Ich weiß leider nicht wie man hier Dateien postet darum habe ich meinen OTL Quelltext kopiert:OTL Logfile: Code:
OTL logfile created on: 11/1/2011 9:10:45 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97.65 Gb Total Space | 81.09 Gb Free Space | 83.04% Space Free | Partition Type: NTFS
Drive D: | 368.10 Gb Total Space | 367.53 Gb Free Space | 99.85% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2011/08/31 12:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/01/13 04:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2009/01/05 09:58:21 | 000,068,096 | ---- | M] () [On_Demand] -- C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2008/07/04 06:52:18 | 000,014,336 | ---- | M] (Vodafone) [Auto] -- C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2007/07/24 05:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2006/06/01 15:06:00 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/08/23 21:29:52 | 000,118,272 | ---- | M] (TuneUp Software GmbH) [On_Demand] -- C:\Programme\TuneUpUtilities2006\WinStylerThemeSvc.exe -- (TUWinStylerThemeSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (ulisa) Telekom ISDN-Adapter (USB)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand] -- -- (MBAMSwissArmy)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2011/08/31 12:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/01/13 04:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 04:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 04:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/01/13 04:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 04:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/01/13 04:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/04/22 21:02:00 | 000,440,832 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fwlanusbn.sys -- (fwlanusbn)
DRV - [2009/04/22 21:02:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avmeject.sys -- (avmeject)
DRV - [2009/01/05 09:50:12 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008/04/13 14:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/03/17 05:03:46 | 000,101,376 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2007/07/18 07:26:04 | 004,547,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007/04/17 14:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\regi.sys -- (regi)
DRV - [2006/11/27 11:33:54 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/11/27 11:33:50 | 000,058,368 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/10/18 11:31:38 | 000,105,472 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2006/06/18 18:38:18 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/11 09:39:38 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administration_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland
IE - HKU\Administration_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administration_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = 192.168.1.1
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\test_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20978f0f-2978-4992-ae97-7d373c44e04e}: C:\Programme\Gemeinsame Dateien\Techland\Translator\MozillaTranslator\ [2010/11/12 06:53:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011/09/29 15:03:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011/09/29 15:03:32 | 000,000,000 | ---D | M]
[2009/08/22 04:13:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\mozilla\Extensions
[2011/10/16 04:11:16 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\mozilla\Firefox\Profiles\abihfg5l.default\extensions
[2009/09/03 02:25:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\mozilla\Firefox\Profiles\abihfg5l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/10/16 04:11:16 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009/04/12 13:54:23 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/03/08 11:06:51 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/03/08 11:06:51 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011/03/08 11:06:51 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/03/08 11:06:51 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/03/08 11:06:51 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2004/08/04 08:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (@C:\Programme\Gemeinsame Dateien\Techland\Translator\1031\InternetTranslator.dll,-118) - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Programme\Gemeinsame Dateien\Techland\Translator\InternetTranslator.dll (Techland)
O3 - HKLM\..\Toolbar: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll (Yahoo! Inc.)
O3 - HKU\Administration_ON_C\..\Toolbar\WebBrowser: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll (Yahoo! Inc.)
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Status Monitor.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administration_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\test_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : @C:\Programme\Gemeinsame Dateien\Techland\Translator\1031\InternetTranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Programme\Gemeinsame Dateien\Techland\Translator\InternetTranslator.dll (Techland)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\mahmud.exe) - File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/05 09:07:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{b0e90f6a-90a7-11df-9a7c-001f3f08d4bf}\Shell - "" = AutoRun
O33 - MountPoints2\{b0e90f6a-90a7-11df-9a7c-001f3f08d4bf}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b0e90f6a-90a7-11df-9a7c-001f3f08d4bf}\Shell\AutoRun\command - "" = J:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/11/01 13:18:18 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\test\Eigene Dateien
[2011/11/01 13:18:17 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\test\IETldCache
[2011/11/01 13:16:50 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\test\Anwendungsdaten\Microsoft
[2011/11/01 13:16:50 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\test\SendTo
[2011/11/01 13:16:50 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\test\Anwendungsdaten
[2011/11/01 13:16:50 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\test\Startmenü\Programme\Zubehör
[2011/11/01 13:16:50 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\test\Startmenü
[2011/11/01 13:16:50 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\test\Startmenü\Programme\Autostart
[2011/11/01 13:16:50 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\test\Cookies
[2011/11/01 13:16:50 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\test\Vorlagen
[2011/11/01 13:16:50 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\test\Recent
[2011/11/01 13:16:50 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\test\Netzwerkumgebung
[2011/11/01 13:16:50 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\test\Lokale Einstellungen
[2011/11/01 13:16:50 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\test\Druckumgebung
[2011/11/01 13:16:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\test\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2011/11/01 13:16:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\test\Favoriten
[2011/11/01 13:16:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\test\Desktop
[2011/11/01 12:39:14 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administration\Recent
[2011/11/01 11:50:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\Malwarebytes
[2011/11/01 11:50:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011/11/01 11:50:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011/11/01 11:50:31 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/11/01 11:50:30 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011/11/01 11:50:07 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Administration\Desktop\mbam-setup-1.51.2.1300.exe
[2011/11/01 11:30:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administration\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2011/11/01 11:30:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administration\Lokale Einstellungen\Anwendungsdaten\Macromedia
[2011/11/01 11:30:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administration\Lokale Einstellungen\Anwendungsdaten\Help
[2011/11/01 11:30:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administration\Lokale Einstellungen\Anwendungsdaten\Adobe
[2011/11/01 11:30:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administration\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2011/11/01 11:05:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OpenFM
[2011/11/01 11:05:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\OpenFM
[2011/11/01 10:43:03 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/10/16 08:10:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\Aqise
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/11/01 13:26:34 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/01 13:26:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/01 11:50:34 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/01 11:50:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011/11/01 11:46:23 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Administration\Desktop\mbam-setup-1.51.2.1300.exe
[2011/11/01 10:31:31 | 000,802,113 | ---- | M] () -- C:\Dokumente und Einstellungen\Administration\Desktop\Unlocker1.9.1.exe
[2011/11/01 09:58:58 | 000,452,736 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011/11/01 09:58:58 | 000,435,832 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/11/01 09:58:58 | 000,081,562 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011/11/01 09:58:58 | 000,068,728 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/11/01 09:47:58 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7903AC36-B828-479C-AC0C-C12C759EA372}.job
[2011/10/16 08:06:12 | 000,191,655 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011/10/15 07:20:05 | 000,221,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/14 14:40:11 | 000,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2011/10/03 04:34:11 | 005,971,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/11/01 13:16:50 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\test\Startmenü\Programme\Remoteunterstützung.lnk
[2011/11/01 13:16:50 | 000,000,772 | ---- | C] () -- C:\Dokumente und Einstellungen\test\Startmenü\Programme\Windows Media Player.lnk
[2011/11/01 11:50:34 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/01 11:50:07 | 000,802,113 | ---- | C] () -- C:\Dokumente und Einstellungen\Administration\Desktop\Unlocker1.9.1.exe
[2011/10/14 14:40:11 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/11/12 07:02:04 | 000,000,090 | ---- | C] () -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\XTDocSettings_dt.ini
[2010/08/03 14:51:46 | 000,002,516 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KGyGaAvL.sys
[2010/08/03 14:51:46 | 000,000,088 | RHS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\70F49B3BCF.sys
[2009/12/10 09:05:51 | 000,011,238 | ---- | C] () -- C:\WINDOWS\hpwscr19.dat
[2009/12/10 09:05:28 | 000,116,460 | ---- | C] () -- C:\WINDOWS\hpwins19.dat
[2009/12/10 09:05:28 | 000,000,389 | ---- | C] () -- C:\WINDOWS\hpwmdl19.dat
[2009/12/10 08:45:34 | 000,016,037 | ---- | C] () -- C:\WINDOWS\System32\drivers\fwlanusbn.bin
[2009/11/13 12:34:16 | 000,001,029 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2009/11/13 12:34:16 | 000,000,149 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2009/11/13 12:33:07 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08a.dat
[2009/11/13 12:33:02 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2009/11/13 10:29:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2009/11/13 10:26:48 | 000,000,070 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2009/11/11 13:01:59 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf05a.dat
[2009/11/11 12:52:40 | 000,000,468 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009/11/11 12:52:40 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2009/11/11 12:52:40 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009/08/26 16:10:45 | 000,000,046 | ---- | C] () -- C:\WINDOWS\hmview.ini
[2009/04/12 15:57:34 | 000,000,487 | ---- | C] () -- C:\WINDOWS\Capictrl.INI
[2009/04/12 13:56:48 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WINPHONE.INI
[2009/04/12 13:53:26 | 000,073,728 | ---- | C] () -- C:\WINDOWS\WiaInst.exe
[2009/01/06 09:02:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/01/05 10:06:25 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/01/05 10:00:26 | 000,002,775 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009/01/05 09:49:10 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/01/05 09:44:20 | 000,001,732 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2009/01/05 09:09:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/01/05 09:05:32 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/01/05 08:59:25 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/01/05 08:56:52 | 000,221,632 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/06/23 07:02:02 | 000,097,410 | R--- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DeviceManager.xml.rc4
[2008/05/23 11:48:50 | 000,020,270 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DeviceInstaller.xml
[2006/10/31 02:35:00 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/10/31 02:35:00 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/10/31 02:35:00 | 001,503,232 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/10/31 02:35:00 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/10/31 02:35:00 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/10/31 02:35:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/10/31 02:35:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/10/31 02:35:00 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/10/31 02:35:00 | 000,436,768 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/10/31 02:35:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/06/01 15:06:00 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2006/02/06 06:24:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\Sswiadrv.dll
[2006/02/06 04:05:58 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\WIASTIIO.dll
[2006/02/04 04:28:42 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\WIAEH.dll
[2006/02/01 03:12:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\WIAIPH.dll
[2004/08/04 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 08:00:00 | 000,452,736 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004/08/04 08:00:00 | 000,435,832 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 08:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004/08/04 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 08:00:00 | 000,081,562 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004/08/04 08:00:00 | 000,068,728 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 08:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004/08/04 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 08:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2010/07/16 03:02:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Vodafone
[2011/02/13 03:32:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\22422
[2011/02/13 03:32:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\36509
[2011/02/08 14:21:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\47032
[2011/02/08 14:21:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\59456
[2011/10/16 08:10:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\Aqise
[2011/05/05 06:06:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\Gadu-Gadu 10
[2011/11/01 11:05:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\OpenFM
[2009/11/13 12:42:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\PC-FAX TX
[2009/11/19 10:50:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\TeamViewer
[2010/07/16 03:02:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administration\Anwendungsdaten\Vodafone
[2011/11/01 12:53:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Desktopicon
[2009/01/05 10:06:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TuneUp Software
[2010/12/03 04:42:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[2010/07/22 14:54:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Gadu-Gadu 10
[2011/11/01 11:05:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OpenFM
[2010/12/03 04:50:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2009/01/05 10:06:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010/07/16 03:02:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Vodafone
[2011/05/27 11:15:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job
[2011/11/01 09:47:58 | 000,000,436 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7903AC36-B828-479C-AC0C-C12C759EA372}.job
========== Purity Check ==========
< End of report >
--- --- --- |
