wir da eine Ausnahme und helfen gerne ( kleine Spende hilft auch uns ).
Voraussetzung: Ihr teilt uns dies in eurer ersten Antwort mit.

Bedenkt jedoch, dass Logfiles viele heikle Informationen enthalten können ( Kundendaten, Bankdaten, etc ) sowie das Malware die Möglichkeit besitzt, diese auszuspähen und zu missbrauchen. Hier legen wir euch ein Formatieren und Neuaufsetzen nahe.

Siehe => http://www.trojaner-board.de/108422-...-anfragen.html

Gelesen und verstanden?

cosmicus · 05.06.2013, 21:21

o.k. geht in ordnung

Spende ist i. O.
bestimmter betrag oder was vom herzen kommt?

cosinus · 06.06.2013, 09:37

Es ging mir weniger um die Spende, sondern um den farblich hervorgehoben Teil in der Zitatbox.

cosmicus · 06.06.2013, 17:45

meinst du die Daten im bereits geposteten Logfiles oder der künftigen?
Wie wllst du jetzt vorgehen?
VG

cosinus · 07.06.2013, 09:19

Ist dieser farblich hervorgehobene Satz denn so schwer zu verstehen?

Es geht darum, dass in allen Logs brisante Daten stehen könnten, darauf wollte ich nur hinweisen, kann ja sein, dass du das auf keinen Fall willst bzw die Logs dann lieber nochmal genauer durchschauen möchtest. Und deswegen hab ich dich auch abeschließend gefragt "gelesen und verstanden"

Der Grund warum ich auf soetwas ständig hinweise, ist der, dass ich nervige Löschanfragen vermeiden will. Es ist schon mehfach vorgekommen, dass wir recht penetrante Aufforderungen bekommen haben, die Logs sofort zu löschen (obwohl sie schon Monate lang hier drin standen), sonst kommt ein Anwalt und blablablubb.

03.06.2013, 14:36	#9
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	PUP.VShareRedir" Absturz bei Scan mit Malewarebyte Das ist aber kein gewerblich genutztes System? __________________ Logfiles bitte immer in CODE-Tags posten

06.06.2013, 09:37	#13
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	PUP.VShareRedir" Absturz bei Scan mit Malewarebyte Es ging mir weniger um die Spende, sondern um den farblich hervorgehoben Teil in der Zitatbox. __________________ Logfiles bitte immer in CODE-Tags posten

PUP.VShareRedir" Absturz bei Scan mit Malewarebyte

Log-Analyse und Auswertung: PUP.VShareRedir" Absturz bei Scan mit Malewarebyte