|
Log-Analyse und Auswertung: OTL Auswertung: Hatte mehrere Trojana!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
04.06.2011, 14:26 | #1 |
| OTL Auswertung: Hatte mehrere Trojana! Ich hatte vor kurzem mehrere Trojana auf meinem PC und hatte eig. auch alle entfernt, laut Antivir und co. Aber trotzdem werde ich im Internet immer auf falsche seiten weitergeleitet und möchte jetzt gern wissen woran es liegt. Vielen Dank im Vorraus!! OTL Logfile:OTL Logfile: Code:
ATTFilter OTL logfile created on: 04.06.2011 14:45:26 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = c:\Users\XXXX\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 0000000 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 0,14 Gb Available Physical Memory | 7,02% Memory free 3,40 Gb Paging File | 1,13 Gb Available in Paging File | 33,31% Paging File free Paging file location(s): c:\pagefile.sys 1500 2500 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 243,91 Gb Total Space | 153,91 Gb Free Space | 63,10% Space Free | Partition Type: NTFS Drive D: | 221,85 Gb Total Space | 221,75 Gb Free Space | 99,95% Space Free | Partition Type: NTFS Computer Name: YYYY | User Name: XXXXX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Benedikt\Downloads\solutoinstaller121190.exe (Soluto Inc) PRC - c:\Users\Benedikt\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files\Soluto\SolutoService.exe (Soluto) PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) PRC - C:\Program Files\Avira\AntiVir Desktop\avscan.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Google\Update\1.3.21.53\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\Defrag.exe (Microsoft Corp.) PRC - C:\Windows\System32\DfrgNtfs.exe (Microsoft Corp.) PRC - C:\Windows\System32\dfrgui.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Windows\FixCamera.exe () PRC - C:\Windows\vsnpstd3.exe () PRC - C:\Windows\tsnpstd3.exe () ========== Modules (SafeList) ========== MOD - c:\Users\Benedikt\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (SolutoService) -- C:\Program Files\Soluto\SolutoService.exe (Soluto) SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe () SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.) SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation) SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe () SRV - (iprip) -- C:\Windows\System32\iprip.dll (Microsoft Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®) SRV - (LckFldService) -- C:\Windows\System32\LckFldService.exe () ========== Driver Services (SafeList) ========== DRV - (Soluto) -- C:\Windows\system32\DRIVERS\Soluto.sys (Soluto LTD.) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.) DRV - (LGVMODEM) -- C:\Windows\System32\drivers\lgvmodem.sys (LG Electronics Inc.) DRV - (LgBttPort) -- C:\Windows\System32\drivers\lgbtport.sys (LG Electronics Inc.) DRV - (lgbusenum) -- C:\Windows\System32\drivers\lgbtbus.sys (LG Electronics Inc.) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (SSHDRV5C) -- C:\Windows\System32\drivers\SSHDRV5C.sys () DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.) DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.) DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation) DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\System32\drivers\snpstd3.sys (Sonix Co. Ltd.) DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation) DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV - (VtcDrv) -- C:\Windows\System32\drivers\vtcdrv.sys (Windows (R) Codename Longhorn DDK provider) DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.) DRV - (JRAID) -- C:\Windows\system32\DRIVERS\jraid.sys (JMicron Technology Corp.) DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys () DRV - (JGOGO) -- C:\Windows\system32\DRIVERS\JGOGO.sys (JMicron ) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {3d684ca7-5d30-4a7e-9768-e17df98df80f} - C:\Program Files\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {667f86f1-c684-4aba-97a5-be7d02ea5156} - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = about:blank IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = about:blank IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.pp2345.com/?1 IE - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaultthis.engineName: "ToggleEN Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2077543&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/" FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.27.0 FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004 FF - prefs.js..extensions.enabledItems: {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019 FF - prefs.js..extensions.enabledItems: {542e4d79-1970-4e95-9862-fdb96f61b280}:2.6.0.15 FF - prefs.js..extensions.enabledItems: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:2.7.1.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: webmynd@yourentirelife.com:1.3 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.5 FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.2.2 FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.87 FF - prefs.js..extensions.enabledItems: toolbar@web.de:1.4 FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1 FF - prefs.js..extensions.enabledItems: fbdislike@doweb.fr:1.2.2 FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3 FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2 FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=toolbar2&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.28 21:46:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\toolbar@web.de: C:\Program Files\WEB.DE Toolbar IE8\Firefox\WEBDE_toolbar [2010.12.29 21:12:42 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.29 14:29:40 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.27 11:21:34 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.28 21:46:21 | 000,000,000 | ---D | M] [2008.09.06 16:42:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Extensions [2011.06.03 21:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions [2011.05.06 22:44:45 | 000,000,000 | ---D | M] (ToggleEN Community Toolbar) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b} [2011.05.27 21:14:49 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2011.05.27 21:14:55 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2010.06.26 13:53:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.05.06 22:44:46 | 000,000,000 | ---D | M] (IsoBuster Community Toolbar) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} [2009.04.21 14:37:38 | 000,000,000 | ---D | M] (P2P MAX DE Atube Toolbar) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{667f86f1-c684-4aba-97a5-be7d02ea5156} [2011.05.06 22:44:47 | 000,000,000 | ---D | M] (Eazel-DE Community Toolbar) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5} [2011.04.28 14:17:55 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2011.05.24 21:17:01 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.04.28 14:17:57 | 000,000,000 | ---D | M] (ZoneAlarm-Sicherheit Community Toolbar) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} [2011.05.10 21:15:52 | 000,000,000 | ---D | M] (New Tab King) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{FC5BAC7D-D696-4ba6-B913-CF8F000C33DF} [2009.11.09 19:19:57 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\battlefieldheroespatcher@ea.com [2011.04.17 22:39:07 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\battlefieldplay4free@ea.com [2011.05.06 22:44:45 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\engine@conduit.com [2011.04.29 15:03:48 | 000,000,000 | ---D | M] (FDislike) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\fbdislike@doweb.fr [2010.12.30 00:08:11 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\ffxtlbr@Facemoods.com [2009.09.16 19:05:00 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\moveplayer@movenetworks.com [2011.04.27 13:22:26 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\piclens@cooliris.com [2011.04.29 20:00:08 | 000,000,000 | ---D | M] (The Search Sidebar) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\webmynd@yourentirelife.com [2009.06.11 14:56:44 | 000,001,681 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\ask.uk.xml [2011.05.07 15:01:30 | 000,002,387 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\askcom.xml [2011.03.21 16:33:36 | 000,000,919 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\conduit.xml [2009.07.14 17:34:38 | 000,000,687 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icq-search.xml [2009.07.23 13:27:08 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-1.xml [2010.04.09 22:17:52 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-10.xml [2010.05.07 17:39:00 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-11.xml [2010.06.27 18:17:27 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-12.xml [2010.07.22 15:05:49 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-13.xml [2010.07.26 17:13:30 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-14.xml [2010.09.09 17:39:52 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-15.xml [2010.09.17 20:15:27 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-16.xml [2010.10.09 19:14:26 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-17.xml [2010.10.22 20:37:58 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-18.xml [2010.10.29 20:08:42 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-19.xml [2009.08.06 19:45:51 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-2.xml [2010.12.12 20:00:33 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-20.xml [2011.03.04 20:33:41 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-21.xml [2011.03.05 21:27:56 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-22.xml [2011.03.25 21:20:22 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-23.xml [2009.09.14 13:44:08 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-3.xml [2009.10.30 19:56:44 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-4.xml [2009.12.18 19:18:14 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-5.xml [2010.01.07 19:31:21 | 000,000,961 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-6.xml [2010.01.07 20:00:09 | 000,000,961 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-7.xml [2010.03.12 17:00:33 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-8.xml [2010.03.12 21:13:48 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-9.xml [2009.07.14 17:52:36 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin.xml [2009.02.06 15:29:11 | 000,001,632 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\live-search.xml [2010.01.05 20:42:25 | 000,002,037 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\myvideo-suche-.xml [2011.04.27 00:29:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2009.07.14 16:07:25 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.10.18 16:05:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.03.02 23:03:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} File not found (No name found) -- () (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI () (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{20CC25E2-48C9-45E1-9A1F-1CCC1882B81B}.XPI () (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.XPI () (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI () (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI () (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI () (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI () (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI () (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM.XPI () (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI [2011.04.29 14:29:33 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll [2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2011.03.25 21:26:40 | 000,002,428 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2010.03.10 17:00:26 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchDpg.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml Hosts file not found O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Messenger Plus DE Toolbar) - {3d684ca7-5d30-4a7e-9768-e17df98df80f} - C:\Program Files\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.) O2 - BHO: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE Toolbar IE8\uitb.dll (1und1 Mail und Media GmbH) O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (FreeRIP.com Toolbar) - {081230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\FreeRIP3\toolband.dll () O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Messenger Plus DE Toolbar) - {3d684ca7-5d30-4a7e-9768-e17df98df80f} - C:\Program Files\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE Toolbar IE8\uitb.dll (1und1 Mail und Media GmbH) O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Messenger Plus DE Toolbar) - {3D684CA7-5D30-4A7E-9768-E17DF98DF80F} - C:\Program Files\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (TorrentMan Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE Toolbar IE8\uitb.dll (1und1 Mail und Media GmbH) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Messenger Plus DE Toolbar) - {3D684CA7-5D30-4A7E-9768-E17DF98DF80F} - C:\Program Files\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (TorrentMan Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE Toolbar IE8\uitb.dll (1und1 Mail und Media GmbH) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\..\Toolbar\WebBrowser: (Messenger Plus DE Toolbar) - {3D684CA7-5D30-4A7E-9768-E17DF98DF80F} - C:\Program Files\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\..\Toolbar\WebBrowser: (TorrentMan Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE Toolbar IE8\uitb.dll (1und1 Mail und Media GmbH) O3 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Auto Updater] C:\Users\Dominik\AppData\Roaming\Adobe Systems\Updater.exe (Assembly Company) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.) O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [FixCamera] C:\Windows\FixCamera.exe () O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\JM\JMInsIDE.exe () O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe () O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003..\Run: [EA Core] File not found O4 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Benedikt\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE Toolbar IE8\uitb.dll (1und1 Mail und Media GmbH) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto) O20 - Winlogon\Notify\avldr: DllName - avldr.dll - File not found O24 - Desktop WallPaper: C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg O24 - Desktop BackupWallPaper: C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{863cc5d0-ee4c-11de-b34b-94009b9415cf}\Shell - "" = AutoRun O33 - MountPoints2\{863cc5d0-ee4c-11de-b34b-94009b9415cf}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.06.04 14:42:42 | 000,051,144 | ---- | C] (Soluto LTD.) -- C:\Windows\System32\drivers\Soluto.sys [2011.06.04 14:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soluto [2011.06.04 14:42:20 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto [2011.06.04 14:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Soluto [2011.06.04 14:04:54 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{5B071611-310B-432E-ABDC-A9AB895B69D2} [2011.06.03 22:57:15 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quick Memory Editor [2011.06.03 22:57:14 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Memory Editor [2011.06.03 22:43:57 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\Desktop\Neuer Ordner [2011.06.03 22:32:46 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\LogMeIn Hamachi [2011.06.03 22:32:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2011.06.03 22:32:28 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi [2011.06.03 21:53:40 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{232AAEB9-3F19-4C9C-924F-D021C018B59E} [2011.06.02 14:13:49 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{C538E08D-53C0-4F12-827B-C620225562E4} [2011.06.02 00:28:01 | 000,000,000 | R--D | C] -- C:\Users\Benedikt\Documents\Notes [2011.06.01 16:19:39 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{186A195A-D48C-407F-B83A-D1F9AE2B264A} [2011.05.31 20:39:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5 [2011.05.31 20:39:23 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.5 [2011.05.31 20:39:16 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.05.31 16:02:29 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{52BEA093-203E-47D0-8227-C26CA02797F3} [2011.05.30 16:20:30 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{9DD8C660-11E1-41A4-BA70-2347818A6048} [2011.05.29 16:09:39 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\go [2011.05.29 16:09:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO [2011.05.29 14:57:04 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MCEdit [2011.05.29 14:57:03 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\MCEdit [2011.05.29 13:59:20 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{B0D23ED5-B1C2-426D-BF77-3CC90BD8F41C} [2011.05.28 12:54:19 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{D63434EE-73C5-4FC1-86DD-368B73E06CED} [2011.05.27 20:07:55 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\Desktop\INVedit [2011.05.27 18:32:31 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\.minecraft [2011.05.27 18:07:28 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{A9EE99C7-1907-4803-9326-16E49DDFB322} [2011.05.25 18:16:06 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{13D7AD5B-81EB-49A5-A9CB-615D30DBCA2D} [2011.05.24 21:17:00 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\DVDVideoSoftIEHelpers [2011.05.24 21:16:56 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\Documents\DVDVideoSoft [2011.05.24 21:16:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Plasmoo [2011.05.24 15:18:12 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\Synthesia [2011.05.24 15:16:28 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\Documents\Synthesia Music [2011.05.24 15:16:28 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Synthesia [2011.05.24 15:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia [2011.05.24 15:16:28 | 000,000,000 | ---D | C] -- C:\Program Files\Synthesia [2011.05.24 14:28:05 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{31E1BA75-D5D9-4B7C-B915-9E6FBF835792} [2011.05.23 21:27:37 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{BDD11EA8-5EC1-429E-AC8C-1C995FE57ABF} [2011.05.20 18:54:12 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{6BDBF7BF-8791-4FE2-A6F2-BF46BC876162} [2011.05.19 21:29:07 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{BD7AABC9-8C81-4D01-BB25-6EFC709FFAE2} [2011.05.19 09:28:37 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{8405B74A-3C26-4405-A65D-098B31361D51} [2011.05.18 19:52:37 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{A91F1B40-4A88-46F9-8205-0C9A179ACCCD} [2011.05.17 20:10:02 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{EEC3BB88-0B43-42C1-86A5-182BD3023DBE} [2011.05.16 17:42:03 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{68B48F01-B36B-4226-93F0-831E161A50A0} [2011.05.15 20:17:10 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{1F0D4996-006F-4928-90C1-1F713F2071FF} [2011.05.14 23:58:15 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{5D1EC073-DF98-418A-8E6A-64BA8CBAD440} [2011.05.14 19:30:10 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\Avira [2011.05.14 11:57:47 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{8A8506B9-D967-4ADD-8C85-BA78B71764B8} [2011.05.13 21:03:50 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{3CAC3425-7222-4AC2-9A63-6E9902F2F7F7} [2011.05.12 19:08:09 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{BAA71C81-9900-4BDB-9F1D-D0F3129DE6F2} [2011.05.11 18:52:07 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{DC2437DA-F314-428E-B382-4E59C4A56827} [2011.05.10 15:05:02 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{0996B5B2-E701-40A6-9587-B5208E446739} [2011.05.09 20:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva [2011.05.09 20:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva [2011.05.09 20:37:40 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeUndelete [2011.05.09 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\FreeUndelete [2011.05.09 18:03:14 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{8E2ECB1D-2E69-4545-BFAF-FB309BD881EE} [2011.05.08 19:29:58 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{F327A41E-B1FC-41D6-86E5-283FA4E152F3} [2011.05.07 22:53:11 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{2DB5DA68-BFEB-4DEC-BBF9-924D74C4FF29} [2011.05.07 15:43:24 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\PMB Files [2011.05.07 10:50:37 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{4FD4258E-A488-4D03-A4D2-05713E44B983} [2011.05.06 14:35:12 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{FAD1A9C8-D1F7-4ADB-AFA9-E7348E657B86} [2011.05.05 21:14:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\System Restore [2011.05.05 16:17:21 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{571635D9-1C82-4762-B33D-CACC9B8A1A03} [2011.01.06 20:34:17 | 000,155,648 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd3.dll [2011.01.06 20:34:17 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll [2011.01.06 20:34:16 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll [2011.01.06 20:34:16 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll ========== Files - Modified Within 30 Days ========== [2011.06.04 14:56:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{27137807-3851-40E5-9D8C-200A1B35CDF4}.job [2011.06.04 14:55:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0520E69E-26D8-498C-AD66-71E332F376E7}.job [2011.06.04 14:52:14 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{ED4DC7F5-282E-427F-9EFC-EFF316DF019B}.job [2011.06.04 14:48:48 | 000,000,098 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2011.06.04 14:45:23 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.06.04 14:45:06 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.06.04 14:05:18 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011.06.04 14:03:07 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2011.06.04 14:03:03 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\SLOW-PCfighter-Dominik-Startup.job [2011.06.04 14:02:38 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.04 14:02:38 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.04 14:02:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.04 14:02:28 | 2145,968,128 | -HS- | M] () -- C:\hiberfil.sys [2011.06.01 15:34:42 | 000,051,144 | ---- | M] (Soluto LTD.) -- C:\Windows\System32\drivers\Soluto.sys [2011.05.31 20:39:16 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.05.29 18:22:48 | 000,001,356 | ---- | M] () -- C:\Users\Benedikt\AppData\Local\d3d9caps.dat [2011.05.24 15:16:28 | 000,001,716 | ---- | M] () -- C:\Users\Benedikt\Desktop\Play Synthesia.lnk [2011.05.20 19:28:47 | 000,000,041 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\vispa.ini [2011.05.19 12:11:00 | 000,674,316 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.05.19 12:11:00 | 000,634,694 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.05.19 12:11:00 | 000,140,212 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.05.19 12:11:00 | 000,115,894 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.05.07 17:08:17 | 000,000,025 | ---- | M] () -- C:\Windows\SIERRA.INI [2011.05.07 12:16:15 | 000,000,404 | ---- | M] () -- C:\Users\Benedikt\Desktop\Neuer Ordner.rar ========== Files Created - No Company Name ========== [2011.06.04 14:48:48 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2011.06.02 14:32:07 | 2145,968,128 | -HS- | C] () -- C:\hiberfil.sys [2011.05.29 16:09:40 | 000,001,603 | ---- | C] () -- C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play games (EasyBits GO).lnk [2011.05.27 18:30:42 | 000,232,501 | ---- | C] () -- C:\Users\Benedikt\Desktop\Minecraft.exe [2011.05.24 15:20:03 | 000,001,716 | ---- | C] () -- C:\Users\Benedikt\Desktop\Play Synthesia.lnk [2011.05.20 19:27:56 | 000,000,041 | ---- | C] () -- C:\Users\Benedikt\AppData\Roaming\vispa.ini [2011.05.07 12:16:15 | 000,000,404 | ---- | C] () -- C:\Users\Benedikt\Desktop\Neuer Ordner.rar [2011.02.21 19:57:42 | 000,036,892 | ---- | C] () -- C:\Windows\System32\bassmod.dll [2011.01.06 20:34:22 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe [2011.01.06 20:34:19 | 000,835,584 | ---- | C] () -- C:\Windows\vsnpstd3.exe [2011.01.06 20:34:19 | 000,270,336 | ---- | C] () -- C:\Windows\tsnpstd3.exe [2011.01.06 20:34:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini [2010.12.29 21:57:15 | 000,036,864 | ---- | C] () -- C:\Windows\System32\LckFldService.exe [2010.12.07 20:20:21 | 000,210,944 | ---- | C] () -- C:\Windows\System32\msvcrt10.dll [2010.12.07 20:20:21 | 000,005,515 | ---- | C] () -- C:\Windows\fmachine.ini [2010.11.11 22:06:35 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010.11.11 18:48:08 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2010.04.16 19:06:03 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll [2010.04.02 22:27:58 | 008,676,883 | ---- | C] () -- C:\Windows\System32\mp3Media2.dll [2010.04.02 22:17:19 | 000,001,074 | ---- | C] () -- C:\ProgramData\ss.ini [2010.04.02 22:17:03 | 000,000,033 | ---- | C] () -- C:\ProgramData\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini [2010.03.29 22:03:04 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2010.03.29 22:03:04 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2010.01.31 20:12:00 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2009.12.21 19:42:13 | 000,221,291 | ---- | C] () -- C:\Windows\Imei_dll.dll [2009.12.21 19:42:13 | 000,040,960 | ---- | C] () -- C:\Windows\Sublock.dll [2009.11.16 18:33:38 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll [2009.11.09 19:49:25 | 000,138,264 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2009.11.09 19:49:25 | 000,138,056 | ---- | C] () -- C:\Users\Benedikt\AppData\Roaming\PnkBstrK.sys [2009.11.09 19:49:10 | 000,234,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2009.11.09 19:49:09 | 002,395,944 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe [2009.11.09 19:49:09 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2009.09.26 13:08:01 | 000,000,164 | ---- | C] () -- C:\Windows\G403ph_K.INI [2009.09.24 16:34:54 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.09.24 16:34:54 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll [2009.04.21 15:23:26 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2009.03.07 10:05:13 | 000,001,356 | ---- | C] () -- C:\Users\Benedikt\AppData\Local\d3d9caps.dat [2009.02.28 22:40:25 | 000,000,034 | -H-- | C] () -- C:\Windows\System32\Converter_sysquict.dat [2009.02.28 22:40:04 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009.02.28 22:40:02 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2009.02.28 22:40:02 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009.02.28 22:40:01 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009.01.26 18:22:38 | 000,004,096 | -H-- | C] () -- C:\Users\Benedikt\AppData\Local\keyfile3.drm [2009.01.01 20:59:31 | 000,034,816 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV5C.sys [2008.12.25 20:24:18 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll [2008.12.25 20:24:18 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll [2008.12.25 20:24:18 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll [2008.12.18 22:27:24 | 006,320,872 | ---- | C] () -- C:\Program Files\npsibelius.dll [2008.07.29 14:26:19 | 000,000,162 | ---- | C] () -- C:\Windows\G403ma_K.INI [2008.07.29 14:25:59 | 000,375,296 | ---- | C] () -- C:\Windows\System32\tx32.dll [2008.07.29 14:25:59 | 000,000,202 | ---- | C] () -- C:\Windows\System32\IC32.INI [2008.07.25 11:16:17 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.07.22 20:33:24 | 003,086,336 | ---- | C] () -- C:\Windows\System32\NCMedia.dll [2008.07.22 20:33:24 | 003,086,336 | ---- | C] () -- C:\Windows\System32\flvvideo.dll [2008.07.22 20:33:24 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2008.07.22 20:33:24 | 000,383,238 | ---- | C] () -- C:\Windows\System32\libmp3lame-0.dll [2008.07.22 17:04:33 | 003,345,408 | ---- | C] () -- C:\Windows\System32\avcodec-51.dll [2008.07.22 17:04:33 | 000,448,512 | ---- | C] () -- C:\Windows\System32\avformat-50.dll [2008.07.22 17:04:33 | 000,019,968 | ---- | C] () -- C:\Windows\System32\avutil-49.dll [2008.07.20 14:19:14 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI [2008.07.12 15:38:57 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll [2008.07.12 15:38:14 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2008.07.12 15:38:01 | 000,005,937 | ---- | C] () -- C:\Windows\mgxoschk.ini [2008.07.09 18:17:01 | 000,044,544 | ---- | C] () -- C:\Users\Benedikt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008.06.15 00:54:15 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2008.04.02 11:26:17 | 000,000,907 | R--- | C] () -- C:\Windows\System32\AsusSetup.ini [2008.04.02 11:26:17 | 000,000,263 | R--- | C] () -- C:\Windows\System32\raidmgmt.ini [2008.04.02 11:26:06 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys [2008.04.02 11:26:05 | 000,012,231 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2008.01.21 09:15:58 | 000,674,316 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2008.01.21 09:15:58 | 000,140,212 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,442,416 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,634,694 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,115,894 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS [2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\System32\drivers\ADFUUD.SYS [2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\ADFUUD.SYS ========== LOP Check ========== [2011.05.30 18:57:45 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\.minecraft [2010.11.11 19:56:40 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\Auslogics [2011.04.21 20:55:56 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\Babylon [2010.10.12 19:02:37 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\CheckPoint [2010.01.20 16:22:01 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\Desktopicon [2010.11.11 21:48:11 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\DNA [2011.05.24 21:17:00 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\DVDVideoSoftIEHelpers [2011.05.01 17:47:47 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\FireShot [2010.11.09 22:01:10 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\GlarySoft [2011.06.04 14:04:38 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\go [2011.04.11 20:55:16 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\GrabPro [2010.12.26 22:06:56 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\gtk-2.0 [2010.12.16 22:06:23 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\ICQ [2008.06.16 17:44:39 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\ICQ Toolbar [2011.02.27 16:51:14 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\LG Electronics [2011.03.04 20:23:52 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\LolClient [2008.07.13 13:08:07 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\MAGIX [2010.10.03 21:09:16 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\NCH Swift Sound [2011.04.16 15:54:04 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\Orbit [2009.12.20 14:23:55 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\PC Suite [2010.12.14 18:53:19 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\PhotoScape [2011.04.11 20:45:27 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\ProgSense [2011.04.28 18:57:23 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\SE_logs [2011.04.28 18:59:52 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\SogouExplorer [2011.05.24 15:19:47 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\Synthesia [2010.06.07 17:26:49 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\TS3Client [2010.01.03 23:59:24 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\TuneUp Software [2011.04.21 15:33:09 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\Ubisoft [2010.12.29 21:12:41 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\uiToolBar Desktop Icons [2010.11.09 21:34:17 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\uTorrent [2009.12.18 19:21:01 | 000,000,000 | -H-D | M] -- C:\Users\Benedikt\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6} [2011.03.10 20:10:13 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\NCH Swift Sound [2010.07.17 21:45:27 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\PC Suite [2010.02.17 19:05:37 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\TuneUp Software [2010.10.12 20:58:55 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\CheckPoint [2011.06.03 21:52:00 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\DNA [2008.07.22 17:04:43 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Eltima Software [2011.03.06 01:36:04 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\facemoods.com [2011.03.11 01:20:18 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Fighters [2011.06.03 17:56:23 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\go [2011.06.03 21:51:57 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ICQ [2008.06.15 13:29:40 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ICQ Toolbar [2011.03.03 00:04:58 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\LolClient [2008.07.12 15:41:25 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\MAGIX [2010.10.04 17:16:07 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\MusE [2010.10.02 19:05:53 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\NCH Swift Sound [2009.12.19 00:29:21 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Nokia [2010.01.08 00:06:41 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Nseries [2011.04.11 22:45:37 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\PC Suite [2011.02.15 11:42:08 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Systweak [2008.12.08 20:39:05 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TuneUp Software [2010.10.17 17:41:19 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Ubisoft [2010.08.14 14:53:02 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\VSO [2010.10.13 22:25:33 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\XMedia Recode [2010.10.14 18:27:15 | 000,000,000 | ---D | M] -- C:\Users\Smiljana\AppData\Roaming\CheckPoint [2008.12.15 20:46:34 | 000,000,000 | ---D | M] -- C:\Users\Smiljana\AppData\Roaming\ICQ Toolbar [2010.01.06 20:15:10 | 000,000,000 | ---D | M] -- C:\Users\Smiljana\AppData\Roaming\PC Suite [2011.05.26 17:19:36 | 000,000,000 | ---D | M] -- C:\Users\Smiljana\AppData\Roaming\Synthesia [2008.09.30 20:15:53 | 000,000,000 | ---D | M] -- C:\Users\Smiljana\AppData\Roaming\TuneUp Software [2011.06.04 14:03:07 | 000,000,320 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job [2011.02.15 17:17:31 | 000,000,256 | ---- | M] () -- C:\Windows\Tasks\Regclean Pro_MONTHLY.job [2011.04.27 10:42:10 | 000,000,276 | ---- | M] () -- C:\Windows\Tasks\Regclean Pro_UPDATES.job [2011.06.04 00:16:11 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.06.04 14:03:03 | 000,000,360 | ---- | M] () -- C:\Windows\Tasks\SLOW-PCfighter-Dominik-Startup.job [2011.06.04 14:55:00 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0520E69E-26D8-498C-AD66-71E332F376E7}.job [2011.06.04 14:56:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{27137807-3851-40E5-9D8C-200A1B35CDF4}.job [2011.06.04 14:52:14 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{ED4DC7F5-282E-427F-9EFC-EFF316DF019B}.job ========== Purity Check ========== ========== Files - Unicode (All) ========== (C:\ProgramData\Microsoft\Windows\Start Menu\Programs\???????) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\搜狗高速浏览器 < End of report > |
05.06.2011, 16:48 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | OTL Auswertung: Hatte mehrere Trojana!Zitat:
__________________ |
Themen zu OTL Auswertung: Hatte mehrere Trojana! |
?????, adobe, antivir, assembly, autorun, avg, avira, babylontoolbar, bho, bingbar, bonjour, canon, conduit, converter, defender, desktop, error, falsche seite, firefox, format, google, home, internet, logfile, mozilla, mp3, msvcrt, nvlddmkm.sys, object, oldtimer, otl auswertung, plug-in, regclean, regclean pro, registry, scan, sched.exe, searchplugins, security, security scan, software, start menu, vista |