Hallo,hatte das OTL total übersehen-sorry,OTL Logfile: Code:
OTL Extras logfile created on: 22.04.2013 17:18:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\******\Druckumgebung\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
510,98 Mb Total Physical Memory | 171,79 Mb Available Physical Memory | 33,62% Memory free
1,22 Gb Paging File | 0,81 Gb Available in Paging File | 66,50% Paging File free
Paging file location(s): C:\pagefile.sys 765 765 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 48,67 Gb Free Space | 65,31% Space Free | Partition Type: NTFS
Drive D: | 668,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: NAME********** | User Name: ****** | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Programme\Opera\Opera.exe (Opera Software)
.url [@ = InternetShortcut] -- rundll32.exe shdocvw.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-822765324-1220365244-1218344475-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
http [open] -- "C:\Programme\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Programme\Opera\Opera.exe" "%1" (Opera Software)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\AOL 9.0 VR\waol.exe" = C:\Programme\AOL 9.0 VR\waol.exe:*:Enabled:AOL 9.0 VR -- (AOL, LLC.)
"C:\Programme\AOL 9.0 VRb\waol.exe" = C:\Programme\AOL 9.0 VRb\waol.exe:*:Enabled:AOL 9.0 VRb
"C:\Programme\AOL 9.0 VRc\waol.exe" = C:\Programme\AOL 9.0 VRc\waol.exe:*:Enabled:AOL 9.0 VRc
"C:\Programme\AOL 9.0 VRd\waol.exe" = C:\Programme\AOL 9.0 VRd\waol.exe:*:Enabled:AO321C~1.0VR
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Programme\AOL 9.0a\waol.exe" = C:\Programme\AOL 9.0a\waol.exe:*:Enabled:AOL
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Java\j2re1.4.2_03\bin\java.exe" = C:\Programme\Java\j2re1.4.2_03\bin\java.exe:*:Disabled:java
"C:\Programme\AOL 9.0 VRb\waol.exe" = C:\Programme\AOL 9.0 VRb\waol.exe:*:Disabled:AOL 9.0 VRb
"C:\Programme\AOL 9.0 VRc\waol.exe" = C:\Programme\AOL 9.0 VRc\waol.exe:*:Disabled:AOL 9.0 VRc
"C:\Programme\AOL 9.0 VRa\waol.exe" = C:\Programme\AOL 9.0 VRa\waol.exe:*:Disabled:AOL
"C:\Programme\Gemeinsame Dateien\aol\1174672781\ee\aolsoftware.exe" = C:\Programme\Gemeinsame Dateien\aol\1174672781\ee\aolsoftware.exe:*:Disabled:AOL Shared Components
"C:\Programme\AOL 9.0 VRd\waol.exe" = C:\Programme\AOL 9.0 VRd\waol.exe:*:Disabled:AO321C~1.0VR
"C:\Programme\Gemeinsame Dateien\G DATA\AVKMail\AVKPop.exe" = C:\Programme\Gemeinsame Dateien\G DATA\AVKMail\AVKPop.exe:127.0.0.1/255.255.255.255:Disabled:G DATA AntiVirenKit eMail Virenblocker
"C:\Programme\MSN Gaming Zone\Windows\chkrzm.exe" = C:\Programme\MSN Gaming Zone\Windows\chkrzm.exe:*:Disabled:Internet-Dame -- (Microsoft Corporation)
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Disabled:Microsoft Fax Console
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Disabled:AOL
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Programme\Gemeinsame Dateien\aol\1205170035\ee\aolsoftware.exe" = C:\Programme\Gemeinsame Dateien\aol\1205170035\ee\aolsoftware.exe:*:Enabled:AOL Shared Components -- (AOL LLC)
"C:\Programme\AOL 9.0a\waol.exe" = C:\Programme\AOL 9.0a\waol.exe:*:Enabled:AOL
"C:\Programme\AOL 9.0 VR\waol.exe" = C:\Programme\AOL 9.0 VR\waol.exe:*:Enabled:AOL -- (AOL, LLC.)
"C:\Programme\Gemeinsame Dateien\aol\TopSpeed\3.0\aoltpsd3.exe" = C:\Programme\Gemeinsame Dateien\aol\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- (AOL LLC)
"C:\Programme\Gemeinsame Dateien\aol\System Information\sinf.exe" = C:\Programme\Gemeinsame Dateien\aol\System Information\sinf.exe:*:Enabled:AOL System Information -- (AOL LLC)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\AOL 9.0 VR\aol.exe" = C:\Programme\AOL 9.0 VR\aol.exe:*:Enabled:AOL 9.0 -- (AOL, LLC.)
"C:\Programme\Gemeinsame Dateien\aol\Loader\aolload.exe" = C:\Programme\Gemeinsame Dateien\aol\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3\WNt500x86\RpcSandraSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite 2009.SP3\WNt500x86\RpcSandraSrv.exe:*:Disabled:SiSoftware Sandra Agent Service
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Programme\G DATA AntiVirenKit präsentiert von AOL\AVKBar.exe" = C:\Programme\G DATA AntiVirenKit präsentiert von AOL\AVKBar.exe:*:Enabled:AVK SecurityAgent
"C:\Programme\WISO\Sparbuch 2008\wiso2008.exe" = C:\Programme\WISO\Sparbuch 2008\wiso2008.exe:*:Disabled:WISO Sparbuch 2008 -- ()
"C:\Programme\MyPrivateTrade\MyPrivateTrade.exe" = C:\Programme\MyPrivateTrade\MyPrivateTrade.exe:*:Enabled:MyPrivateTrade.exe -- ( )
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programme\Opera\pluginwrapper\opera_plugin_wrapper.exe" = C:\Programme\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C58EBE-223E-4AB6-8AE9-38F27F4420BD}" = WISO Sparbuch 2009
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{1E279749-9F3A-47B5-81AB-B197A2A38A71}" = Steuer-Spar-Erklärung 2006
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{225AF9A1-B556-88D5-94AA-0010B5426419}" = My DSC
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Hama Wireless LAN Adapter
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = Logitech Registration
"{46B70DEB-97B3-4E38-B746-EC16905E6A8F}" = WISO Sparbuch 2010
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56918C0C-0D87-4CA6-92BF-4975A43AC719}" = KhalInstallWrapper
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.79.1
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{659660d0-edb3-4afb-be92-7ea22a0cae65}.sdb" = Windows XP Junglebook Compatiblity Fix
"{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}" = HP Foto- und Bildbearbeitung 2.0 All-in-One Treiber
"{70af630e-2e1b-470f-b600-9ae48f0b94d0}.sdb" = Disney Interactive Compatibility Update December 2002
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{735DEB9C-61BD-4D31-994B-92395BBB4E45}" = Microsoft XML Parser
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{9867A917-5D17-40DE-83BA-BEA5293194B1}" = HP Foto- und Bildbearbeitung 2.0 - All-in-One
"{99D42EC7-652B-4819-B3E6-6450C815E03F}" = Odyssey Client
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Speicher-Disc
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C457BA5F-35F9-480C-90F8-5C91DB443A15}_is1" = Shutdown Manager
"{C900EF06-2E76-49C7-8DB0-41F629B21DC5}" = hp psc 1200 series
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC038D57-788A-4544-BF8F-179E5CF50D2F}" = Microsoft Visual C++ 2005 SP1 CRT Redistributable
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{E5749F68-9EEA-4E2D-A286-4B471315DED8}" = MyPrivateTrade
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"7-Zip" = 7-Zip 4.65
"Absolute Uninstaller_is1" = Absolute Uninstaller 2.5
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AliceHilfe 1.0.0.1" = AliceHilfe
"AOL Deinstallation" = AOL Deinstallation
"AOL eMail-Konfiguration 3.0.0.2" = AOL eMail-Konfiguration
"AOL Installations-Manager" = AOL Installations-Manager
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira Free Antivirus
"BSI" = BSI
"DFÜ-Optimierer" = DFÜ-Optimierer 1.40
"ExpressBurn" = Express Burn
"Foxit Creator" = Foxit Creator
"Foxit Reader_is1" = Foxit Reader
"HaufeReader" = HaufeReader
"HijackThis" = HijackThis 2.0.2
"HP PSC 1200 Series" = HP Foto und Bildbearbeitung 2.0 - hp psc 1200 series
"Language Coach" = Language Coach Uninstall
"LiveReg" = LiveReg (Symantec Corporation)
"LiveUpdate" = LiveUpdate 1.80 (Symantec Corporation)
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Ahead Nero OEM
"Nero BurnRights!UninstallKey" = Ahead Nero BurnRights
"NeroVision!UninstallKey" = Ahead NeroVision Express
"Opera 12.15.1748" = Opera 12.15
"PROSet" = Intel(R) PRO Network Adapters and Drivers
"Recover My Files_is1" = Recover My Files
"Revo Uninstaller" = Revo Uninstaller 1.94
"Shockwave" = Shockwave
"SLAMRMO" = Smart Link 56K Modem
"USB7554" = MicroLink 56k Fun USB
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Z-DBackup" = Z-DBackup
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-822765324-1220365244-1218344475-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ActiveTrader 4.11.30_b1" = ActiveTrader 4.11.30_b1
"OANDA FXTrade" = OANDA FXTrade
========== Last 20 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
--- --- ---
OTL Logfile: Code:
OTL logfile created on: 22.04.2013 17:18:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\******\Druckumgebung\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
510,98 Mb Total Physical Memory | 171,79 Mb Available Physical Memory | 33,62% Memory free
1,22 Gb Paging File | 0,81 Gb Available in Paging File | 66,50% Paging File free
Paging file location(s): C:\pagefile.sys 765 765 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 48,67 Gb Free Space | 65,31% Space Free | Partition Type: NTFS
Drive D: | 668,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: NAME******* | User Name:***** | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\etiena\Druckumgebung\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Hama\Common\RaUI.exe (Hama GmbH & Co KG)
PRC - C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Programme\TrojanHunter 5.1\contmenu.dll ()
MOD - C:\Programme\Hama\Common\acAuth.dll ()
========== Services (SafeList) ==========
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (JavaQuickStarterService) -- C:\Programme\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AOL ACS) -- C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe (AOL LLC)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (SLService) -- C:\WINDOWS\System32\slserv.exe ( )
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
========== Driver Services (SafeList) ==========
DRV - (ZDPSp50) -- System32\Drivers\ZDPSp50.sys File not found
DRV - (WDICA) -- File not found
DRV - (TSMPacket) -- system32\DRIVERS\tsmpkt.sys File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (cmuda2) -- system32\drivers\cmuda2.sys File not found
DRV - (Changer) -- File not found
DRV - (BTWUSB) -- System32\Drivers\btwusb.sys File not found
DRV - (BTWDNDIS) -- system32\DRIVERS\btwdndis.sys File not found
DRV - (BTDriver) -- system32\DRIVERS\btport.sys File not found
DRV - (btaudio) -- system32\drivers\btaudio.sys File not found
DRV - (BLKWGU(Belkin) -- system32\DRIVERS\BLKWGU.sys File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (AFS2K) -- C:\WINDOWS\System32\drivers\AFS2K.SYS (Oak Technology Inc.)
DRV - (5d575) -- C:\WINDOWS\system32\5d575.sys ()
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (RT73) -- C:\WINDOWS\system32\drivers\rt73.sys (Ralink Technology, Corp.)
DRV - (LUsbFilt) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMouKE.Sys (Logitech Inc.)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (L8042mou) -- C:\WINDOWS\system32\drivers\L8042mou.Sys (Logitech Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech Inc.)
DRV - (MOUSEWDFilter) -- C:\WINDOWS\system32\drivers\MOUSEWD.SYS ()
DRV - (btwmodem) -- C:\WINDOWS\system32\drivers\btwmodem.sys (Broadcom Corporation.)
DRV - (SSHDRV62) -- C:\WINDOWS\system32\drivers\SSHDRV62.sys ()
DRV - (RecAgent) -- C:\WINDOWS\system32\drivers\recagent.sys (Smart Link)
DRV - (cdrbsdrv) -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS (B.H.A Corporation)
DRV - (wind502u) -- C:\WINDOWS\system32\drivers\wind502u.sys (Envara Inc.)
DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.)
DRV - (L8042pr2) -- C:\WINDOWS\system32\drivers\L8042pr2.Sys (Logitech, Inc.)
DRV - (LHidUsb) -- C:\WINDOWS\system32\drivers\LHIDUSB.SYS (Logitech, Inc.)
DRV - (LHidFlt2) -- C:\WINDOWS\system32\drivers\LHIDFLT2.SYS (Logitech, Inc.)
DRV - (Slntamr) -- C:\WINDOWS\system32\drivers\slntamr.sys ( )
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (CBTNDIS5) -- C:\WINDOWS\system32\CBTNDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (Mtlmnt5) -- C:\WINDOWS\system32\drivers\mtlmnt5.sys ( )
DRV - (Mtlstrm) -- C:\WINDOWS\system32\drivers\mtlstrm.sys ( )
DRV - (SlNtHal) -- C:\WINDOWS\system32\drivers\slnthal.sys ( )
DRV - (SlWdmSup) -- C:\WINDOWS\system32\drivers\slwdmsup.sys (Vireo Software)
DRV - (NtMtlFax) -- C:\WINDOWS\system32\drivers\ntmtlfax.sys ( )
DRV - (odysseyIM3) -- C:\WINDOWS\system32\drivers\odysseyIM3.sys (Funk Software, Inc.)
DRV - (wanatw) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (DCamUSBSQTECH) -- C:\WINDOWS\system32\drivers\sqcaptur.sys (Service & Quality Technology.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com/?utm_source=b&utm_medium=fox&from=fox&uid=WD-WCADW1106292_WDCWD800LB-07DNA2&ts=1352830343
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.v9.com/?utm_source=b&utm_medium=fox&from=fox&uid=WD-WCADW1106292_WDCWD800LB-07DNA2&ts=1352830343
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://search.v9.com/web/?q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.v9.com/web/?q={searchTerms}
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sb/*hxxp://de.docs.yahoo.com/info/ie6.html
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F4 6D B2 96 CC 25 CA 01 [binary data]
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch =
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - No CLSID value found
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = hxxp://search.v9.com/web/?q={searchTerms}
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = hxxp://www.aol.de/redirect/toolbar/v4/websuche.jsp?q={searchTerms}&invocationType=TB50ie7-de-de
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\SearchScopes\{85BD2358-AB6D-49D6-9580-DC4AA464DCB7}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\SearchScopes\{B8DD677D-67FD-4DA9-8005-92838CBD8EE0}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\SearchScopes\{E95A3832-3C14-406E-8C39-DED35D77BF44}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "v9"
FF - prefs.js..browser.search.order.1: "v9"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B097d3191-e6fa-4728-9826-b533d755359d%7D:0.7.18
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: autofillForms%40blueimp.net:0.9.9.0
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130402
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.6rc5
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.13
FF - prefs.js..extensions.enabledItems: autofillForms@blueimp.net:0.9.8.0
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Programme\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Programme\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKCU\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.04.11 13:01:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.04.11 13:00:27 | 000,000,000 | ---D | M]
[2008.06.20 00:16:09 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\etiena\Anwendungsdaten\Mozilla\Extensions
[2013.04.04 13:19:03 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\etiena\Anwendungsdaten\Mozilla\Firefox\Profiles\bp7a5wyy.default\extensions
[2013.04.02 19:29:04 | 000,000,000 | ---D | M] (WOT) -- C:\Dokumente und Einstellungen\etiena\Anwendungsdaten\Mozilla\Firefox\Profiles\bp7a5wyy.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2009.02.23 20:49:56 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Dokumente und Einstellungen\etiena\Anwendungsdaten\Mozilla\Firefox\Profiles\bp7a5wyy.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}(2)
[2013.01.27 17:29:14 | 000,149,045 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\etiena\Anwendungsdaten\Mozilla\Firefox\Profiles\bp7a5wyy.default\extensions\autofillForms@blueimp.net.xpi
[2012.08.28 03:41:06 | 000,455,379 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\etiena\Anwendungsdaten\Mozilla\Firefox\Profiles\bp7a5wyy.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2012.08.01 23:47:45 | 000,002,088 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\etiena\Anwendungsdaten\Mozilla\Firefox\Profiles\bp7a5wyy.default\extensions\{14323AEE-F6B8-4DC8-BCE3-E62645830585}.xpi
[2013.04.04 13:19:03 | 000,532,701 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\etiena\Anwendungsdaten\Mozilla\Firefox\Profiles\bp7a5wyy.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.02.28 02:31:06 | 000,817,280 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\etiena\Anwendungsdaten\Mozilla\Firefox\Profiles\bp7a5wyy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.04 13:19:02 | 000,714,654 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\etiena\Anwendungsdaten\Mozilla\Firefox\Profiles\bp7a5wyy.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2008.07.21 23:26:38 | 000,001,021 | ---- | M] () -- C:\Dokumente und Einstellungen\etiena\Anwendungsdaten\Mozilla\Firefox\Profiles\bp7a5wyy.default\searchplugins\leo.xml
[2013.04.11 13:00:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.04.11 13:00:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.04.11 13:00:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.04.11 13:00:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2009.06.24 11:17:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2013.04.11 13:01:05 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2004.02.20 22:14:09 | 000,176,177 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\npViewpoint.dll
[2006.09.26 13:03:14 | 000,098,304 | ---- | M] (Zylom) -- C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012.06.28 03:30:05 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 09:09:01 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.28 03:30:05 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.28 03:30:05 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.28 03:30:05 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.28 03:30:05 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
O1 HOSTS File: ([2012.04.28 14:25:13 | 000,442,981 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 15220 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {4D46ED77-1429-4CF6-8F63-C84B5D710BAF} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {4D46ED77-1429-4CF6-8F63-C84B5D710BAF} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O3 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\Toolbar\ShellBrowser: (no name) - {23B0D39A-E245-41B7-BF86-1238CF62625E} - No CLSID value found.
O3 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\Toolbar\ShellBrowser: (no name) - {4D46ED77-1429-4CF6-8F63-C84B5D710BAF} - No CLSID value found.
O3 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\Toolbar\WebBrowser: (no name) - {23B0D39A-E245-41B7-BF86-1238CF62625E} - No CLSID value found.
O3 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\Toolbar\WebBrowser: (no name) - {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - No CLSID value found.
O3 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\Toolbar\WebBrowser: (no name) - {4D46ED77-1429-4CF6-8F63-C84B5D710BAF} - No CLSID value found.
O3 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O3 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007..\Run: [AOL Fast Start] C:\Programme\AOL 9.0 VR\aol.exe (AOL, LLC.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Hama Wireless LAN Utility.lnk = C:\Programme\Hama\Common\RaUI.exe (Hama GmbH & Co KG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Mit dem LeechGet Wizard laden - file://C:\Programme\LeechGet 2006\\Wizard.html File not found
O8 - Extra context menu item: Mit LeechGet herunterladen - file://C:\Programme\LeechGet 2006\\AddUrl.html File not found
O8 - Extra context menu item: Mit LeechGet parsen - file://C:\Programme\LeechGet 2006\\Parser.html File not found
O15 - HKU\.DEFAULT\..Trusted Domains: AOL ([]https in Vertrauenswürdige Sites)
O15 - HKU\.DEFAULT\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\.DEFAULT\..Trusted Domains: handelsblatt.com ([]https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: AOL ([]https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-18\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-18\..Trusted Domains: handelsblatt.com ([]https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..Trusted Domains: alice.de ([]https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..Trusted Domains: aol.de ([]https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..Trusted Domains: bundderenergieverbraucher.de ([]https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..Trusted Domains: cortalconsors.com ([]https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..Trusted Domains: dab-bank.de ([www] https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..Trusted Domains: deutsche börse.com ([]https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..Trusted Domains: *****.de ([]https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..Trusted Domains: frankfurter börse ([]https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..Trusted Domains: onvista.de ([my] https in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-822765324-1220365244-1218344475-1007\..Trusted Domains:*******.de ([]https in Vertrauenswürdige Sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} hxxp://download.microsoft.com/download/0/5/c/05c905f4-dd30-427d-a3de-373c3e5552fc/msSecAdv.cab?1093620505140 (MSSecurityAdvisor Class)
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} hxxp://aolcc.aol.de/computercheckup/qdiagcc.cab (Reg Error: Key error.)
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} hxxp://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_6.cab (FixController Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1210600363364 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game11.zylomgames.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} hxxp://game15.zylomgames.com/activex/zylomloader.cab (Zylom Loader Object)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5362/mcfscan.cab (McFreeScan Class)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0FA8B3AC-3297-4525-B534-D6B54521656F}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32DE5E7D-FEE6-457D-8ECF-A17BFEB56FD3}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3DACB568-47CB-445E-8D80-C3AA2F54C07A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8B946A7A-8FB8-46E6-8F08-BF55A7E4A2B2}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{97D220A6-1247-4498-B68C-FDEB1388ADD3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A5AA8BBD-C8F3-4B41-834D-1DC17FEA65C1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C11E0C8B-1758-4153-B014-49BB7018865F}: NameServer = 192.168.5.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\haufereader {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll (Haufe Mediengruppe)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\tbr - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003.11.18 14:59:50 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (pgdfgsvc C 1)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.04.21 15:02:28 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2013.04.21 14:53:34 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.04.21 14:53:34 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.04.21 14:53:34 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.04.20 13:11:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Foxit Reader
[2013.04.11 13:00:15 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2013.04.01 15:25:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\******\Druckumgebung\Eigene Dateien\ing ********
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\******\Lokale Einstellungen\Anwendungsdaten\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.04.22 12:51:22 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.04.22 12:51:14 | 535,875,584 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.21 16:50:08 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.04.21 13:11:14 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.04.15 14:32:10 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.04.15 14:32:08 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.04.15 14:32:07 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.04.14 18:13:58 | 000,000,525 | ---- | M] () -- C:\hpfr3420.xml
[2013.04.10 19:12:12 | 000,280,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.04.10 18:59:40 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.04.05 18:39:37 | 000,001,031 | ---- | M] () -- C:\WINDOWS\wiso.ini
[2013.04.04 05:35:08 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013.04.04 05:30:10 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013.04.04 05:29:44 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013.04.01 00:23:55 | 000,448,542 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.04.01 00:23:54 | 000,467,440 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.04.01 00:23:54 | 000,089,140 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.04.01 00:23:54 | 000,075,112 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.03.29 17:11:16 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.03.29 17:11:16 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.03.29 17:11:16 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\*****\Lokale Einstellungen\Anwendungsdaten\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.10.20 16:34:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.02.15 13:04:47 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2009.06.18 20:22:45 | 000,079,397 | ---- | C] () -- C:\Dokumente und Einstellungen\etiena\axbx.dat
[2009.02.10 19:30:08 | 000,000,163 | -H-- | C] () -- C:\Dokumente und Einstellungen\etiena\Anwendungsdaten\xpy.ini
[2008.11.24 21:41:37 | 000,016,045 | ---- | C] () -- C:\Dokumente und Einstellungen\etiena\Startmenü.rar
[2008.03.14 01:38:49 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.05.31 01:47:18 | 000,001,292 | ---- | C] () -- C:\Dokumente und Einstellungen\etiena\Anwendungsdaten\dm.ini
[2007.04.02 01:47:33 | 000,000,664 | ---- | C] () -- C:\Dokumente und Einstellungen\etiena\Lokale Einstellungen\Anwendungsdaten\d3d9caps.dat
[2007.03.27 17:01:41 | 000,003,584 | ---- | C] () -- C:\Dokumente und Einstellungen\etiena\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.07.21 16:06:46 | 000,003,120 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\118300.34
[2006.01.24 00:17:23 | 000,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\etiena\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2005.11.15 01:39:23 | 001,949,696 | ---- | C] () -- C:\Dokumente und Einstellungen\etiena\s-1-5-21-822765324-1220365244-1218344475-1007.rrr
[2005.10.11 00:01:33 | 000,043,160 | ---- | C] () -- C:\Dokumente und Einstellungen\etiena\Anwendungsdaten\wklnhst.dat
[2004.03.22 23:52:44 | 000,000,253 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\hpothb07.tif
[2004.03.22 23:52:44 | 000,000,169 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\hpothb07.dat
========== ZeroAccess Check ==========
[2004.09.26 23:49:29 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.02.21 21:06:28 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011.05.28 19:30:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl
[2012.08.27 20:13:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2010.03.09 17:50:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Driver Whiz
[2009.03.06 17:26:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverScanner
[2009.04.29 23:05:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2006.09.14 01:27:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ideas From the Deep
[2009.12.08 01:08:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware
[2009.06.23 15:01:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MailFrontier
[2007.08.15 02:53:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound
[2009.01.29 17:56:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
[2010.05.28 10:44:23 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\System Restore
[2006.03.28 18:35:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-DSL SpeedManager
[2009.11.27 23:22:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online
[2004.09.12 16:11:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online_ZusatzSoftware
[2013.01.31 20:44:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2009.05.26 11:28:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TrafficMonitor
[2013.02.03 17:35:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Trusteer
[2006.03.19 17:25:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2009.12.08 01:09:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\World Money
[2005.08.06 18:40:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2009.03.05 22:16:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\10 Finger BreakOut
[2012.02.05 17:09:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\AliceHilfe
[2008.05.01 02:53:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\******\Anwendungsdaten\Auslogics
[2008.09.21 01:01:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Buhl Data Service
[2009.12.08 02:38:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\DataDesign
[2006.05.30 15:23:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\FEXtrader
[2010.03.08 03:47:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\FireShot
[2009.03.02 03:16:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Foxit
[2013.02.25 18:12:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Foxit Reader
[2013.03.02 16:17:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Foxit Software
[2008.05.25 14:35:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Free Download Manager
[2013.02.11 16:33:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\GlarySoft
[2010.04.23 12:59:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\hsbc.trinkaus.tsd.tip3.widget.5EC6F2596461310572AED5D9F7195FA70551EC5A.1
[2009.12.09 04:56:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\JAM Software
[2010.03.14 19:17:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Jumping Bytes
[2007.06.25 03:14:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Leadertech\Anwendungsdaten\Lexware
[2009.12.08 01:09:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****
[2007.10.25 19:21:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Magic Academy
[2010.03.16 19:04:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Mobile Master
[2007.09.03 21:40:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\NCH Swift Sound
[2006.04.18 01:02:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\OLYMPUS
[2008.11.17 17:58:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\OpenOffice.org
[2011.07.11 17:17:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Opera
[2006.10.06 16:31:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\Resort Labs
[2009.07.06 02:20:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\T-Online
[2006.07.09 13:54:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Thunderbird
[2008.05.12 15:11:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****
[2009.03.18 15:09:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen******\Anwendungsdaten\tradesignal
[2006.03.19 15:26:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\*****\Anwendungsdaten\TuneUp Software
[2009.12.09 13:02:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\VSRevoGroup
[2008.01.19 15:13:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\****\Anwendungsdaten\Zylom
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:0CE7F3C9
@Alternate Data Stream - 125 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:5C321E34
< End of report >
--- --- ---
PS: Vor einigen Wochen hatte ich Probleme mit 2 Toolbars: V9 + ask , die ungewollt die Suche übernahmen. Sind die noch versteckt vorhanden? |
PHISH/Fraud.AS lässt sich nicht von meinem PC entfernen.
(https://www.trojaner-board.de/132437-phish-fraud-as-laesst-meinem-pc-entfernen.html)
Lesestoff:
GMER herunter: (Dateiname zufällig) 
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.