Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Ich würde gerne wissen ob mein PC wirklich rein ist. OTL Logfile inc. (https://www.trojaner-board.de/101011-wuerde-gerne-wissen-ob-pc-wirklich-rein-otl-logfile-inc.html)

darkwifer 04.07.2011 11:13
Ich würde gerne wissen ob mein PC wirklich rein ist. OTL Logfile inc.
 
Hallo
ich möchte einfach mal zur sicherheit das mein computer rein ist
(weil in letzter zeit gehäufte bluescreens entstehen) ein OTL logfile posten

OTL logfile created on: 04.07.2011 11:56:08 - Run 1
OTL by OldTimer - Version 3.2.25.0 Folder = C:\Users\Daniel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 58,37% Memory free
4,23 Gb Paging File | 2,93 Gb Available in Paging File | 69,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,62 Gb Total Space | 12,10 Gb Free Space | 8,73% Space Free | Partition Type: NTFS
Drive D: | 140,97 Gb Total Space | 99,13 Gb Free Space | 70,32% Space Free | Partition Type: NTFS

Computer Name: DANIEL-PC | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.07.04 11:54:32 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
PRC - [2011.07.04 11:43:35 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Daniel\Downloads\HiJackThis204.exe
PRC - [2011.06.28 15:30:52 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011.06.28 15:30:50 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.25 12:30:46 | 000,884,696 | ---- | M] ({StringFileInfo_CompanyName}) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2011.05.26 11:29:03 | 000,800,768 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2011.04.27 15:30:48 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.02.16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011.01.27 17:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.01.14 14:36:33 | 000,025,984 | ---- | M] (Uniblue Systems Limited) -- C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2010.11.06 15:24:25 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.09.21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010.09.17 11:16:58 | 000,097,624 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2010.01.14 23:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.01.26 16:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.04.25 13:31:40 | 000,319,488 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\SysMonitor.exe
PRC - [2008.04.25 13:31:24 | 000,319,488 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Framework.Launcher.exe
PRC - [2008.04.25 13:30:26 | 000,024,576 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.03.26 07:21:30 | 005,369,856 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.03.04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.03.04 23:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.01.29 12:25:10 | 000,598,016 | ---- | M] () -- C:\Programme\bin32\nSvcAppFlt.exe
PRC - [2008.01.29 12:24:46 | 000,163,840 | ---- | M] () -- C:\Programme\bin32\nSvcIp.exe
PRC - [2008.01.25 18:49:04 | 000,269,448 | ---- | M] (CyberLink) -- C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.06.15 16:55:00 | 000,300,544 | ---- | M] (Nokia.) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2006.11.03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAC207\Monitor.exe


========== Modules (SafeList) ==========

MOD - [2011.07.04 11:54:32 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
MOD - [2011.04.08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee\SiteAdvisor\sahook.dll
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.06.28 22:33:47 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Programme\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011.06.28 15:30:52 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.06.28 15:30:50 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.04.27 15:30:48 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.04.21 13:44:05 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.02.16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011.01.27 17:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.06.07 12:22:00 | 003,549,224 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008.04.25 13:30:26 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.03.04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.01.29 12:25:10 | 000,598,016 | ---- | M] () [Auto | Running] -- C:\Programme\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008.01.29 12:24:46 | 000,163,840 | ---- | M] () [Auto | Running] -- C:\Programme\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2008.01.25 18:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.06.15 16:55:00 | 000,300,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV - [2011.06.28 15:30:58 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.28 15:30:58 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.07.01 14:21:14 | 000,034,896 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2009.08.01 18:34:37 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.08.01 18:34:28 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 03:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.11.12 17:41:54 | 004,179,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.09.29 18:12:04 | 000,012,832 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008.04.22 02:49:00 | 007,451,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.04.22 02:49:00 | 000,043,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.01.29 07:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008.01.25 14:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007.10.12 10:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.02.22 11:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 11:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 11:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007.02.22 11:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006.12.05 11:34:42 | 000,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2005.04.14 14:12:32 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.04.04 12:43:22 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp32&d=1006&m=aspire_x3200
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {3d684ca7-5d30-4a7e-9768-e17df98df80f} - C:\Programme\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMes1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp32&d=1006&m=aspire_x3200
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?rd=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {3d684ca7-5d30-4a7e-9768-e17df98df80f} - C:\Programme\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMes1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Messenger Plus Live Germany Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567732&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://de.msn.com/?ocid=mp"
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.3
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {542e4d79-1970-4e95-9862-fdb96f61b280}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {76aeea42-e04a-4b62-83ab-df4b2be2541e}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.2.0.2
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="


FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011.05.25 15:41:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.05.17 13:21:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.05.17 13:21:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.27 10:35:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.10 18:14:01 | 000,000,000 | ---D | M]

[2009.07.13 13:20:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions
[2011.07.04 00:08:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions
[2010.04.30 18:25:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.27 10:36:53 | 000,000,000 | ---D | M] (Messenger Plus DE Community Toolbar) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{3d684ca7-5d30-4a7e-9768-e17df98df80f}
[2011.06.28 12:04:30 | 000,000,000 | ---D | M] (Messenger Plus Live Germany Community Toolbar) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{542e4d79-1970-4e95-9862-fdb96f61b280}
[2011.06.22 19:50:08 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009.08.26 16:23:37 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(11)
[2011.06.28 12:04:35 | 000,000,000 | ---D | M] (MessengerPlusLive Germany TB Community Toolbar) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}
[2011.06.21 09:19:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.15 06:03:00 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.09 01:01:52 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011.06.30 13:14:04 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\DefaultManager@Microsoft
[2011.04.02 02:35:15 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\engine@conduit.com
[2011.06.28 20:43:21 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus WebGuard) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\toolbar@ask.com
[2010.04.21 12:07:06 | 000,000,957 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\conduit.xml
[2011.07.03 19:48:23 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-1.xml
[2011.03.03 16:13:22 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-2.xml
[2011.03.05 13:36:01 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-3.xml
[2011.03.25 09:35:16 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-4.xml
[2011.04.09 01:55:34 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-5.xml
[2011.05.10 18:14:49 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-6.xml
[2011.05.25 21:52:40 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-7.xml
[2011.06.27 10:36:58 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-8.xml
[2011.06.28 20:47:02 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-9.xml
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin.xml
[2011.04.09 01:01:30 | 000,003,915 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\sweetim.xml
[2011.04.09 09:10:30 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.07.13 12:18:43 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.04.25 10:41:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.20 14:40:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.11 16:10:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.30 12:02:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.09 09:10:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2009.07.19 04:04:14 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009.09.29 16:31:54 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.12.27 14:11:15 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.04.25 10:41:24 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.20 14:40:18 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.11 16:10:05 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.30 12:02:04 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.09 09:10:30 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\DANIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\C9XV440K.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\DANIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\C9XV440K.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.06.27 10:35:51 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009.09.21 11:59:40 | 001,275,296 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\mozilla firefox\plugins\NpFv501.dll
[2011.05.10 18:13:52 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.10 18:13:52 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.05.10 18:13:53 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.10 18:13:53 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.06.21 09:21:33 | 000,001,952 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011.05.10 18:13:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.10 18:13:53 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2011.01.29 00:25:43 | 000,358,536 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 12309 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Messenger Plus DE Toolbar) - {3d684ca7-5d30-4a7e-9768-e17df98df80f} - C:\Programme\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (MessengerPlusLive Germany TB Toolbar) - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMes1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus DE Toolbar) - {3d684ca7-5d30-4a7e-9768-e17df98df80f} - C:\Programme\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (MessengerPlusLive Germany TB Toolbar) - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMes1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Messenger Plus Live Germany Toolbar) - {542E4D79-1970-4E95-9862-FDB96F61B280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (MessengerPlusLive Germany TB Toolbar) - {76AEEA42-E04A-4B62-83AB-DF4B2BE2541E} - C:\Programme\MessengerPlusLive_Germany_TB\tbMes1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Programme\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [AGEIA PhysX SysTray] C:\Programme\AGEIA Technologies\TrayIcon.exe ()
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [EmpoweringTechnology] File not found
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [PlusService] C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ICQ] File not found
O4 - HKCU..\Run: [Sidebar] C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Programme\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} hxxp://messenger.zone.msn.com/EN-US/a-LUXR/mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{93e918f0-9626-11de-8bed-001d72b6afbd}\Shell\AutoRun\command - "" = G:\start.bat
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.07.04 11:54:30 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2011.07.04 11:08:48 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{7D4AC734-4BD1-4E94-AF72-39680E68A797}
[2011.07.03 15:54:32 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{86BFBCA9-E5C7-48F9-812C-386E4B460B22}
[2011.07.01 13:23:58 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{ACA47461-B84A-41A1-9C51-47703752CE51}
[2011.06.30 13:13:03 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{9653E2ED-BC0C-4F47-8AF8-A5A38569ADA8}
[2011.06.30 13:13:02 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{B3DCEAF5-DFE6-48D0-9092-F2D687E8935A}
[2011.06.30 03:03:11 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.06.30 00:01:40 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{3D9F3245-5463-4850-B8FC-535BCEFFF04D}
[2011.06.28 15:43:20 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2011.06.28 11:40:09 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{8DCCA5BD-E545-4951-89B8-25367224C83D}
[2011.06.27 16:17:51 | 000,380,928 | ---- | C] (MSNVirusRemoval.com - Macka's Software) -- C:\Users\Daniel\Desktop\MSNVirusRemover_4.28.7.06.exe
[2011.06.27 16:09:47 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{D055C77B-AF6B-4779-B196-DAE39A0A1438}
[2011.06.27 14:48:30 | 000,000,000 | ---D | C] -- C:\Windows\de
[2011.06.27 14:46:19 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011.06.27 14:25:58 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Windows Live
[2011.06.24 09:20:53 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2011.06.24 09:20:52 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Conduit
[2011.06.24 09:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger_Plus_DE
[2011.06.24 09:17:44 | 000,000,000 | ---D | C] -- C:\Program Files\Yuna Software
[2011.06.20 17:30:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel\.ruslanka
[2011.06.20 17:30:10 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruslanka
[2011.06.12 16:07:17 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\gamigo
[2011.06.12 15:33:44 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\rtool
[2011.06.12 15:33:44 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Repair EN
[2011.06.12 15:33:18 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Launcher
[2011.06.12 15:24:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gamigo AG
[2011.06.12 03:20:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2011.06.06 22:18:18 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Paint.NET
[2008.07.22 10:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.07.04 11:54:32 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2011.07.04 11:17:04 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1962764048-2839661159-4131213997-1000UA.job
[2011.07.04 11:17:04 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1962764048-2839661159-4131213997-1000Core.job
[2011.07.04 11:06:28 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.04 11:06:28 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2011.07.04 11:05:57 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.04 11:05:57 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.04 11:05:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.04 11:05:47 | 2145,931,264 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.04 01:15:38 | 000,056,832 | ---- | M] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.04 01:05:06 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.03 23:53:36 | 210,402,604 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.06.30 13:07:14 | 000,343,128 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.06.30 03:14:04 | 000,736,030 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.06.30 03:14:04 | 000,696,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.30 03:14:04 | 000,168,288 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.06.30 03:14:04 | 000,142,476 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.29 16:00:51 | 000,000,032 | ---- | M] () -- C:\Windows\CD_Start.INI
[2011.06.28 15:30:58 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.06.28 15:30:58 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.06.27 16:17:52 | 000,380,928 | ---- | M] (MSNVirusRemoval.com - Macka's Software) -- C:\Users\Daniel\Desktop\MSNVirusRemover_4.28.7.06.exe
[2011.06.24 09:20:43 | 000,001,910 | ---- | M] () -- C:\Users\Daniel\Desktop\Plus World.lnk
[2011.06.23 15:12:08 | 000,109,684 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2011.06.21 09:19:40 | 000,006,836 | ---- | M] () -- C:\Users\Daniel\AppData\Local\d3d9caps.dat
[2011.06.20 17:30:11 | 000,000,772 | ---- | M] () -- C:\Users\Daniel\Desktop\Ruslanka.lnk
[2011.06.18 09:40:00 | 000,001,674 | ---- | M] () -- C:\Users\Daniel\Desktop\MineCraft.lnk
[2011.06.17 18:16:13 | 000,000,666 | ---- | M] () -- C:\Users\Daniel\Desktop\R.O.H.A.N. Vendetta.lnk
[2011.06.17 17:57:57 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.06.17 17:57:57 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.06.17 17:57:40 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.06.15 08:37:27 | 003,323,083 | ---- | M] () -- C:\Users\Daniel\Documents\Unbenannt (6).wma
[2011.06.15 08:27:00 | 003,596,973 | ---- | M] () -- C:\Users\Daniel\Documents\Unbenannt (5).wma
[2011.06.15 08:06:17 | 001,468,713 | ---- | M] () -- C:\Users\Daniel\Documents\Unbenannt (4).wma
[2011.06.12 15:53:02 | 000,000,427 | ---- | M] () -- C:\Users\Public\Desktop\Register Now.lnk
[2011.06.12 15:53:02 | 000,000,397 | ---- | M] () -- C:\Users\Public\Desktop\Play Now.lnk
[2011.06.09 22:13:07 | 002,568,763 | ---- | M] () -- C:\Users\Daniel\Documents\engel hassen besser.wma
[2011.06.08 19:46:15 | 000,440,503 | ---- | M] () -- C:\Users\Daniel\Documents\Unbenannt (3).wma
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.07.03 23:53:36 | 210,402,604 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.06.27 14:44:31 | 000,001,162 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011.06.27 14:42:18 | 000,001,231 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011.06.27 14:39:36 | 000,002,029 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011.06.24 09:20:43 | 000,001,910 | ---- | C] () -- C:\Users\Daniel\Desktop\Plus World.lnk
[2011.06.20 17:30:12 | 000,000,772 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ruslanka.lnk
[2011.06.20 17:30:11 | 000,000,772 | ---- | C] () -- C:\Users\Daniel\Desktop\Ruslanka.lnk
[2011.06.17 18:15:31 | 000,000,666 | ---- | C] () -- C:\Users\Daniel\Desktop\R.O.H.A.N. Vendetta.lnk
[2011.06.17 17:57:40 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.06.15 08:37:27 | 003,323,083 | ---- | C] () -- C:\Users\Daniel\Documents\Unbenannt (6).wma
[2011.06.15 08:27:00 | 003,596,973 | ---- | C] () -- C:\Users\Daniel\Documents\Unbenannt (5).wma
[2011.06.15 08:06:17 | 001,468,713 | ---- | C] () -- C:\Users\Daniel\Documents\Unbenannt (4).wma
[2011.06.12 15:24:33 | 000,000,427 | ---- | C] () -- C:\Users\Public\Desktop\Register Now.lnk
[2011.06.12 15:24:33 | 000,000,397 | ---- | C] () -- C:\Users\Public\Desktop\Play Now.lnk
[2011.06.09 22:13:07 | 002,568,763 | ---- | C] () -- C:\Users\Daniel\Documents\engel hassen besser.wma
[2011.06.08 19:46:14 | 000,440,503 | ---- | C] () -- C:\Users\Daniel\Documents\Unbenannt (3).wma
[2011.06.06 22:20:07 | 000,000,842 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2011.04.24 16:26:52 | 000,109,684 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.02.19 12:34:36 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2011.02.02 10:06:13 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2011.01.22 21:22:26 | 000,000,292 | ---- | C] () -- C:\Windows\vtmb.ini
[2011.01.10 14:55:21 | 000,026,340 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\UserTile.png
[2010.12.02 22:47:37 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI
[2010.11.06 15:44:19 | 000,182,272 | ---- | C] () -- C:\Windows\patchw32.dll
[2010.09.25 00:06:56 | 000,000,017 | ---- | C] () -- C:\Windows\Missing.ini
[2009.11.07 16:58:11 | 000,695,578 | ---- | C] () -- C:\Windows\unins000.exe
[2009.11.07 16:58:11 | 000,001,214 | ---- | C] () -- C:\Windows\unins000.dat
[2009.10.20 22:47:37 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.10.20 22:47:36 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.27 20:59:00 | 000,009,902 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\NMM-MetaData.db
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.08.01 18:34:37 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.08.01 18:34:28 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.07.29 15:49:43 | 000,001,124 | ---- | C] () -- C:\Windows\wininit.ini
[2009.07.29 12:53:49 | 000,000,632 | ---- | C] () -- C:\Windows\Wlf.INI
[2009.07.26 02:06:04 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009.07.18 00:52:53 | 000,006,836 | ---- | C] () -- C:\Users\Daniel\AppData\Local\d3d9caps.dat
[2009.07.14 01:55:23 | 000,000,022 | ---- | C] () -- C:\Windows\msnmsgr.exe.ini
[2009.07.13 16:59:00 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.07.13 16:12:14 | 000,000,399 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2009.07.13 16:12:12 | 000,040,960 | ---- | C] () -- C:\Windows\98Setup.exe
[2009.07.13 15:17:33 | 000,056,832 | ---- | C] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.13 13:20:06 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.05.09 11:54:41 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.05.09 11:54:41 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.05.09 11:16:47 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.05.09 11:07:26 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008.05.09 11:07:26 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2008.05.09 11:07:26 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2008.05.09 10:55:35 | 000,003,948 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008.01.21 09:15:58 | 000,736,030 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,168,288 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.01.01 13:31:57 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.01.01 13:31:57 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008.01.01 13:31:57 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.01.01 13:31:57 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2008.01.01 13:31:57 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,343,128 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,696,760 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,142,476 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP207.INI
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.10.11 00:32:12 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2006.10.11 00:32:12 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2006.10.11 00:08:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2003.08.18 16:55:48 | 000,086,016 | ---- | C] () -- C:\Windows\System32\LXBKIH.EXE
[2003.08.18 16:46:38 | 000,077,824 | ---- | C] () -- C:\Windows\System32\LXBKLCNP.DLL
[2002.11.13 21:40:22 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbkvs.dll
[2002.09.13 17:40:06 | 000,000,266 | ---- | C] () -- C:\Windows\System32\lxbkcoin.ini
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[2001.01.19 21:50:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\INSTMON.EXE

========== LOP Check ==========

[2009.07.13 23:40:55 | 000,000,000 | -HSD | M] -- C:\Users\Daniel\AppData\Roaming\.#
[2011.02.22 21:51:45 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\.minecraft
[2011.03.25 14:44:32 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\.minecraft server
[2008.05.09 11:28:28 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Acer GameZone Console
[2011.04.15 06:02:59 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.07.13 13:16:28 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\eSobi
[2009.11.07 17:00:03 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Flatcast
[2011.06.12 16:10:19 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\gamigo
[2010.10.02 18:37:32 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\HamsterSoft
[2011.06.30 05:13:19 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ICQ
[2011.06.12 15:33:26 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Launcher
[2011.04.08 12:56:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\LolClient
[2010.10.02 18:52:37 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Nokia
[2011.05.24 19:12:19 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Nokia Multimedia Player
[2011.04.13 15:15:37 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\OpenOffice.org
[2009.08.07 08:37:54 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\PC Suite
[2011.01.10 14:55:21 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\PeerNetworking
[2011.01.04 23:42:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\PhotoScape
[2011.06.12 15:50:10 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Repair EN
[2011.06.12 15:50:09 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\rtool
[2010.09.27 20:13:02 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Screaming Bee
[2011.04.12 13:36:37 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Simfy
[2011.02.27 17:16:10 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TeamViewer
[2011.05.25 15:30:49 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Teeworlds
[2010.12.03 23:58:43 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TS3Client
[2011.01.21 00:26:16 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Uniblue
[2010.12.29 01:46:56 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Warsow 0.6
[2009.07.14 18:04:50 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Zylom
[2011.07.04 11:06:28 | 000,000,334 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2011.07.04 01:20:55 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:4CF61E54

< End of report >

cosinus 05.07.2011 09:02
Zitat:
[2011.06.21 09:19:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.15 06:03:00 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.09 01:01:52 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011.06.30 13:14:04 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\DefaultManager@ Microsoft
[2011.04.02 02:35:15 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\engine@conduit. com
[2011.06.28 20:43:21 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus WebGuard) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\toolbar@ask.com

Hm, was willst du mit diesen sinnfreien biw schädlichen Toolbars auf dem Rechner? Am besten alles entfernen wo Toolbar steht, was in der Systemsteuerung unter Software bzw. Programme und Funktionen zu sehen ist und bei zukünftigen Programminstallation immer die benutzerdefinierte Methode anklicken, damit man bei der Installation mögliche Toolbars abwählen kann.
Deinstalliere bei der Gelegenheit auch alle anderen unnötigen Programme über die Systemsteuerung.

Überleg dir auch gut, ob du in Zukunft weiterhin bei AntiVir bleiben willst. Die haben eine sehr fragwürdige Entscheidung getroffen, was nicht gerade seriös wirkt => http://www.trojaner-board.de/100374-...e-und-ask.html

Zitat:
ob mein PC wirklich rein ist
Sowas wie "wirklich" womit "100%" gemeint ist gibt es nicht.
Annähernd 100% hat man durch Plätten und Neuinstallationdes Systems, anähernd deswegen, weil es niemals 100% Sicherheit gibt, aber man hat die Gewissheit, dass alle Schädlinge aus der vorherigen Windowsinstallation entfernt wurden.


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:58 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131