| |
| |||||||
Log-Analyse und Auswertung: autorun- funktion/ selbstgebastelte virenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
10.04.2011, 20:13
| #1 |
 |  autorun- funktion/ selbstgebastelte viren hallo, wie findet man denn selbstgebastelte viren? immer, wenn ich meinen stick starte, wird eine autorun- funktion blockiert. das war früher nicht so. ich vermute einen selbstgebastelten virus, da ich über normale virenscanner nichts gefunden habe. vielen dank im voraus! gruß, babrina anbei mein logfile: OTL logfile created on: 19.11.2010 21:13:15 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\babsi01\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 138,95 Gb Total Space | 75,34 Gb Free Space | 54,22% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 3,75 Gb Free Space | 37,48% Space Free | Partition Type: NTFS Computer Name: BABSI01-PC | User Name: babsi01 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010.11.19 20:46:51 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\babsi01\Downloads\OTL.exe PRC - [2010.09.21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2010.09.21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2010.08.26 01:31:58 | 000,030,192 | ---- | M] (Google) -- C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe PRC - [2010.07.28 08:07:16 | 002,404,488 | ---- | M] (mobile concepts GmbH) -- C:\Programme\S.A.D\CyberGhost VPN\CGVPNCliService.exe PRC - [2010.07.27 10:13:40 | 000,025,984 | ---- | M] (Uniblue Systems Limited) -- C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe PRC - [2010.04.10 07:45:46 | 000,979,344 | ---- | M] (The Eraser Project) -- C:\Programme\Eraser\Eraser.exe PRC - [2010.04.05 13:50:00 | 000,494,920 | R--- | M] (WinZip Computing, S.L.) -- C:\Programme\WinZip\WZQKPICK.EXE PRC - [2010.03.09 03:28:26 | 011,989,960 | ---- | M] (Adobe Systems, Inc.) -- C:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe PRC - [2010.03.01 23:28:12 | 000,524,632 | ---- | M] (Lavasoft) -- C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2010.03.01 23:28:11 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe PRC - [2010.02.06 23:43:42 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre6\bin\javaw.exe PRC - [2010.01.26 10:22:42 | 002,740,224 | ---- | M] () -- C:\Windows\System32\PrivacyProvider.exe PRC - [2010.01.08 00:36:58 | 000,974,848 | ---- | M] (Spigot, Inc.) -- C:\Programme\pdfforge Toolbar\SearchSettings.exe PRC - [2010.01.07 23:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe PRC - [2009.08.21 09:15:32 | 000,900,816 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psi.exe PRC - [2009.08.19 09:32:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin PRC - [2009.08.19 09:32:20 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe PRC - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.03.20 07:36:58 | 000,210,216 | ---- | M] (Synaptics Incorporated) -- C:\Programme\Synaptics\SynTP\SynToshiba.exe PRC - [2009.03.05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009.03.02 13:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2008.05.28 17:47:16 | 000,578,264 | ---- | M] (Expert System S.p.A.) -- C:\Programme\Duden\Duden Korrektor\DKTray.exe PRC - [2008.05.28 17:47:08 | 000,447,192 | ---- | M] (Expert System S.p.A.) -- C:\Programme\Duden\Duden Korrektor\DKCore.exe PRC - [2008.02.22 16:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Programme\Dell\QuickSet\quickset.exe PRC - [2008.02.22 06:14:18 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe PRC - [2007.07.25 15:41:42 | 000,647,168 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe PRC - [2007.07.25 15:22:44 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe PRC - [2007.05.24 09:15:27 | 000,039,472 | ---- | M] (AOL, LLC.) -- C:\Programme\AOL 9.0 VRa\waol.exe PRC - [2006.10.23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Programme\Common Files\aol\acs\AOLacsd.exe PRC - [2006.09.26 01:52:48 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Programme\Common Files\aol\1236284668\ee\aolsoftware.exe PRC - [2006.09.11 03:40:32 | 000,218,032 | ---- | M] (Macrovision Corporation) -- C:\Programme\Common Files\InstallShield\UpdateService\ISUSPM.exe PRC - [2005.03.17 16:39:52 | 000,057,393 | ---- | M] (ScanSoft, Inc.) -- C:\Programme\ScanSoft\PaperPort\pptd40nt.exe ========== Modules (SafeList) ========== MOD - [2010.11.19 20:46:51 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\babsi01\Downloads\OTL.exe MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Fighters\configservice.exe -- (PTK SharedAccess-FIGHTERS-297811811) SRV - File not found [Auto | Stopped] -- C:\Program Files\Fighters\ScannerService.exe -- (PTK Scanner-FIGHTERS-297811811) SRV - File not found [Auto | Stopped] -- C:\Program Files\Fighters\updateservice.exe -- (PTK Live Update-FIGHTERS-297811811) SRV - File not found [Auto | Stopped] -- C:\Program Files\Fighters\licenseservice.exe -- (PTK License-FIGHTERS-297811811) SRV - [2010.11.13 09:59:28 | 003,019,352 | ---- | M] () [Auto | Running] -- c:\Programme\Common Files\Akamai\netsession_win_4176eef.dll -- (Akamai) SRV - [2010.09.23 00:21:24 | 001,493,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010.09.22 16:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.08.26 01:31:58 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108) SRV - [2010.07.28 08:07:16 | 002,404,488 | ---- | M] (mobile concepts GmbH) [Auto | Running] -- C:\Programme\S.A.D\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc) SRV - [2010.03.18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.01 23:28:11 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010.01.26 10:22:42 | 002,740,224 | ---- | M] () [On_Demand | Running] -- C:\Windows\System32\PrivacyProvider.exe -- (PrivacyProvider) SRV - [2010.01.07 23:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009.08.07 11:44:18 | 000,045,816 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2008.02.22 06:14:18 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.07.25 15:41:42 | 000,647,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2007.07.25 15:22:44 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2006.10.23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\Apfiltr.sys -- (ApfiltrService) DRV - [2010.10.28 17:59:38 | 000,231,248 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt) DRV - [2010.09.23 00:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2010.06.23 09:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2010.02.25 17:51:02 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901) DRV - [2009.12.08 23:48:23 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.06.17 13:20:34 | 000,012,648 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI) DRV - [2009.05.11 10:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.04.26 22:28:24 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2009.04.11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM) DRV - [2009.03.30 10:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2009.03.20 07:37:42 | 000,208,688 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008.11.18 10:01:46 | 000,015,496 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\vffilter.sys -- (Vfscan) DRV - [2008.10.09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV - [2008.03.18 14:59:36 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor) DRV - [2008.02.22 06:38:34 | 000,043,480 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sd.sys -- (O2SDRDR) DRV - [2008.02.22 06:38:28 | 000,048,472 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR) DRV - [2008.02.22 06:14:22 | 002,054,872 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008.02.11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008.01.21 03:23:25 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (VST_DPV) DRV - [2008.01.21 03:23:25 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf) DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008.01.21 03:23:25 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2) DRV - [2008.01.21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R) DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007.09.26 08:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R) DRV - [2006.11.29 23:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006.11.02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2006.09.03 00:53:54 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2006.09.03 00:53:38 | 000,053,248 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerIf.sys -- (BrSerIf) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=5080925 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/home IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.defaulturl: "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.4 FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655 FF - prefs.js..extensions.enabledItems: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}:2.3.0.4 FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=" FF - prefs.js..network.proxy.type: 4 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.28 17:51:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.28 17:51:00 | 000,000,000 | ---D | M] [2008.10.01 18:01:29 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\mozilla\Extensions [2010.11.19 16:10:51 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions [2010.09.18 23:24:42 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}(20) [2010.06.06 12:43:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.06.06 12:43:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.11.01 22:28:49 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010.10.24 18:13:43 | 000,000,000 | ---D | M] (WOT) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2010.09.18 23:24:42 | 000,000,000 | ---D | M] (WOT) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(21) [2009.09.23 01:21:30 | 000,000,000 | ---D | M] (WOT) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(82) [2009.12.17 23:06:28 | 000,000,000 | ---D | M] (myBabylon English Toolbar) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} [2009.09.11 23:46:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010.10.25 19:49:58 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\firebug@software.joehewitt.com [2009.12.16 18:37:09 | 000,001,201 | ---- | M] () -- C:\Users\babsi01\AppData\Roaming\Mozilla\FireFox\Profiles\i0lowoeb.default\searchplugins\winamp-search.xml [2010.07.01 03:11:25 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2009.01.28 22:22:05 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088} [2010.09.30 19:29:43 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2009.12.17 23:06:35 | 000,002,204 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml [2010.09.30 19:29:43 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.09.30 19:29:43 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.09.30 19:29:43 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.09.30 19:29:43 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: ::1 localhost O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll (Dell Inc.) O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC) O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Ad-Watch] C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Eraser] C:\Programme\Eraser\Eraser.exe (The Eraser Project) O4 - HKLM..\Run: [Everything] C:\Program Files\Everything\Everything.exe () O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [HostManager] C:\Programme\Common Files\aol\1236284668\ee\aolsoftware.exe (America Online, Inc.) O4 - HKLM..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [IPHider] C:\Programme\IP Hider\IP Hider.exe (AllAnonymity) O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [SearchSettings] C:\Programme\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [AdobeBridge] C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.) O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL 9.0 VRa\AOL.EXE (AOL, LLC.) O4 - HKCU..\Run: [Duden Korrektor SysTray] C:\Programme\Duden\Duden Korrektor\DKTray.exe (Expert System S.p.A.) O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\babsi01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O8 - Extra context menu item: &AOL Toolbar-Suche - c:\Programme\AOL\AOL Toolbar 4.0\resources\de-DE\local\search.html () O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC) O9 - Extra Button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\PrivacyProvider.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\PrivacyProvider.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\PrivacyProvider.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\PrivacyProvider.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\PrivacyProvider.dll () O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Domains: secunia.com ([psi] https in Trusted sites) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1DLL) - File not found O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbddll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3dll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\adialhkdll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehkdll C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{bb4bc654-ea05-11dd-8465-002170aaabe3}\Shell\AutoRun\command - "" = F:\Torpark.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.11.17 01:40:07 | 001,228,408 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\babsi01\WebPremium_CS5_LS4.exe [2010.11.15 03:42:23 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Roaming\scriptocean [2010.11.15 03:42:18 | 000,000,000 | ---D | C] -- C:\Programme\Scriptocean [2010.11.15 00:02:27 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Roaming\kompozer.net [2010.11.15 00:02:27 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Local\kompozer.net [2010.11.15 00:01:36 | 000,000,000 | ---D | C] -- C:\Programme\KompoZer [2010.11.14 23:52:29 | 000,000,000 | ---D | C] -- C:\Programme\Paint.NET [2010.11.14 23:50:57 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Local\Paint.NET [2010.11.14 23:22:38 | 000,000,000 | ---D | C] -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\SUB8-Dateien [2010.11.14 23:17:48 | 000,000,000 | ---D | C] -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\SUB7-Dateien [2010.11.14 23:06:53 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Roaming\Dropbox [2010.11.14 16:11:42 | 000,000,000 | ---D | C] -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Adobe Scripts [2010.11.14 16:10:12 | 000,000,000 | ---D | C] -- C:\Users\babsi01\My Documents [2010.11.14 16:04:01 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Local\Aptana Studio 2.0 [2010.11.05 23:31:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\{1CAD5672-4524-4B57-9E7F-6A36F9CA770A} [2010.11.05 23:31:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\{9B7A2D35-FBC5-45CA-96D7-5BD50D7075A4} [2010.11.05 23:31:41 | 000,000,000 | ---D | C] -- C:\Programme\WEB.DE [2010.11.05 23:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\IEConfiguration1und1 [2010.11.05 23:31:20 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Local\PackageAware [2010.11.02 21:28:47 | 000,000,000 | ---D | C] -- C:\Programme\XeroBank [2010.11.02 18:10:16 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Roaming\Windows Live Writer [2010.11.02 18:10:16 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Local\Windows Live Writer [2010.11.01 12:54:16 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Roaming\EurekaLog [2010.11.01 12:09:28 | 000,025,216 | ---- | C] (The OpenVPN Project) -- C:\Windows\System32\drivers\tap0901.sys [2010.11.01 12:09:25 | 000,000,000 | ---D | C] -- C:\Programme\S.A.D [2010.11.01 03:10:50 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Local\Microsoft_Corporation [2010.11.01 02:54:46 | 000,000,000 | ---D | C] -- C:\Windows\de [2010.11.01 02:52:05 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server Compact Edition [2010.11.01 02:50:33 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010.11.01 02:50:08 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live [2010.11.01 02:49:40 | 000,000,000 | ---D | C] -- C:\Programme\Bing Bar Installer [2010.11.01 02:47:54 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Local\Windows Live [2010.11.01 02:47:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2010.11.01 01:52:42 | 000,000,000 | ---D | C] -- C:\Programme\IP Hider [2010.10.28 19:05:06 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Roaming\TrueCrypt [2010.10.28 17:59:38 | 000,231,248 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\System32\drivers\truecrypt.sys [2010.10.28 17:59:11 | 000,000,000 | ---D | C] -- C:\Programme\TrueCrypt [2010.10.24 18:37:33 | 000,000,000 | ---D | C] -- C:\Users\babsi01\Desktop\javascript [2010.10.24 18:34:11 | 000,000,000 | ---D | C] -- C:\Users\babsi01\Desktop\JavaScript Guide [2010.10.24 18:29:21 | 000,000,000 | ---D | C] -- C:\Users\babsi01\javascptmanual [2010.10.24 18:24:40 | 000,000,000 | ---D | C] -- C:\unzipper [2010.10.24 18:21:41 | 000,000,000 | ---D | C] -- C:\Programme\WinAce [1 C:\Users\babsi01\*.tmp files -> C:\Users\babsi01\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.11.19 21:12:30 | 000,001,952 | ---- | M] () -- C:\Windows\System32\PrivacyProvider.ini [2010.11.19 21:12:30 | 000,000,016 | ---- | M] () -- C:\Windows\System32\PCProxyOff.ini [2010.11.19 21:12:05 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job [2010.11.19 21:12:04 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.11.19 21:04:26 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.11.19 21:04:26 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.11.19 21:04:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.11.19 21:03:14 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys [2010.11.19 20:26:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.11.19 08:52:28 | 000,001,356 | ---- | M] () -- C:\Users\babsi01\AppData\Local\d3d9caps.dat [2010.11.18 22:28:34 | 000,022,950 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\das schweigen ( in ) der luft.odt [2010.11.17 01:39:09 | 000,351,816 | ---- | M] () -- C:\Users\babsi01\Adobe_Creative_Suite_5_Web_Premium-AkamaiDLM.exe [2010.11.17 01:29:34 | 003,099,848 | ---- | M] () -- C:\Users\babsi01\TeamViewer_Setup.exe [2010.11.17 01:22:47 | 003,099,848 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\TeamViewer_Setup.exe [2010.11.17 01:18:31 | 000,351,816 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Adobe_Dreamweaver_CS5-AkamaiDLM.exe [2010.11.16 20:45:24 | 000,022,864 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\das schweigen in der luft.odt [2010.11.15 23:28:45 | 000,000,474 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2010.11.15 03:42:58 | 000,004,607 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\newproject.fns [2010.11.15 03:42:19 | 000,001,068 | ---- | M] () -- C:\Users\babsi01\Desktop\Flash News Scroller Wizard.lnk [2010.11.15 00:01:48 | 000,000,754 | ---- | M] () -- C:\Users\Public\Desktop\KompoZer.lnk [2010.11.14 23:54:04 | 000,000,992 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk [2010.11.14 23:22:38 | 000,061,033 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\SUB8.htm [2010.11.14 23:17:48 | 000,061,045 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\SUB7.htm [2010.11.14 22:56:01 | 000,006,403 | ---- | M] () -- C:\Users\babsi01\Desktop\sub3.html [2010.11.14 22:54:28 | 000,006,403 | ---- | M] () -- C:\Users\babsi01\Desktop\sub2.html [2010.11.14 22:54:26 | 000,006,403 | ---- | M] () -- C:\Users\babsi01\Desktop\sub.html [2010.11.14 16:23:05 | 000,000,250 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Untitled HTML 2.html [2010.11.14 16:23:04 | 000,000,250 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Untitled HTML 1.html [2010.11.14 16:04:59 | 000,000,948 | ---- | M] () -- C:\Users\babsi01\Desktop\Aptana Studio 2.0.lnk [2010.11.14 15:17:34 | 000,018,076 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\tel.- nr. aktuell.rtf [2010.11.12 08:58:01 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.11.12 08:58:01 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.11.12 08:58:01 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.11.12 08:58:01 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.11.11 01:33:04 | 000,010,822 | ---- | M] () -- C:\Users\babsi01\Desktop\img-0010.jpg [2010.11.11 01:33:03 | 000,027,675 | ---- | M] () -- C:\Users\babsi01\.recently-used.xbel [2010.11.11 01:30:34 | 000,009,863 | ---- | M] () -- C:\Users\babsi01\Desktop\img-008.jpg [2010.11.11 01:26:50 | 000,050,665 | ---- | M] () -- C:\Users\babsi01\Desktop\img0031.png [2010.11.11 01:25:58 | 000,042,447 | ---- | M] () -- C:\Users\babsi01\Desktop\img0030.png [2010.11.11 01:20:48 | 000,048,809 | ---- | M] () -- C:\Users\babsi01\Desktop\img0024.png [2010.11.11 01:19:16 | 000,132,183 | ---- | M] () -- C:\Users\babsi01\Desktop\img0023.png [2010.11.11 01:17:46 | 000,051,353 | ---- | M] () -- C:\Users\babsi01\Desktop\img0022.png [2010.11.11 01:13:04 | 000,030,496 | ---- | M] () -- C:\Users\babsi01\Desktop\img0019.png [2010.11.11 01:12:32 | 000,047,606 | ---- | M] () -- C:\Users\babsi01\Desktop\img0018.png [2010.11.11 01:11:18 | 000,038,320 | ---- | M] () -- C:\Users\babsi01\Desktop\img0016.png [2010.11.11 01:10:10 | 000,049,284 | ---- | M] () -- C:\Users\babsi01\Desktop\img0014.png [2010.11.11 01:05:04 | 000,009,750 | ---- | M] () -- C:\Users\babsi01\Desktop\img004.jpg [2010.11.10 20:32:35 | 000,000,176 | ---- | M] () -- C:\WirelessDiagLog.csv [2010.11.09 22:25:08 | 000,056,877 | ---- | M] () -- C:\Users\babsi01\Desktop\sub1.html [2010.11.09 20:21:21 | 000,040,765 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\bild1.odt [2010.11.09 17:31:48 | 000,002,474 | ---- | M] () -- C:\Users\babsi01\Desktop\javaticker2.html [2010.11.09 17:23:40 | 000,000,837 | ---- | M] () -- C:\Users\babsi01\Desktop\javaticker.htm [2010.11.07 15:27:08 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010.11.04 01:06:34 | 000,080,103 | ---- | M] () -- C:\Users\babsi01\Desktop\BWB_November_2010.pdf [2010.11.02 18:50:01 | 000,009,216 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\rechnungen-vorlagen.doc [2010.11.02 11:53:31 | 000,080,103 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\BWB_November_2010.pdf [2010.11.02 01:42:06 | 000,549,387 | ---- | M] () -- C:\Users\babsi01OTL logfile created on: 19.11.2010 21:13:15 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\babsi01\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 138,95 Gb Total Space | 75,34 Gb Free Space | 54,22% Space Free | Partition Type: NTFS Drive D: | 10,00 Gb Total Space | 3,75 Gb Free Space | 37,48% Space Free | Partition Type: NTFS Computer Name: BABSI01-PC | User Name: babsi01 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010.11.19 20:46:51 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\babsi01\Downloads\OTL.exe PRC - [2010.09.21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2010.09.21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2010.08.26 01:31:58 | 000,030,192 | ---- | M] (Google) -- C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe PRC - [2010.07.28 08:07:16 | 002,404,488 | ---- | M] (mobile concepts GmbH) -- C:\Programme\S.A.D\CyberGhost VPN\CGVPNCliService.exe PRC - [2010.07.27 10:13:40 | 000,025,984 | ---- | M] (Uniblue Systems Limited) -- C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe PRC - [2010.04.10 07:45:46 | 000,979,344 | ---- | M] (The Eraser Project) -- C:\Programme\Eraser\Eraser.exe PRC - [2010.04.05 13:50:00 | 000,494,920 | R--- | M] (WinZip Computing, S.L.) -- C:\Programme\WinZip\WZQKPICK.EXE PRC - [2010.03.09 03:28:26 | 011,989,960 | ---- | M] (Adobe Systems, Inc.) -- C:\Programme\Adobe\Adobe Bridge CS5\Bridge.exe PRC - [2010.03.01 23:28:12 | 000,524,632 | ---- | M] (Lavasoft) -- C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2010.03.01 23:28:11 | 001,029,456 | ---- | M] (Lavasoft) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe PRC - [2010.02.06 23:43:42 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre6\bin\javaw.exe PRC - [2010.01.26 10:22:42 | 002,740,224 | ---- | M] () -- C:\Windows\System32\PrivacyProvider.exe PRC - [2010.01.08 00:36:58 | 000,974,848 | ---- | M] (Spigot, Inc.) -- C:\Programme\pdfforge Toolbar\SearchSettings.exe PRC - [2010.01.07 23:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe PRC - [2009.08.21 09:15:32 | 000,900,816 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psi.exe PRC - [2009.08.19 09:32:24 | 007,418,368 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin PRC - [2009.08.19 09:32:20 | 007,424,000 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe PRC - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.03.20 07:36:58 | 000,210,216 | ---- | M] (Synaptics Incorporated) -- C:\Programme\Synaptics\SynTP\SynToshiba.exe PRC - [2009.03.05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009.03.02 13:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2008.05.28 17:47:16 | 000,578,264 | ---- | M] (Expert System S.p.A.) -- C:\Programme\Duden\Duden Korrektor\DKTray.exe PRC - [2008.05.28 17:47:08 | 000,447,192 | ---- | M] (Expert System S.p.A.) -- C:\Programme\Duden\Duden Korrektor\DKCore.exe PRC - [2008.02.22 16:01:38 | 001,193,240 | ---- | M] (Dell Inc.) -- C:\Programme\Dell\QuickSet\quickset.exe PRC - [2008.02.22 06:14:18 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe PRC - [2007.07.25 15:41:42 | 000,647,168 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe PRC - [2007.07.25 15:22:44 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe PRC - [2007.05.24 09:15:27 | 000,039,472 | ---- | M] (AOL, LLC.) -- C:\Programme\AOL 9.0 VRa\waol.exe PRC - [2006.10.23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Programme\Common Files\aol\acs\AOLacsd.exe PRC - [2006.09.26 01:52:48 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Programme\Common Files\aol\1236284668\ee\aolsoftware.exe PRC - [2006.09.11 03:40:32 | 000,218,032 | ---- | M] (Macrovision Corporation) -- C:\Programme\Common Files\InstallShield\UpdateService\ISUSPM.exe PRC - [2005.03.17 16:39:52 | 000,057,393 | ---- | M] (ScanSoft, Inc.) -- C:\Programme\ScanSoft\PaperPort\pptd40nt.exe ========== Modules (SafeList) ========== MOD - [2010.11.19 20:46:51 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\babsi01\Downloads\OTL.exe MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Fighters\configservice.exe -- (PTK SharedAccess-FIGHTERS-297811811) SRV - File not found [Auto | Stopped] -- C:\Program Files\Fighters\ScannerService.exe -- (PTK Scanner-FIGHTERS-297811811) SRV - File not found [Auto | Stopped] -- C:\Program Files\Fighters\updateservice.exe -- (PTK Live Update-FIGHTERS-297811811) SRV - File not found [Auto | Stopped] -- C:\Program Files\Fighters\licenseservice.exe -- (PTK License-FIGHTERS-297811811) SRV - [2010.11.13 09:59:28 | 003,019,352 | ---- | M] () [Auto | Running] -- c:\Programme\Common Files\Akamai\netsession_win_4176eef.dll -- (Akamai) SRV - [2010.09.23 00:21:24 | 001,493,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2010.09.22 16:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.08.26 01:31:58 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108) SRV - [2010.07.28 08:07:16 | 002,404,488 | ---- | M] (mobile concepts GmbH) [Auto | Running] -- C:\Programme\S.A.D\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc) SRV - [2010.03.18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.01 23:28:11 | 001,029,456 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010.02.19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2010.01.26 10:22:42 | 002,740,224 | ---- | M] () [On_Demand | Running] -- C:\Windows\System32\PrivacyProvider.exe -- (PrivacyProvider) SRV - [2010.01.07 23:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009.08.07 11:44:18 | 000,045,816 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R) SRV - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2008.02.22 06:14:18 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.07.25 15:41:42 | 000,647,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2007.07.25 15:22:44 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2006.10.23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\Apfiltr.sys -- (ApfiltrService) DRV - [2010.10.28 17:59:38 | 000,231,248 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\System32\drivers\truecrypt.sys -- (truecrypt) DRV - [2010.09.23 00:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr) DRV - [2010.06.23 09:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2010.02.25 17:51:02 | 000,025,216 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901) DRV - [2009.12.08 23:48:23 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.06.17 13:20:34 | 000,012,648 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI) DRV - [2009.05.11 10:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.04.26 22:28:24 | 000,064,160 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2009.04.11 05:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM) DRV - [2009.03.30 10:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2009.03.20 07:37:42 | 000,208,688 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP) DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2008.11.18 10:01:46 | 000,015,496 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\vffilter.sys -- (Vfscan) DRV - [2008.10.09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV - [2008.03.18 14:59:36 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor) DRV - [2008.02.22 06:38:34 | 000,043,480 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sd.sys -- (O2SDRDR) DRV - [2008.02.22 06:38:28 | 000,048,472 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR) DRV - [2008.02.22 06:14:22 | 002,054,872 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2008.02.11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx) DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008.01.21 03:23:25 | 000,987,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTDPV3.SYS -- (VST_DPV) DRV - [2008.01.21 03:23:25 | 000,654,336 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTCNXT3.SYS -- (winachsf) DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008.01.21 03:23:25 | 000,251,904 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2) DRV - [2008.01.21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R) DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2007.09.26 08:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R) DRV - [2006.11.29 23:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW) DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006.11.02 08:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2006.09.03 00:53:54 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2006.09.03 00:53:38 | 000,053,248 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerIf.sys -- (BrSerIf) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://partnerpage.google.com/smallbiz.dell.com/de_de?hl=de&client=dell-row&channel=de-smb&ibd=5080925 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/home IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.defaulturl: "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.5.4 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.4 FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655 FF - prefs.js..extensions.enabledItems: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}:2.3.0.4 FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=" FF - prefs.js..network.proxy.type: 4 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.15\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.28 17:51:00 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.15\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.28 17:51:00 | 000,000,000 | ---D | M] [2008.10.01 18:01:29 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\mozilla\Extensions [2010.11.19 16:10:51 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions [2010.09.18 23:24:42 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}(20) [2010.06.06 12:43:08 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.06.06 12:43:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.11.01 22:28:49 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010.10.24 18:13:43 | 000,000,000 | ---D | M] (WOT) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2010.09.18 23:24:42 | 000,000,000 | ---D | M] (WOT) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(21) [2009.09.23 01:21:30 | 000,000,000 | ---D | M] (WOT) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(82) [2009.12.17 23:06:28 | 000,000,000 | ---D | M] (myBabylon English Toolbar) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7} [2009.09.11 23:46:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010.10.25 19:49:58 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\mozilla\Firefox\Profiles\i0lowoeb.default\extensions\firebug@software.joehewitt.com [2009.12.16 18:37:09 | 000,001,201 | ---- | M] () -- C:\Users\babsi01\AppData\Roaming\Mozilla\FireFox\Profiles\i0lowoeb.default\searchplugins\winamp-search.xml [2010.07.01 03:11:25 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2009.01.28 22:22:05 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088} [2010.09.30 19:29:43 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2009.12.17 23:06:35 | 000,002,204 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml [2010.09.30 19:29:43 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.09.30 19:29:43 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.09.30 19:29:43 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.09.30 19:29:43 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: ::1 localhost O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.) O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Dell\BAE\BAE.dll (Dell Inc.) O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.) O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC) O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC) O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Ad-Watch] C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Eraser] C:\Programme\Eraser\Eraser.exe (The Eraser Project) O4 - HKLM..\Run: [Everything] C:\Program Files\Everything\Everything.exe () O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [HostManager] C:\Programme\Common Files\aol\1236284668\ee\aolsoftware.exe (America Online, Inc.) O4 - HKLM..\Run: [IndexSearch] C:\Programme\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [IPHider] C:\Programme\IP Hider\IP Hider.exe (AllAnonymity) O4 - HKLM..\Run: [PaperPort PTD] C:\Programme\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [SearchSettings] C:\Programme\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [AdobeBridge] C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.) O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL 9.0 VRa\AOL.EXE (AOL, LLC.) O4 - HKCU..\Run: [Duden Korrektor SysTray] C:\Programme\Duden\Duden Korrektor\DKTray.exe (Expert System S.p.A.) O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\babsi01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O8 - Extra context menu item: &AOL Toolbar-Suche - c:\Programme\AOL\AOL Toolbar 4.0\resources\de-DE\local\search.html () O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Programme\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC) O9 - Extra Button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\PrivacyProvider.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\PrivacyProvider.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\PrivacyProvider.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\PrivacyProvider.dll () O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\PrivacyProvider.dll () O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKCU\..Trusted Domains: secunia.com ([psi] https in Trusted sites) O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1DLL) - File not found O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbddll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3dll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\adialhkdll) - File not found O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehkdll C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{bb4bc654-ea05-11dd-8465-002170aaabe3}\Shell\AutoRun\command - "" = F:\Torpark.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.11.17 01:40:07 | 001,228,408 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\babsi01\WebPremium_CS5_LS4.exe [2010.11.15 03:42:23 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Roaming\scriptocean [2010.11.15 03:42:18 | 000,000,000 | ---D | C] -- C:\Programme\Scriptocean [2010.11.15 00:02:27 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Roaming\kompozer.net [2010.11.15 00:02:27 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Local\kompozer.net [2010.11.15 00:01:36 | 000,000,000 | ---D | C] -- C:\Programme\KompoZer [2010.11.14 23:52:29 | 000,000,000 | ---D | C] -- C:\Programme\Paint.NET [2010.11.14 23:50:57 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Local\Paint.NET [2010.11.14 23:22:38 | 000,000,000 | ---D | C] -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\SUB8-Dateien [2010.11.14 23:17:48 | 000,000,000 | ---D | C] -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\SUB7-Dateien [2010.11.14 23:06:53 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Roaming\Dropbox [2010.11.14 16:11:42 | 000,000,000 | ---D | C] -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Adobe Scripts [2010.11.14 16:10:12 | 000,000,000 | ---D | C] -- C:\Users\babsi01\My Documents [2010.11.14 16:04:01 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Local\Aptana Studio 2.0 [2010.11.05 23:31:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\{1CAD5672-4524-4B57-9E7F-6A36F9CA770A} [2010.11.05 23:31:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\{9B7A2D35-FBC5-45CA-96D7-5BD50D7075A4} [2010.11.05 23:31:41 | 000,000,000 | ---D | C] -- C:\Programme\WEB.DE [2010.11.05 23:31:33 | 000,000,000 | ---D | C] -- C:\ProgramData\IEConfiguration1und1 [2010.11.05 23:31:20 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Local\PackageAware [2010.11.02 21:28:47 | 000,000,000 | ---D | C] -- C:\Programme\XeroBank [2010.11.02 18:10:16 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Roaming\Windows Live Writer [2010.11.02 18:10:16 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Local\Windows Live Writer [2010.11.01 12:54:16 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Roaming\EurekaLog [2010.11.01 12:09:28 | 000,025,216 | ---- | C] (The OpenVPN Project) -- C:\Windows\System32\drivers\tap0901.sys [2010.11.01 12:09:25 | 000,000,000 | ---D | C] -- C:\Programme\S.A.D [2010.11.01 03:10:50 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Local\Microsoft_Corporation [2010.11.01 02:54:46 | 000,000,000 | ---D | C] -- C:\Windows\de [2010.11.01 02:52:05 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server Compact Edition [2010.11.01 02:50:33 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010.11.01 02:50:08 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live [2010.11.01 02:49:40 | 000,000,000 | ---D | C] -- C:\Programme\Bing Bar Installer [2010.11.01 02:47:54 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Local\Windows Live [2010.11.01 02:47:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell [2010.11.01 01:52:42 | 000,000,000 | ---D | C] -- C:\Programme\IP Hider [2010.10.28 19:05:06 | 000,000,000 | ---D | C] -- C:\Users\babsi01\AppData\Roaming\TrueCrypt [2010.10.28 17:59:38 | 000,231,248 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\System32\drivers\truecrypt.sys [2010.10.28 17:59:11 | 000,000,000 | ---D | C] -- C:\Programme\TrueCrypt [2010.10.24 18:37:33 | 000,000,000 | ---D | C] -- C:\Users\babsi01\Desktop\javascript [2010.10.24 18:34:11 | 000,000,000 | ---D | C] -- C:\Users\babsi01\Desktop\JavaScript Guide [2010.10.24 18:29:21 | 000,000,000 | ---D | C] -- C:\Users\babsi01\javascptmanual [2010.10.24 18:24:40 | 000,000,000 | ---D | C] -- C:\unzipper [2010.10.24 18:21:41 | 000,000,000 | ---D | C] -- C:\Programme\WinAce [1 C:\Users\babsi01\*.tmp files -> C:\Users\babsi01\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.11.19 21:12:30 | 000,001,952 | ---- | M] () -- C:\Windows\System32\PrivacyProvider.ini [2010.11.19 21:12:30 | 000,000,016 | ---- | M] () -- C:\Windows\System32\PCProxyOff.ini [2010.11.19 21:12:05 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job [2010.11.19 21:12:04 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.11.19 21:04:26 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.11.19 21:04:26 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.11.19 21:04:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.11.19 21:03:14 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys [2010.11.19 20:26:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.11.19 08:52:28 | 000,001,356 | ---- | M] () -- C:\Users\babsi01\AppData\Local\d3d9caps.dat [2010.11.18 22:28:34 | 000,022,950 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\das schweigen ( in ) der luft.odt [2010.11.17 01:39:09 | 000,351,816 | ---- | M] () -- C:\Users\babsi01\Adobe_Creative_Suite_5_Web_Premium-AkamaiDLM.exe [2010.11.17 01:29:34 | 003,099,848 | ---- | M] () -- C:\Users\babsi01\TeamViewer_Setup.exe [2010.11.17 01:22:47 | 003,099,848 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\TeamViewer_Setup.exe [2010.11.17 01:18:31 | 000,351,816 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Adobe_Dreamweaver_CS5-AkamaiDLM.exe [2010.11.16 20:45:24 | 000,022,864 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\das schweigen in der luft.odt [2010.11.15 23:28:45 | 000,000,474 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2010.11.15 03:42:58 | 000,004,607 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\newproject.fns [2010.11.15 03:42:19 | 000,001,068 | ---- | M] () -- C:\Users\babsi01\Desktop\Flash News Scroller Wizard.lnk [2010.11.15 00:01:48 | 000,000,754 | ---- | M] () -- C:\Users\Public\Desktop\KompoZer.lnk [2010.11.14 23:54:04 | 000,000,992 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk [2010.11.14 23:22:38 | 000,061,033 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\SUB8.htm [2010.11.14 23:17:48 | 000,061,045 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\SUB7.htm [2010.11.14 22:56:01 | 000,006,403 | ---- | M] () -- C:\Users\babsi01\Desktop\sub3.html [2010.11.14 22:54:28 | 000,006,403 | ---- | M] () -- C:\Users\babsi01\Desktop\sub2.html [2010.11.14 22:54:26 | 000,006,403 | ---- | M] () -- C:\Users\babsi01\Desktop\sub.html [2010.11.14 16:23:05 | 000,000,250 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Untitled HTML 2.html [2010.11.14 16:23:04 | 000,000,250 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Untitled HTML 1.html [2010.11.14 16:04:59 | 000,000,948 | ---- | M] () -- C:\Users\babsi01\Desktop\Aptana Studio 2.0.lnk [2010.11.14 15:17:34 | 000,018,076 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\tel.- nr. aktuell.rtf [2010.11.12 08:58:01 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.11.12 08:58:01 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.11.12 08:58:01 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.11.12 08:58:01 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.11.11 01:33:04 | 000,010,822 | ---- | M] () -- C:\Users\babsi01\Desktop\img-0010.jpg [2010.11.11 01:33:03 | 000,027,675 | ---- | M] () -- C:\Users\babsi01\.recently-used.xbel [2010.11.11 01:30:34 | 000,009,863 | ---- | M] () -- C:\Users\babsi01\Desktop\img-008.jpg [2010.11.11 01:26:50 | 000,050,665 | ---- | M] () -- C:\Users\babsi01\Desktop\img0031.png [2010.11.11 01:25:58 | 000,042,447 | ---- | M] () -- C:\Users\babsi01\Desktop\img0030.png [2010.11.11 01:20:48 | 000,048,809 | ---- | M] () -- C:\Users\babsi01\Desktop\img0024.png [2010.11.11 01:19:16 | 000,132,183 | ---- | M] () -- C:\Users\babsi01\Desktop\img0023.png [2010.11.11 01:17:46 | 000,051,353 | ---- | M] () -- C:\Users\babsi01\Desktop\img0022.png [2010.11.11 01:13:04 | 000,030,496 | ---- | M] () -- C:\Users\babsi01\Desktop\img0019.png [2010.11.11 01:12:32 | 000,047,606 | ---- | M] () -- C:\Users\babsi01\Desktop\img0018.png [2010.11.11 01:11:18 | 000,038,320 | ---- | M] () -- C:\Users\babsi01\Desktop\img0016.png [2010.11.11 01:10:10 | 000,049,284 | ---- | M] () -- C:\Users\babsi01\Desktop\img0014.png [2010.11.11 01:05:04 | 000,009,750 | ---- | M] () -- C:\Users\babsi01\Desktop\img004.jpg [2010.11.10 20:32:35 | 000,000,176 | ---- | M] () -- C:\WirelessDiagLog.csv [2010.11.09 22:25:08 | 000,056,877 | ---- | M] () -- C:\Users\babsi01\Desktop\sub1.html [2010.11.09 20:21:21 | 000,040,765 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\bild1.odt [2010.11.09 17:31:48 | 000,002,474 | ---- | M] () -- C:\Users\babsi01\Desktop\javaticker2.html [2010.11.09 17:23:40 | 000,000,837 | ---- | M] () -- C:\Users\babsi01\Desktop\javaticker.htm [2010.11.07 15:27:08 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010.11.04 01:06:34 | 000,080,103 | ---- | M] () -- C:\Users\babsi01\Desktop\BWB_November_2010.pdf [2010.11.02 18:50:01 | 000,009,216 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\rechnungen-vorlagen.doc [2010.11.02 11:53:31 | 000,080,103 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\BWB_November_2010.pdf [2010.11.02 01:42:06 | 000,549,387 | ---- | M] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Deprexis_Selbsttest_Auswertung.pdf [2010.11.01 12:09:31 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\CyberGhost VPN.lnk [2010.11.01 05:42:45 | 003,692,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.11.01 03:15:00 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf [2010.11.01 01:21:07 | 000,073,728 | ---- | M] () -- C:\Windows\System32\VistaInfo32.dll [2010.10.31 02:19:34 | 000,000,758 | ---- | M] () -- C:\Users\babsi01\Desktop\java7.htm [2010.10.30 13:57:28 | 000,150,243 | ---- | M] () -- C:\Users\babsi01\Desktop\Gesetzentwurf-der-Bundesregierung-zur-Regelung-des-Beschaeftigtendatenschutzes.pdf [2010.10.29 20:02:19 | 000,000,817 | ---- | M] () -- C:\Users\babsi01\Desktop\java6.html [2010.10.29 20:00:03 | 000,000,788 | ---- | M] () -- C:\Users\babsi01\Desktop\java4.html [2010.10.28 17:59:42 | 000,000,764 | ---- | M] () -- C:\Users\Public\Desktop\TrueCrypt.lnk [2010.10.28 17:59:38 | 000,231,248 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\System32\drivers\truecrypt.sys [2010.10.25 19:46:02 | 000,000,585 | ---- | M] () -- C:\Users\babsi01\Desktop\java1.html [2010.10.24 18:21:48 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\WinAce Archiver.lnk [2010.10.24 12:46:37 | 000,371,601 | ---- | M] () -- C:\Users\babsi01\Desktop\special_edition_using_jscript.rar [2010.10.24 12:46:22 | 000,490,388 | ---- | M] () -- C:\Users\babsi01\Desktop\JavaScript_Manual_of_Style.zip [2010.10.24 12:45:36 | 000,305,900 | ---- | M] () -- C:\Users\babsi01\Desktop\JavaScript Guide.rar [2010.10.24 12:45:11 | 000,465,542 | ---- | M] () -- C:\Users\babsi01\Desktop\Javascript Manual of Style.zip [2010.10.24 12:43:38 | 000,268,685 | ---- | M] () -- C:\Users\babsi01\Desktop\Learn JavaScript In A Week.rar [2010.10.24 12:42:03 | 000,106,690 | ---- | M] () -- C:\Users\babsi01\Desktop\JavaScript Manual Of Style.rar [1 C:\Users\babsi01\*.tmp files -> C:\Users\babsi01\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.11.18 22:09:22 | 000,022,950 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\das schweigen ( in ) der luft.odt [2010.11.18 21:55:00 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys [2010.11.17 02:06:51 | 000,000,758 | ---- | C] () -- C:\Users\babsi01\Desktop\DA da starten.lnk [2010.11.17 01:39:08 | 000,351,816 | ---- | C] () -- C:\Users\babsi01\Adobe_Creative_Suite_5_Web_Premium-AkamaiDLM.exe [2010.11.17 01:27:53 | 003,099,848 | ---- | C] () -- C:\Users\babsi01\TeamViewer_Setup.exe [2010.11.17 01:15:05 | 000,351,816 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Adobe_Dreamweaver_CS5-AkamaiDLM.exe [2010.11.15 03:42:35 | 000,004,607 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\newproject.fns [2010.11.15 03:42:19 | 000,001,068 | ---- | C] () -- C:\Users\babsi01\Desktop\Flash News Scroller Wizard.lnk [2010.11.15 00:01:48 | 000,000,754 | ---- | C] () -- C:\Users\Public\Desktop\KompoZer.lnk [2010.11.14 23:54:04 | 000,000,992 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk [2010.11.14 23:36:52 | 003,099,848 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\TeamViewer_Setup.exe [2010.11.14 23:22:38 | 000,061,033 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\SUB8.htm [2010.11.14 23:17:48 | 000,061,045 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\SUB7.htm [2010.11.14 22:56:01 | 000,006,403 | ---- | C] () -- C:\Users\babsi01\Desktop\sub3.html [2010.11.14 22:54:40 | 000,006,403 | ---- | C] () -- C:\Users\babsi01\Desktop\sub2.html [2010.11.14 22:54:26 | 000,006,403 | ---- | C] () -- C:\Users\babsi01\Desktop\sub.html [2010.11.14 19:55:33 | 000,010,822 | ---- | C] () -- C:\Users\babsi01\Desktop\img-0010.jpg [2010.11.14 18:45:57 | 000,030,496 | ---- | C] () -- C:\Users\babsi01\Desktop\img0019.png [2010.11.14 18:45:43 | 000,051,353 | ---- | C] () -- C:\Users\babsi01\Desktop\img0022.png [2010.11.14 18:45:31 | 000,132,183 | ---- | C] () -- C:\Users\babsi01\Desktop\img0023.png [2010.11.14 18:45:19 | 000,048,809 | ---- | C] () -- C:\Users\babsi01\Desktop\img0024.png [2010.11.14 18:45:03 | 000,042,447 | ---- | C] () -- C:\Users\babsi01\Desktop\img0030.png [2010.11.14 18:44:53 | 000,050,665 | ---- | C] () -- C:\Users\babsi01\Desktop\img0031.png [2010.11.14 18:44:34 | 000,009,863 | ---- | C] () -- C:\Users\babsi01\Desktop\img-008.jpg [2010.11.14 18:44:14 | 000,047,606 | ---- | C] () -- C:\Users\babsi01\Desktop\img0018.png [2010.11.14 18:43:59 | 000,038,320 | ---- | C] () -- C:\Users\babsi01\Desktop\img0016.png [2010.11.14 18:43:30 | 000,049,284 | ---- | C] () -- C:\Users\babsi01\Desktop\img0014.png [2010.11.14 18:43:28 | 000,009,750 | ---- | C] () -- C:\Users\babsi01\Desktop\img004.jpg [2010.11.14 16:23:05 | 000,000,250 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Untitled HTML 2.html [2010.11.14 16:23:04 | 000,000,250 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Untitled HTML 1.html [2010.11.14 16:04:55 | 000,000,948 | ---- | C] () -- C:\Users\babsi01\Desktop\Aptana Studio 2.0.lnk [2010.11.11 01:33:03 | 000,027,675 | ---- | C] () -- C:\Users\babsi01\.recently-used.xbel [2010.11.10 20:28:42 | 000,000,176 | ---- | C] () -- C:\WirelessDiagLog.csv [2010.11.09 20:21:19 | 000,040,765 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\bild1.odt [2010.11.09 17:36:39 | 000,056,877 | ---- | C] () -- C:\Users\babsi01\Desktop\sub1.html [2010.11.09 17:28:14 | 000,002,474 | ---- | C] () -- C:\Users\babsi01\Desktop\javaticker2.html [2010.11.09 17:21:35 | 000,000,837 | ---- | C] () -- C:\Users\babsi01\Desktop\javaticker.htm [2010.11.04 01:06:34 | 000,080,103 | ---- | C] () -- C:\Users\babsi01\Desktop\BWB_November_2010.pdf [2010.11.02 18:49:59 | 000,009,216 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\rechnungen-vorlagen.doc [2010.11.02 11:53:30 | 000,080,103 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\BWB_November_2010.pdf [2010.11.02 01:41:59 | 000,549,387 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Deprexis_Selbsttest_Auswertung.pdf [2010.11.01 12:09:31 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\CyberGhost VPN.lnk [2010.11.01 03:15:00 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf [2010.11.01 02:44:43 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs [2010.11.01 02:44:43 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml [2010.11.01 02:44:43 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl [2010.11.01 01:52:44 | 000,001,952 | ---- | C] () -- C:\Windows\System32\PrivacyProvider.ini [2010.11.01 01:52:43 | 002,740,224 | ---- | C] () -- C:\Windows\System32\PrivacyProvider.exe [2010.11.01 01:52:43 | 000,471,040 | ---- | C] () -- C:\Windows\System32\RegisterLSP.exe [2010.11.01 01:52:43 | 000,258,048 | ---- | C] () -- C:\Windows\System32\PrivacyProvider.dll [2010.11.01 01:21:24 | 000,000,016 | ---- | C] () -- C:\Windows\System32\PCProxyOff.ini [2010.11.01 01:21:07 | 000,073,728 | ---- | C] () -- C:\Windows\System32\VistaInfo32.dll [2010.10.30 13:57:28 | 000,150,243 | ---- | C] () -- C:\Users\babsi01\Desktop\Gesetzentwurf-der-Bundesregierung-zur-Regelung-des-Beschaeftigtendatenschutzes.pdf [2010.10.29 20:02:32 | 000,000,758 | ---- | C] () -- C:\Users\babsi01\Desktop\java7.htm [2010.10.29 20:00:49 | 000,000,817 | ---- | C] () -- C:\Users\babsi01\Desktop\java6.html [2010.10.28 20:22:01 | 000,000,788 | ---- | C] () -- C:\Users\babsi01\Desktop\java4.html [2010.10.28 17:59:42 | 000,000,764 | ---- | C] () -- C:\Users\Public\Desktop\TrueCrypt.lnk [2010.10.25 19:22:06 | 000,000,585 | ---- | C] () -- C:\Users\babsi01\Desktop\java1.html [2010.10.24 18:21:48 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\WinAce Archiver.lnk [2010.10.24 12:39:08 | 000,490,388 | ---- | C] () -- C:\Users\babsi01\Desktop\JavaScript_Manual_of_Style.zip [2010.10.24 12:39:08 | 000,465,542 | ---- | C] () -- C:\Users\babsi01\Desktop\Javascript Manual of Style.zip [2010.10.24 12:39:08 | 000,371,601 | ---- | C] () -- C:\Users\babsi01\Desktop\special_edition_using_jscript.rar [2010.10.24 12:39:08 | 000,305,900 | ---- | C] () -- C:\Users\babsi01\Desktop\JavaScript Guide.rar [2010.10.24 12:39:08 | 000,268,685 | ---- | C] () -- C:\Users\babsi01\Desktop\Learn JavaScript In A Week.rar [2010.10.24 12:39:08 | 000,106,690 | ---- | C] () -- C:\Users\babsi01\Desktop\JavaScript Manual Of Style.rar [2010.07.01 03:10:31 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2010.06.12 23:42:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.03.09 00:18:41 | 000,000,021 | -H-- | C] () -- C:\ProgramData\.245548635012626446356421263181 [2010.02.28 03:30:59 | 000,327,168 | ---- | C] () -- C:\Windows\System32\cutil32.dll [2010.01.24 15:24:00 | 000,000,023 | ---- | C] () -- C:\Windows\odbmai.ini [2009.12.03 09:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009.08.30 23:18:23 | 000,441,801 | ---- | C] () -- C:\Users\babsi01\AppData\Local\hcvfsmo_nav.dat [2009.08.30 23:17:51 | 000,003,268 | ---- | C] () -- C:\Users\babsi01\AppData\Local\hcvfsmo.dat [2009.08.30 23:17:51 | 000,001,456 | ---- | C] () -- C:\Users\babsi01\AppData\Local\hcvfsmo_navps.dat [2009.08.30 23:17:51 | 000,000,092 | ---- | C] () -- C:\Users\babsi01\AppData\Local\hcvfsmo.bat [2009.08.30 18:10:53 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.08.30 05:31:43 | 000,002,282 | ---- | C] () -- C:\Users\babsi01\AppData\Roaming\install.txt [2009.03.28 02:08:07 | 000,000,552 | ---- | C] () -- C:\Users\babsi01\AppData\Local\d3d8caps.dat [2009.02.21 17:14:17 | 000,001,356 | ---- | C] () -- C:\Users\babsi01\AppData\Local\d3d9caps.dat [2009.02.01 23:00:45 | 000,000,023 | -HS- | C] () -- C:\Windows\System32\bfbfbfdc7_g.dll [2009.01.04 22:42:10 | 000,005,959 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2008.12.12 01:08:41 | 000,024,206 | ---- | C] () -- C:\Users\babsi01\AppData\Roaming\UserTile.png [2008.11.18 10:01:46 | 000,015,496 | ---- | C] () -- C:\Windows\System32\drivers\vffilter.sys [2008.11.12 18:03:08 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2008.11.10 16:21:16 | 000,027,114 | ---- | C] () -- C:\Windows\maxlink.ini [2008.11.03 23:27:55 | 000,000,145 | ---- | C] () -- C:\Windows\BRVIDEO.INI [2008.11.03 23:27:55 | 000,000,023 | ---- | C] () -- C:\Windows\Brownie.ini [2008.11.03 23:27:55 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini [2008.11.03 23:27:54 | 000,008,975 | ---- | C] () -- C:\Windows\HL-2030.INI [2008.11.03 23:27:54 | 000,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini [2008.11.03 23:27:06 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2008.10.12 20:15:21 | 000,000,099 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2008.10.12 19:52:08 | 000,000,027 | ---- | C] () -- C:\Windows\CDE DX3800G.ini [2008.10.05 19:52:37 | 000,012,238 | ---- | C] () -- C:\Users\babsi01\AppData\Roaming\wklnhst.dat [2008.10.01 17:28:30 | 000,031,232 | ---- | C] () -- C:\Users\babsi01\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.09.25 01:25:29 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll [2008.09.25 01:25:29 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll [2008.09.25 01:25:29 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll [2008.09.25 01:25:29 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll [2008.02.11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll [2007.07.25 15:40:02 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2005.02.25 05:15:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL [2002.03.04 10:16:34 | 000,110,592 | R--- | C] () -- C:\Windows\System32\Jpeg32.dll ========== LOP Check ========== [2010.10.09 12:31:23 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010.11.16 00:50:09 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\Dropbox [2008.10.12 20:45:17 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\EPSON [2010.11.01 12:55:17 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\EurekaLog [2010.03.09 00:21:46 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\Final Draft [2009.09.12 18:17:33 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\Gizmo5 [2010.11.11 01:48:52 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\gtk-2.0 [2010.11.15 00:02:27 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\kompozer.net [2009.09.12 01:51:58 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\MiniDm [2009.10.14 02:59:18 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\OpenOffice.org [2008.12.12 01:08:40 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\PeerNetworking [2010.11.15 03:42:23 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\scriptocean [2010.11.18 22:28:38 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\StarOffice8 [2009.07.30 20:30:00 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\TeamViewer [2008.10.05 19:55:11 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\Template [2009.08.30 03:55:35 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\TrojanHunter [2010.10.28 19:14:45 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\TrueCrypt [2010.08.04 22:07:14 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\Uniblue [2010.11.02 18:10:16 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\Windows Live Writer [2010.11.15 23:28:45 | 000,000,474 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job [2010.07.04 19:35:05 | 000,000,508 | ---- | M] () -- C:\Windows\Tasks\Install.job [2010.11.19 21:12:05 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job [2010.11.06 12:52:53 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP  1B5B4F1@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP FC5A2B2< End of report > [2010.11.01 12:09:31 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\CyberGhost VPN.lnk [2010.11.01 05:42:45 | 003,692,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.11.01 03:15:00 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf [2010.11.01 01:21:07 | 000,073,728 | ---- | M] () -- C:\Windows\System32\VistaInfo32.dll [2010.10.31 02:19:34 | 000,000,758 | ---- | M] () -- C:\Users\babsi01\Desktop\java7.htm [2010.10.30 13:57:28 | 000,150,243 | ---- | M] () -- C:\Users\babsi01\Desktop\Gesetzentwurf-der-Bundesregierung-zur-Regelung-des-Beschaeftigtendatenschutzes.pdf [2010.10.29 20:02:19 | 000,000,817 | ---- | M] () -- C:\Users\babsi01\Desktop\java6.html [2010.10.29 20:00:03 | 000,000,788 | ---- | M] () -- C:\Users\babsi01\Desktop\java4.html [2010.10.28 17:59:42 | 000,000,764 | ---- | M] () -- C:\Users\Public\Desktop\TrueCrypt.lnk [2010.10.28 17:59:38 | 000,231,248 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\System32\drivers\truecrypt.sys [2010.10.25 19:46:02 | 000,000,585 | ---- | M] () -- C:\Users\babsi01\Desktop\java1.html [2010.10.24 18:21:48 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\WinAce Archiver.lnk [2010.10.24 12:46:37 | 000,371,601 | ---- | M] () -- C:\Users\babsi01\Desktop\special_edition_using_jscript.rar [2010.10.24 12:46:22 | 000,490,388 | ---- | M] () -- C:\Users\babsi01\Desktop\JavaScript_Manual_of_Style.zip [2010.10.24 12:45:36 | 000,305,900 | ---- | M] () -- C:\Users\babsi01\Desktop\JavaScript Guide.rar [2010.10.24 12:45:11 | 000,465,542 | ---- | M] () -- C:\Users\babsi01\Desktop\Javascript Manual of Style.zip [2010.10.24 12:43:38 | 000,268,685 | ---- | M] () -- C:\Users\babsi01\Desktop\Learn JavaScript In A Week.rar [2010.10.24 12:42:03 | 000,106,690 | ---- | M] () -- C:\Users\babsi01\Desktop\JavaScript Manual Of Style.rar [1 C:\Users\babsi01\*.tmp files -> C:\Users\babsi01\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.11.18 22:09:22 | 000,022,950 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\das schweigen ( in ) der luft.odt [2010.11.18 21:55:00 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys [2010.11.17 02:06:51 | 000,000,758 | ---- | C] () -- C:\Users\babsi01\Desktop\DA da starten.lnk [2010.11.17 01:39:08 | 000,351,816 | ---- | C] () -- C:\Users\babsi01\Adobe_Creative_Suite_5_Web_Premium-AkamaiDLM.exe [2010.11.17 01:27:53 | 003,099,848 | ---- | C] () -- C:\Users\babsi01\TeamViewer_Setup.exe [2010.11.17 01:15:05 | 000,351,816 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Adobe_Dreamweaver_CS5-AkamaiDLM.exe [2010.11.15 03:42:35 | 000,004,607 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\newproject.fns [2010.11.15 03:42:19 | 000,001,068 | ---- | C] () -- C:\Users\babsi01\Desktop\Flash News Scroller Wizard.lnk [2010.11.15 00:01:48 | 000,000,754 | ---- | C] () -- C:\Users\Public\Desktop\KompoZer.lnk [2010.11.14 23:54:04 | 000,000,992 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk [2010.11.14 23:36:52 | 003,099,848 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\TeamViewer_Setup.exe [2010.11.14 23:22:38 | 000,061,033 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\SUB8.htm [2010.11.14 23:17:48 | 000,061,045 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\SUB7.htm [2010.11.14 22:56:01 | 000,006,403 | ---- | C] () -- C:\Users\babsi01\Desktop\sub3.html [2010.11.14 22:54:40 | 000,006,403 | ---- | C] () -- C:\Users\babsi01\Desktop\sub2.html [2010.11.14 22:54:26 | 000,006,403 | ---- | C] () -- C:\Users\babsi01\Desktop\sub.html [2010.11.14 19:55:33 | 000,010,822 | ---- | C] () -- C:\Users\babsi01\Desktop\img-0010.jpg [2010.11.14 18:45:57 | 000,030,496 | ---- | C] () -- C:\Users\babsi01\Desktop\img0019.png [2010.11.14 18:45:43 | 000,051,353 | ---- | C] () -- C:\Users\babsi01\Desktop\img0022.png [2010.11.14 18:45:31 | 000,132,183 | ---- | C] () -- C:\Users\babsi01\Desktop\img0023.png [2010.11.14 18:45:19 | 000,048,809 | ---- | C] () -- C:\Users\babsi01\Desktop\img0024.png [2010.11.14 18:45:03 | 000,042,447 | ---- | C] () -- C:\Users\babsi01\Desktop\img0030.png [2010.11.14 18:44:53 | 000,050,665 | ---- | C] () -- C:\Users\babsi01\Desktop\img0031.png [2010.11.14 18:44:34 | 000,009,863 | ---- | C] () -- C:\Users\babsi01\Desktop\img-008.jpg [2010.11.14 18:44:14 | 000,047,606 | ---- | C] () -- C:\Users\babsi01\Desktop\img0018.png [2010.11.14 18:43:59 | 000,038,320 | ---- | C] () -- C:\Users\babsi01\Desktop\img0016.png [2010.11.14 18:43:30 | 000,049,284 | ---- | C] () -- C:\Users\babsi01\Desktop\img0014.png [2010.11.14 18:43:28 | 000,009,750 | ---- | C] () -- C:\Users\babsi01\Desktop\img004.jpg [2010.11.14 16:23:05 | 000,000,250 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Untitled HTML 2.html [2010.11.14 16:23:04 | 000,000,250 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\Untitled HTML 1.html [2010.11.14 16:04:55 | 000,000,948 | ---- | C] () -- C:\Users\babsi01\Desktop\Aptana Studio 2.0.lnk [2010.11.11 01:33:03 | 000,027,675 | ---- | C] () -- C:\Users\babsi01\.recently-used.xbel [2010.11.10 20:28:42 | 000,000,176 | ---- | C] () -- C:\WirelessDiagLog.csv [2010.11.09 20:21:19 | 000,040,765 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\bild1.odt [2010.11.09 17:36:39 | 000,056,877 | ---- | C] () -- C:\Users\babsi01\Desktop\sub1.html [2010.11.09 17:28:14 | 000,002,474 | ---- | C] () -- C:\Users\babsi01\Desktop\javaticker2.html [2010.11.09 17:21:35 | 000,000,837 | ---- | C] () -- C:\Users\babsi01\Desktop\javaticker.htm [2010.11.04 01:06:34 | 000,080,103 | ---- | C] () -- C:\Users\babsi01\Desktop\BWB_November_2010.pdf [2010.11.02 18:49:59 | 000,009,216 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\rechnungen-vorlagen.doc [2010.11.02 11:53:30 | 000,080,103 | ---- | C] () -- C:\Users\babsi01\Desktop\Eigene Dateien\Documents\BWB_November_2010.pdf [2010.11.02 01:41:59 | 000,549,387 | ---- | C] () -- C:\Users\babsi01 [2010.11.01 12:09:31 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\CyberGhost VPN.lnk [2010.11.01 03:15:00 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01007.Wdf [2010.11.01 02:44:43 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs [2010.11.01 02:44:43 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml [2010.11.01 02:44:43 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl [2010.11.01 01:52:44 | 000,001,952 | ---- | C] () -- C:\Windows\System32\PrivacyProvider.ini [2010.11.01 01:52:43 | 002,740,224 | ---- | C] () -- C:\Windows\System32\PrivacyProvider.exe [2010.11.01 01:52:43 | 000,471,040 | ---- | C] () -- C:\Windows\System32\RegisterLSP.exe [2010.11.01 01:52:43 | 000,258,048 | ---- | C] () -- C:\Windows\System32\PrivacyProvider.dll [2010.11.01 01:21:24 | 000,000,016 | ---- | C] () -- C:\Windows\System32\PCProxyOff.ini [2010.11.01 01:21:07 | 000,073,728 | ---- | C] () -- C:\Windows\System32\VistaInfo32.dll [2010.10.30 13:57:28 | 000,150,243 | ---- | C] () -- C:\Users\babsi01\Desktop\Gesetzentwurf-der-Bundesregierung-zur-Regelung-des-Beschaeftigtendatenschutzes.pdf [2010.10.29 20:02:32 | 000,000,758 | ---- | C] () -- C:\Users\babsi01\Desktop\java7.htm [2010.10.29 20:00:49 | 000,000,817 | ---- | C] () -- C:\Users\babsi01\Desktop\java6.html [2010.10.28 20:22:01 | 000,000,788 | ---- | C] () -- C:\Users\babsi01\Desktop\java4.html [2010.10.28 17:59:42 | 000,000,764 | ---- | C] () -- C:\Users\Public\Desktop\TrueCrypt.lnk [2010.10.25 19:22:06 | 000,000,585 | ---- | C] () -- C:\Users\babsi01\Desktop\java1.html [2010.10.24 18:21:48 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\WinAce Archiver.lnk [2010.10.24 12:39:08 | 000,490,388 | ---- | C] () -- C:\Users\babsi01\Desktop\JavaScript_Manual_of_Style.zip [2010.10.24 12:39:08 | 000,465,542 | ---- | C] () -- C:\Users\babsi01\Desktop\Javascript Manual of Style.zip [2010.10.24 12:39:08 | 000,371,601 | ---- | C] () -- C:\Users\babsi01\Desktop\special_edition_using_jscript.rar [2010.10.24 12:39:08 | 000,305,900 | ---- | C] () -- C:\Users\babsi01\Desktop\JavaScript Guide.rar [2010.10.24 12:39:08 | 000,268,685 | ---- | C] () -- C:\Users\babsi01\Desktop\Learn JavaScript In A Week.rar [2010.10.24 12:39:08 | 000,106,690 | ---- | C] () -- C:\Users\babsi01\Desktop\JavaScript Manual Of Style.rar [2010.07.01 03:10:31 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2010.06.12 23:42:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.03.09 00:18:41 | 000,000,021 | -H-- | C] () -- C:\ProgramData\.245548635012626446356421263181 [2010.02.28 03:30:59 | 000,327,168 | ---- | C] () -- C:\Windows\System32\cutil32.dll [2010.01.24 15:24:00 | 000,000,023 | ---- | C] () -- C:\Windows\odbmai.ini [2009.12.03 09:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2009.08.30 23:18:23 | 000,441,801 | ---- | C] () -- C:\Users\babsi01\AppData\Local\hcvfsmo_nav.dat [2009.08.30 23:17:51 | 000,003,268 | ---- | C] () -- C:\Users\babsi01\AppData\Local\hcvfsmo.dat [2009.08.30 23:17:51 | 000,001,456 | ---- | C] () -- C:\Users\babsi01\AppData\Local\hcvfsmo_navps.dat [2009.08.30 23:17:51 | 000,000,092 | ---- | C] () -- C:\Users\babsi01\AppData\Local\hcvfsmo.bat [2009.08.30 18:10:53 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.08.30 05:31:43 | 000,002,282 | ---- | C] () -- C:\Users\babsi01\AppData\Roaming\install.txt [2009.03.28 02:08:07 | 000,000,552 | ---- | C] () -- C:\Users\babsi01\AppData\Local\d3d8caps.dat [2009.02.21 17:14:17 | 000,001,356 | ---- | C] () -- C:\Users\babsi01\AppData\Local\d3d9caps.dat [2009.02.01 23:00:45 | 000,000,023 | -HS- | C] () -- C:\Windows\System32\bfbfbfdc7_g.dll [2009.01.04 22:42:10 | 000,005,959 | ---- | C] () -- C:\ProgramData\hpzinstall.log [2008.12.12 01:08:41 | 000,024,206 | ---- | C] () -- C:\Users\babsi01\AppData\Roaming\UserTile.png [2008.11.18 10:01:46 | 000,015,496 | ---- | C] () -- C:\Windows\System32\drivers\vffilter.sys [2008.11.12 18:03:08 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2008.11.10 16:21:16 | 000,027,114 | ---- | C] () -- C:\Windows\maxlink.ini [2008.11.03 23:27:55 | 000,000,145 | ---- | C] () -- C:\Windows\BRVIDEO.INI [2008.11.03 23:27:55 | 000,000,023 | ---- | C] () -- C:\Windows\Brownie.ini [2008.11.03 23:27:55 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini [2008.11.03 23:27:54 | 000,008,975 | ---- | C] () -- C:\Windows\HL-2030.INI [2008.11.03 23:27:54 | 000,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini [2008.11.03 23:27:06 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2008.10.12 20:15:21 | 000,000,099 | ---- | C] () -- C:\Windows\System32\PICSDK.ini [2008.10.12 19:52:08 | 000,000,027 | ---- | C] () -- C:\Windows\CDE DX3800G.ini [2008.10.05 19:52:37 | 000,012,238 | ---- | C] () -- C:\Users\babsi01\AppData\Roaming\wklnhst.dat [2008.10.01 17:28:30 | 000,031,232 | ---- | C] () -- C:\Users\babsi01\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.09.25 01:25:29 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll [2008.09.25 01:25:29 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll [2008.09.25 01:25:29 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll [2008.09.25 01:25:29 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll [2008.02.11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll [2007.07.25 15:40:02 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 11:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2005.02.25 05:15:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\EPSPTDV.DLL [2002.03.04 10:16:34 | 000,110,592 | R--- | C] () -- C:\Windows\System32\Jpeg32.dll ========== LOP Check ========== [2010.10.09 12:31:23 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2010.11.16 00:50:09 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\Dropbox [2008.10.12 20:45:17 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\EPSON [2010.11.01 12:55:17 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\EurekaLog [2010.03.09 00:21:46 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\Final Draft [2009.09.12 18:17:33 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\Gizmo5 [2010.11.11 01:48:52 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\gtk-2.0 [2010.11.15 00:02:27 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\kompozer.net [2009.09.12 01:51:58 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\MiniDm [2009.10.14 02:59:18 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\OpenOffice.org [2008.12.12 01:08:40 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\PeerNetworking [2010.11.15 03:42:23 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\scriptocean [2010.11.18 22:28:38 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\StarOffice8 [2009.07.30 20:30:00 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\TeamViewer [2008.10.05 19:55:11 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\Template [2009.08.30 03:55:35 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\TrojanHunter [2010.10.28 19:14:45 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\TrueCrypt [2010.08.04 22:07:14 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\Uniblue [2010.11.02 18:10:16 | 000,000,000 | ---D | M] -- C:\Users\babsi01\AppData\Roaming\Windows Live Writer [2010.11.15 23:28:45 | 000,000,474 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job [2010.07.04 19:35:05 | 000,000,508 | ---- | M] () -- C:\Windows\Tasks\Install.job [2010.11.19 21:12:05 | 000,000,336 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job [2010.11.06 12:52:53 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP 1B5B4F1@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP FC5A2B2< End of report > |
| Themen zu autorun- funktion/ selbstgebastelte viren |
| ad-aware, adobe, akamai, alternate, antivir, avgntflt.sys, avira, bho, bonjour, corp./icp, cyberghost, defender, desktop, eraser, error, explorer, fast start, firefox, format, google, home, iastor.sys, intranet, location, logfile, mozilla, nvstor.sys, oldtimer, pdfforge toolbar, plug-in, realtek, safer networking, scan, search the web, searchplugins, searchsettings.dll, spigot, start menu, stick, studio, viren, viren?, virus, vista |
Baum-Darstellung