Trojaner-Board - habe von der telekom ein brief bekommen, sind trojaner auf mein pc?

hilfe ich habe die datei efik.exe scannen lassen bei virustotal.com
und habe ein erschreckendes Ergebnis erhalten?!

Code:

File name: efik.exe

Submission date: 2010-08-15 20:35:01 (UTC)

Current status: queued (#4) queued analysing finished
 
 

Result: 20/ 42 (47.6%)

 VT Community
 

not reviewed

 Safety score: -  

Compact Print results Antivirus Version Last Update Result 

AhnLab-V3 2010.08.15.01 2010.08.15 Win-Trojan/Fakeav.165376.AK 

AntiVir 8.2.4.34 2010.08.15 - 

Antiy-AVL 2.0.3.7 2010.08.11 Trojan/Win32.Jorik.gen 

Authentium 5.2.0.5 2010.08.15 - 

Avast 4.8.1351.0 2010.08.15 Win32:Spyware-gen 

Avast5 5.0.332.0 2010.08.15 Win32:Spyware-gen 

AVG 9.0.0.851 2010.08.15 Generic18.ACRT 

BitDefender 7.2 2010.08.15 Backdoor.Bot.125058 

CAT-QuickHeal 11.00 2010.08.14 - 

ClamAV 0.96.0.3-git 2010.08.15 - 

Comodo 5750 2010.08.15 - 

DrWeb 5.0.2.03300 2010.08.15 Trojan.Packed.20538 

Emsisoft 5.0.0.37 2010.08.15 Trojan.Win32.Jorik.Zbot.c!A2 

eSafe 7.0.17.0 2010.08.15 - 

eTrust-Vet 36.1.7790 2010.08.13 - 

F-Prot 4.6.1.107 2010.08.14 - 

F-Secure 9.0.15370.0 2010.08.15 Backdoor.Bot.125058 

Fortinet 4.1.143.0 2010.08.15 - 

GData 21 2010.08.15 Backdoor.Bot.125058 

Ikarus T3.1.1.88.0 2010.08.15 - 

Jiangmin 13.0.900 2010.08.15 Trojan/Jorik.ho 

Kaspersky 7.0.0.125 2010.08.15 Trojan.Win32.Jorik.Zbot.c 

McAfee 5.400.0.1158 2010.08.15 - 

McAfee-GW-Edition 2010.1 2010.08.15 - 

Microsoft 1.6004 2010.08.15 PWS:Win32/Zbot 

NOD32 5368 2010.08.15 Win32/Spy.Zbot.YW 

Norman 6.05.11 2010.08.15 - 

nProtect 2010-08-15.01 2010.08.15 Trojan/W32.Jorik.165376 

Panda 10.0.2.7 2010.08.15 Trj/Downloader.MDW 

PCTools 7.0.3.5 2010.08.15 - 

Prevx 3.0 2010.08.15 High Risk Cloaked Malware 

Rising 22.60.06.04 2010.08.15 - 

Sophos 4.56.0 2010.08.15 Mal/FakeAV-CH 

Sunbelt 6738 2010.08.15 - 

SUPERAntiSpyware 4.40.0.1006 2010.08.15 - 

Symantec 20101.1.1.7 2010.08.15 - 

TheHacker 6.5.2.1.348 2010.08.15 Trojan/Jorik.Zbot.c 

TrendMicro 9.120.0.1004 2010.08.15 - 

TrendMicro-HouseCall 9.120.0.1004 2010.08.15 - 

VBA32 3.12.14.0 2010.08.13 - 

ViRobot 2010.8.9.3978 2010.08.15 - 

VirusBuster 5.0.27.0 2010.08.15 TrojanSpy.Zbot.AEYN

2. scan mit OTL :

Code:

OTL logfile created on: 15.08.2010 22:39:43 - Run 1

OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Standard\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18943)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 79,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 216,90 Gb Total Space | 71,30 Gb Free Space | 32,87% Space Free | Partition Type: NTFS

Drive D: | 106,45 Gb Total Space | 105,54 Gb Free Space | 99,15% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: STANDARD-PC

Current User Name: Standard

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 
 ========== Processes (SafeList) ==========

 

PRC - [2010.08.15 22:39:25 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Downloads\OTL.exe

PRC - [2010.06.28 13:01:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe

PRC - [2010.06.28 12:59:52 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

PRC - [2010.06.15 17:49:54 | 000,493,048 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

PRC - [2010.06.15 17:49:50 | 000,738,808 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe

PRC - [2010.06.02 16:58:20 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe

PRC - [2010.05.17 13:14:12 | 002,345,680 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

PRC - [2010.01.27 02:58:38 | 000,256,280 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe

PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

PRC - [2010.01.11 22:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2009.05.19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

PRC - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

PRC - [2009.03.02 13:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2009.02.06 19:21:00 | 000,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe

PRC - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2008.10.14 15:03:48 | 000,232,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\FSMB32.EXE

PRC - [2008.10.14 15:03:40 | 000,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE

PRC - [2008.10.14 15:03:36 | 000,404,064 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\FAMEH32.EXE

PRC - [2008.10.14 15:03:36 | 000,125,592 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\FCH32.EXE

PRC - [2008.07.26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

PRC - [2008.07.26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

 

 
 ========== Modules (SafeList) ==========

 

MOD - [2010.08.15 22:39:25 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Downloads\OTL.exe

MOD - [2010.06.15 17:50:00 | 000,640,504 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll

MOD - [2009.03.30 06:42:16 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe4\msvcr80.dll

MOD - [2009.03.30 06:42:16 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe4\msvcp80.dll

MOD - [2008.07.26 08:25:24 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Windows\Temp\logishrd\LVPrcInj01.dll

MOD - [2008.01.18 23:33:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - File not found [Auto | Stopped] -- C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)

SRV - [2010.08.10 22:42:12 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2010.06.28 13:01:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)

SRV - [2010.06.15 17:49:54 | 000,493,048 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)

SRV - [2010.06.02 16:58:20 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)

SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)

SRV - [2010.01.11 22:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009.08.05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)

SRV - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2009.07.20 13:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)

SRV - [2009.05.19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)

SRV - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2009.05.06 11:29:10 | 000,120,640 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.20506\SMSvcHost.exe -- (NetTcpPortSharing)

SRV - [2009.05.06 11:29:10 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.20506\aspnet_state.exe -- (aspnet_state)

SRV - [2009.05.06 09:08:16 | 000,104,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.20506\mscorsvw.exe -- (clr_optimization_v4.0.20506_32)

SRV - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

SRV - [2008.10.14 15:03:40 | 000,117,400 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE -- (FSMA)

SRV - [2008.07.26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)

SRV - [2008.07.26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)

SRV - [2008.03.09 13:54:58 | 000,187,120 | ---- | M] (Systweak Inc) [Auto | Stopped] -- C:\Program Files\Systweak\Systweak CacheBoost\cbsrv.exe -- (CacheBoost Service)

SRV - [2008.01.18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2006.12.14 17:00:00 | 000,544,768 | ---- | M] (Magix AG) [Disabled | Stopped] -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)

SRV - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () [Disabled | Stopped] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)

SRV - [2005.11.17 15:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vsdatant.win7.sys -- (vsdatant7)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Program Files\F-Secure Internet Security\Anti-Virus\Win2K\FSrec.sys -- (F-Secure Recognizer)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\F-Secure Internet Security\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Program Files\F-Secure Internet Security\Anti-Virus\Win2K\FSfilter.sys -- (F-Secure Filter)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)

DRV - [2010.06.15 17:49:46 | 000,026,872 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)

DRV - [2010.05.15 16:30:46 | 000,457,304 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)

DRV - [2010.01.12 06:03:33 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2009.11.25 12:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2009.10.19 18:03:41 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)

DRV - [2009.10.19 18:03:40 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)

DRV - [2009.08.23 01:16:26 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)

DRV - [2009.08.05 23:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)

DRV - [2009.06.17 18:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)

DRV - [2009.06.17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)

DRV - [2009.06.17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)

DRV - [2009.05.11 10:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2009.04.07 21:06:26 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)

DRV - [2009.03.30 10:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2008.07.26 08:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)

DRV - [2008.01.18 23:41:26 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2007.10.12 02:00:44 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)

DRV - [2007.10.12 01:56:22 | 000,490,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)

DRV - [2007.07.18 19:32:40 | 001,841,312 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2007.07.12 16:35:02 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)

DRV - [2007.07.02 17:37:10 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)

DRV - [2007.07.02 17:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)

DRV - [2007.06.13 23:47:12 | 000,048,256 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)

DRV - [2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ViPrt.sys -- (ViPrt)

DRV - [2007.03.26 15:26:00 | 000,016,896 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ViBus.sys -- (ViBus)

DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)

DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)

DRV - [2006.09.05 19:59:18 | 000,097,088 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se58mdm.sys -- (se58mdm)

DRV - [2006.09.05 19:59:14 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se58mdfl.sys -- (se58mdfl)

DRV - [2006.09.05 19:58:26 | 000,061,536 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se58bus.sys -- (se58bus) Sony Ericsson Device 088 driver (WDM)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 2B 1D 76 75 06 CB 01  [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "ICQ Search"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"

FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.117

FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088

FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6

FF - prefs.js..extensions.enabledItems: {49f3fc85-dcfe-4e42-9301-226ebe658509}:0.6.6

FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004

FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0

FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971

FF - prefs.js..extensions.enabledItems: searchrecs@veoh.com:1.5.1

FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105

FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:2.6.0.15

FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q="

 

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v4.0.20506\WPF\DotNetAssistantExtension\ [2009.09.11 14:23:37 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010.08.14 21:47:03 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.23 14:17:55 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.08.13 09:11:14 | 000,000,000 | ---D | M]

 

[2009.03.28 14:03:22 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions

[2009.03.28 14:03:22 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

[2010.08.14 21:18:04 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions

[2009.09.03 20:09:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010.04.15 04:57:47 | 000,000,000 | ---D | M] (LinkChecker) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\{49f3fc85-dcfe-4e42-9301-226ebe658509}

[2009.11.19 22:17:04 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2010.07.14 23:42:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

[2010.07.21 06:34:01 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}

[2010.08.14 21:18:06 | 000,000,000 | ---D | M] (ZoneAlarm-Sicherheit Toolbar) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}

[2009.05.16 02:15:26 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\moveplayer@movenetworks.com

[2009.11.23 21:44:03 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\searchrecs@veoh.com

[2010.06.06 03:42:24 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\toolbar@ask.com

[2010.05.17 14:32:00 | 000,002,253 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\askcom.xml

[2009.04.08 23:54:53 | 000,000,440 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\daemon-search.xml

[2010.08.08 00:37:48 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-1.xml

[2009.11.18 05:19:16 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-2.xml

[2009.12.20 05:36:08 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-3.xml

[2010.01.08 06:22:30 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-4.xml

[2010.02.18 21:48:52 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-5.xml

[2010.04.03 02:03:14 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-6.xml

[2010.05.17 14:31:54 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-7.xml

[2010.07.14 23:43:00 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-8.xml

[2010.07.14 23:42:52 | 000,000,168 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin.gif

[2010.07.14 23:42:52 | 000,000,618 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin.src

[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin.xml

[2010.08.14 21:18:58 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions

[2009.09.09 11:13:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

[2009.03.24 11:10:44 | 000,114,688 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll

[2010.07.23 14:17:50 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2010.07.23 14:17:50 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2010.07.23 14:17:50 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2010.07.23 14:17:50 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2010.07.23 14:17:50 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2010.06.08 01:32:24 | 000,403,666 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: 127.0.0.1        www.007guard.com

O1 - Hosts: 127.0.0.1        007guard.com

O1 - Hosts: 127.0.0.1        008i.com

O1 - Hosts: 127.0.0.1        www.008k.com

O1 - Hosts: 127.0.0.1        008k.com

O1 - Hosts: 127.0.0.1        www.00hq.com

O1 - Hosts: 127.0.0.1        00hq.com

O1 - Hosts: 127.0.0.1        010402.com

O1 - Hosts: 127.0.0.1        www.032439.com

O1 - Hosts: 127.0.0.1        032439.com

O1 - Hosts: 127.0.0.1        www.0scan.com

O1 - Hosts: 127.0.0.1        0scan.com

O1 - Hosts: 127.0.0.1        1000gratisproben.com

O1 - Hosts: 127.0.0.1        www.1000gratisproben.com

O1 - Hosts: 127.0.0.1        1001namen.com

O1 - Hosts: 127.0.0.1        www.1001namen.com

O1 - Hosts: 127.0.0.1        100888290cs.com

O1 - Hosts: 127.0.0.1        www.100888290cs.com

O1 - Hosts: 127.0.0.1        www.100sexlinks.com

O1 - Hosts: 127.0.0.1        100sexlinks.com

O1 - Hosts: 127.0.0.1        10sek.com

O1 - Hosts: 127.0.0.1        www.10sek.com

O1 - Hosts: 127.0.0.1        www.1-2005-search.com

O1 - Hosts: 127.0.0.1        1-2005-search.com

O1 - Hosts: 13964 more lines...

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)

O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)

O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)

O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)

O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)

O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)

O4 - HKCU..\Run: [{427D3F2C-68EF-BD1E-D392-1BECB0DD60B1}] C:\Users\Standard\AppData\Roaming\Ivga\efik.exe ()

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} https://stream.web.de/mail/activex/mail_upload_11213.cab (Attachment Upload Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)

O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O24 - Desktop BackupWallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{5fc4d1f3-23a7-11de-9f15-e4ff96c00dd0}\Shell - "" = AutoRun

O33 - MountPoints2\{5fc4d1f3-23a7-11de-9f15-e4ff96c00dd0}\Shell\AutoRun\command - "" = L:\autorun.exe -- File not found

O33 - MountPoints2\{5fc4d1f5-23a7-11de-9f15-e4ff96c00dd0}\Shell - "" = AutoRun

O33 - MountPoints2\{5fc4d1f5-23a7-11de-9f15-e4ff96c00dd0}\Shell\AutoRun\command - "" = M:\RunGame.exe -- File not found

O33 - MountPoints2\{5fc4d213-23a7-11de-9f15-e4ff96c00dd0}\Shell - "" = AutoRun

O33 - MountPoints2\{5fc4d213-23a7-11de-9f15-e4ff96c00dd0}\Shell\AutoRun\command - "" = N:\Autorun.exe -- File not found

O33 - MountPoints2\{82640234-24f3-11de-8d68-d15cbd9629c2}\Shell - "" = AutoRun

O33 - MountPoints2\{82640234-24f3-11de-8d68-d15cbd9629c2}\Shell\AutoRun\command - "" = O:\autorun.exe -- File not found

O33 - MountPoints2\{c20f525a-00dd-11de-924b-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{c20f525a-00dd-11de-924b-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2010.08.14 21:19:05 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\ForceField Shared Files

[2010.08.14 21:19:04 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\CheckPoint

[2010.08.14 21:17:55 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit

[2010.08.14 21:17:54 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm-Sicherheit

[2010.08.14 21:17:40 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint

[2010.08.14 21:17:29 | 000,046,592 | ---- | C] (Zone Labs Inc.) -- C:\Windows\System32\vsutil_loc0407.dll

[2010.08.14 21:17:25 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsregexp.dll

[2010.08.14 21:16:59 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys

[2010.08.14 21:16:26 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zlcommdb.dll

[2010.08.14 21:16:26 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zlcomm.dll

[2010.08.14 21:16:19 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vswmi.dll

[2010.08.14 21:16:14 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zpeng25.dll

[2010.08.14 21:16:14 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsxml.dll

[2010.08.14 21:16:13 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vspubapi.dll

[2010.08.14 21:16:13 | 000,107,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsmonapi.dll

[2010.08.14 21:16:12 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsdata.dll

[2010.08.14 21:15:56 | 000,457,304 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\drivers\vsdatant.sys

[2010.08.14 21:15:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\ZoneLabs

[2010.08.14 21:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs

[2010.08.14 21:15:30 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint

[2010.08.14 21:15:29 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsinit.dll

[2010.08.14 21:15:29 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs

[2010.08.14 21:15:28 | 000,713,728 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsutil.dll

[2010.08.13 22:52:56 | 000,000,000 | ---D | C] -- C:\Users\Standard\Desktop\Neuer Ordner

[2010.08.12 21:22:09 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan

[2010.08.12 21:22:09 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

[2010.08.12 21:22:06 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan

[2010.08.11 00:42:00 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2010.08.11 00:42:00 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2010.08.11 00:42:00 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2010.08.11 00:42:00 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2010.08.11 00:42:00 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2010.08.11 00:42:00 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2010.08.11 00:41:59 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2010.08.11 00:41:59 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2010.08.11 00:41:59 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2010.08.11 00:41:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2010.08.11 00:41:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2010.08.11 00:41:59 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2010.08.11 00:41:59 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2010.08.11 00:41:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2010.08.11 00:41:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2010.08.11 00:41:56 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll

[2010.08.11 00:41:44 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2010.08.11 00:41:40 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll

[2010.08.11 00:41:22 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2010.08.11 00:41:22 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2010.08.10 22:49:03 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\2K Games

[2010.08.10 22:48:37 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll

[2010.08.10 22:48:37 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll

[2010.08.10 22:48:37 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll

[2010.08.10 22:48:37 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll

[2010.08.10 22:48:37 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll

[2010.08.10 22:48:37 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll

[2010.08.10 22:48:36 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll

[2010.08.10 22:48:36 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll

[2010.08.10 22:48:36 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll

[2010.08.10 22:48:36 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll

[2010.08.10 22:48:36 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll

[2010.08.10 22:48:36 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll

[2010.08.10 22:48:36 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll

[2010.08.10 22:48:36 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll

[2010.08.10 22:48:36 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll

[2010.08.10 22:48:36 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll

[2010.08.10 22:48:35 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll

[2010.08.10 22:48:33 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll

[2010.08.10 22:48:31 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll

[2010.08.10 22:48:31 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll

[2010.08.10 22:48:31 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll

[2010.08.10 22:39:56 | 000,000,000 | ---D | C] -- C:\Users\Standard\Desktop\MafiaIIDemo

[2010.08.10 22:27:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam

[2010.08.10 22:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Steam

[2010.08.09 20:26:07 | 001,279,192 | ---- | C] (IObit                                                       ) -- C:\Users\Standard\Desktop\gamebooster_151.exe

[2010.08.05 04:40:12 | 000,000,000 | ---D | C] -- C:\Users\Standard\Desktop\neuuu

[2010.07.31 02:52:31 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\.purple

[2010.07.31 02:51:44 | 000,000,000 | ---D | C] -- C:\Program Files\Pidgin

[2010.07.25 02:47:19 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM

[2010.07.24 22:55:59 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll

[2010.07.24 22:20:00 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Rockstar Games

[2010.07.22 00:47:06 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\astragon Software GmbH

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2010.08.15 22:42:56 | 008,650,752 | ---- | M] () -- C:\Users\Standard\ntuser.dat

[2010.08.15 21:25:16 | 000,053,164 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2010.08.15 21:25:16 | 000,053,164 | ---- | M] () -- C:\ProgramData\nvModes.001

[2010.08.15 21:24:46 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job

[2010.08.15 21:24:45 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010.08.15 21:24:42 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010.08.15 21:24:42 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010.08.15 21:24:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010.08.15 21:23:47 | 3219,644,416 | -HS- | M] () -- C:\hiberfil.sys

[2010.08.15 10:51:35 | 000,524,288 | -HS- | M] () -- C:\Users\Standard\ntuser.dat{dc609bfd-582a-11df-b860-dbde0ba0b6e5}.TMContainer00000000000000000001.regtrans-ms

[2010.08.15 10:51:35 | 000,065,536 | -HS- | M] () -- C:\Users\Standard\ntuser.dat{dc609bfd-582a-11df-b860-dbde0ba0b6e5}.TM.blf

[2010.08.15 10:51:25 | 005,148,992 | -H-- | M] () -- C:\Users\Standard\AppData\Local\IconCache.db

[2010.08.14 21:19:28 | 000,421,442 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml

[2010.08.14 21:17:32 | 000,000,877 | ---- | M] () -- C:\Users\Standard\Desktop\ZoneAlarm Security.lnk

[2010.08.14 21:17:31 | 000,005,977 | ---- | M] () -- C:\Windows\System32\vsconfig.xml

[2010.08.14 21:13:54 | 048,045,056 | ---- | M] () -- C:\Users\Standard\Desktop\zaSetup_92_058_000_de.exe

[2010.08.13 22:55:20 | 001,650,452 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010.08.13 22:55:20 | 000,705,786 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2010.08.13 22:55:20 | 000,668,804 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010.08.13 22:55:20 | 000,152,416 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2010.08.13 22:55:20 | 000,127,858 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010.08.12 21:22:08 | 000,001,719 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

[2010.08.12 21:22:08 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2010.08.12 19:45:39 | 000,423,073 | ---- | M] () -- C:\Users\Standard\Desktop\mafia2.time.freez.rar

[2010.08.11 21:58:49 | 002,243,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010.08.10 22:44:26 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk

[2010.08.10 22:27:02 | 001,598,976 | ---- | M] () -- C:\Users\Standard\Desktop\SteamInstall.msi

[2010.08.10 13:58:25 | 001,037,617 | ---- | M] () -- C:\Users\Standard\Desktop\MafiaII.exe

[2010.08.09 20:26:56 | 000,000,891 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk

[2010.08.09 20:26:56 | 000,000,883 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk

[2010.08.09 20:26:13 | 001,279,192 | ---- | M] (IObit                                                       ) -- C:\Users\Standard\Desktop\gamebooster_151.exe

[2010.08.09 20:25:43 | 000,260,400 | ---- | M] () -- C:\Users\Standard\Desktop\SoftonicDownloader80984.exe

[2010.08.08 22:29:35 | 000,053,248 | ---- | M] () -- C:\Users\Standard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.08.03 04:42:47 | 000,000,218 | ---- | M] () -- C:\Users\Standard\.recently-used.xbel

[2010.07.24 22:55:59 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll

[2010.07.23 20:14:42 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2010.08.14 21:17:32 | 000,000,877 | ---- | C] () -- C:\Users\Standard\Desktop\ZoneAlarm Security.lnk

[2010.08.14 21:17:31 | 000,005,977 | ---- | C] () -- C:\Windows\System32\vsconfig.xml

[2010.08.14 21:15:56 | 000,421,442 | -H-- | C] () -- C:\Windows\System32\drivers\vsconfig.xml

[2010.08.14 21:13:52 | 048,045,056 | ---- | C] () -- C:\Users\Standard\Desktop\zaSetup_92_058_000_de.exe

[2010.08.12 21:22:08 | 000,001,719 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

[2010.08.12 21:22:08 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2010.08.12 19:40:37 | 001,037,617 | ---- | C] () -- C:\Users\Standard\Desktop\MafiaII.exe

[2010.08.12 04:47:37 | 000,423,073 | ---- | C] () -- C:\Users\Standard\Desktop\mafia2.time.freez.rar

[2010.08.10 22:27:48 | 000,000,792 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk

[2010.08.10 22:26:53 | 001,598,976 | ---- | C] () -- C:\Users\Standard\Desktop\SteamInstall.msi

[2010.08.09 20:26:56 | 000,000,891 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk

[2010.08.09 20:26:56 | 000,000,883 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster.lnk

[2010.08.09 20:25:43 | 000,260,400 | ---- | C] () -- C:\Users\Standard\Desktop\SoftonicDownloader80984.exe

[2010.08.03 04:42:47 | 000,000,218 | ---- | C] () -- C:\Users\Standard\.recently-used.xbel

[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

[2009.10.19 18:03:40 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys

[2009.10.19 18:03:39 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys

[2009.09.17 02:02:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009.04.07 21:06:26 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys

[2009.03.18 18:42:50 | 000,077,824 | ---- | C] () -- C:\Windows\System32\HPZIDS01.dll

[2009.03.17 17:31:23 | 000,000,848 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys

[2008.07.26 08:25:02 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys

[2007.10.18 13:56:14 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll

[2007.10.18 13:56:14 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini

[2007.10.18 13:46:46 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll

[2007.10.12 01:11:58 | 000,059,500 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006.08.11 09:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll

[2002.03.17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000096.DLL

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 72 bytes -> C:\Windows:4F9666BB02E53299

@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:6CC69D3C

@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:18AE7C5A

< End of report >

2.Scan mit OTL nach dem MAM durchgeführt wurde.

Code:

OTL logfile created on: 16.08.2010 19:23:06 - Run 2

OTL by OldTimer - Version 3.2.9.1     Folder = C:\Users\Standard\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18943)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free

6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 216,90 Gb Total Space | 70,80 Gb Free Space | 32,64% Space Free | Partition Type: NTFS

Drive D: | 106,45 Gb Total Space | 105,54 Gb Free Space | 99,15% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

Drive F: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: STANDARD-PC

Current User Name: Standard

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 
 ========== Processes (SafeList) ==========

 

PRC - [2010.08.15 22:39:25 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Downloads\OTL.exe

PRC - [2010.06.28 13:01:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe

PRC - [2010.06.28 12:59:52 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

PRC - [2010.06.15 17:49:54 | 000,493,048 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

PRC - [2010.06.15 17:49:50 | 000,738,808 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe

PRC - [2010.06.02 16:58:20 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe

PRC - [2010.05.17 13:14:12 | 002,345,680 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

PRC - [2010.01.27 02:58:38 | 000,256,280 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe

PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

PRC - [2010.01.11 22:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2009.05.19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

PRC - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe

PRC - [2009.03.02 13:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2009.02.06 19:21:00 | 000,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe

PRC - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2008.10.14 15:03:48 | 000,232,088 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\FSMB32.EXE

PRC - [2008.10.14 15:03:40 | 000,117,400 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE

PRC - [2008.10.14 15:03:36 | 000,404,064 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\FAMEH32.EXE

PRC - [2008.10.14 15:03:36 | 000,125,592 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\FCH32.EXE

PRC - [2008.07.26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

PRC - [2008.07.26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

 

 
 ========== Modules (SafeList) ==========

 

MOD - [2010.08.15 22:39:25 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Standard\Downloads\OTL.exe

MOD - [2010.06.15 17:50:00 | 000,640,504 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll

MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll

MOD - [2009.03.30 06:42:16 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe4\msvcr80.dll

MOD - [2009.03.30 06:42:16 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4016_none_d0893820442e7fe4\msvcp80.dll

MOD - [2008.07.26 08:25:24 | 000,109,080 | ---- | M] (Logitech Inc.) -- C:\Windows\Temp\logishrd\LVPrcInj01.dll

MOD - [2008.01.18 23:33:02 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - File not found [Auto | Stopped] -- C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)

SRV - [2010.08.10 22:42:12 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2010.06.28 13:01:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)

SRV - [2010.06.15 17:49:54 | 000,493,048 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)

SRV - [2010.06.02 16:58:20 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)

SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)

SRV - [2010.01.11 22:00:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009.08.05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)

SRV - [2009.07.21 14:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2009.07.20 13:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe -- (LBTServ)

SRV - [2009.05.19 12:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)

SRV - [2009.05.13 16:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2009.05.06 11:29:10 | 000,120,640 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.20506\SMSvcHost.exe -- (NetTcpPortSharing)

SRV - [2009.05.06 11:29:10 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.20506\aspnet_state.exe -- (aspnet_state)

SRV - [2009.05.06 09:08:16 | 000,104,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.20506\mscorsvw.exe -- (clr_optimization_v4.0.20506_32)

SRV - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)

SRV - [2008.10.14 15:03:40 | 000,117,400 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE -- (FSMA)

SRV - [2008.07.26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)

SRV - [2008.07.26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)

SRV - [2008.03.09 13:54:58 | 000,187,120 | ---- | M] (Systweak Inc) [Auto | Stopped] -- C:\Program Files\Systweak\Systweak CacheBoost\cbsrv.exe -- (CacheBoost Service)

SRV - [2008.01.18 23:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2006.12.14 17:00:00 | 000,544,768 | ---- | M] (Magix AG) [Disabled | Stopped] -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)

SRV - [2006.11.02 20:40:12 | 000,174,656 | ---- | M] () [Disabled | Stopped] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)

SRV - [2005.11.17 15:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vsdatant.win7.sys -- (vsdatant7)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Program Files\F-Secure Internet Security\Anti-Virus\Win2K\FSrec.sys -- (F-Secure Recognizer)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\F-Secure Internet Security\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Program Files\F-Secure Internet Security\Anti-Virus\Win2K\FSfilter.sys -- (F-Secure Filter)

DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)

DRV - [2010.06.15 17:49:46 | 000,026,872 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)

DRV - [2010.05.15 16:30:46 | 000,457,304 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)

DRV - [2010.01.12 06:03:33 | 011,586,280 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2009.11.25 12:19:02 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2009.10.19 18:03:41 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)

DRV - [2009.10.19 18:03:40 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)

DRV - [2009.08.23 01:16:26 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)

DRV - [2009.08.05 23:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)

DRV - [2009.06.17 18:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)

DRV - [2009.06.17 18:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)

DRV - [2009.06.17 18:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)

DRV - [2009.05.11 10:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2009.04.07 21:06:26 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)

DRV - [2009.03.30 10:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2008.07.26 08:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)

DRV - [2008.01.18 23:41:26 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)

DRV - [2007.10.12 02:00:44 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)

DRV - [2007.10.12 01:56:22 | 000,490,776 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)

DRV - [2007.07.18 19:32:40 | 001,841,312 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2007.07.12 16:35:02 | 000,305,176 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)

DRV - [2007.07.02 17:37:10 | 000,131,616 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvrd32.sys -- (nvrd32)

DRV - [2007.07.02 17:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor32.sys -- (nvstor32)

DRV - [2007.06.13 23:47:12 | 000,048,256 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)

DRV - [2007.03.26 15:26:00 | 000,052,224 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ViPrt.sys -- (ViPrt)

DRV - [2007.03.26 15:26:00 | 000,016,896 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ViBus.sys -- (ViBus)

DRV - [2006.11.02 11:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)

DRV - [2006.11.02 11:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)

DRV - [2006.11.02 11:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)

DRV - [2006.11.02 11:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)

DRV - [2006.11.02 11:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)

DRV - [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)

DRV - [2006.11.02 11:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)

DRV - [2006.11.02 11:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)

DRV - [2006.11.02 11:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)

DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)

DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)

DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)

DRV - [2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)

DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)

DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)

DRV - [2006.11.02 11:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)

DRV - [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)

DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)

DRV - [2006.11.02 11:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)

DRV - [2006.11.02 11:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2006.11.02 11:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)

DRV - [2006.11.02 11:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)

DRV - [2006.11.02 11:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)

DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)

DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)

DRV - [2006.11.02 11:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)

DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)

DRV - [2006.11.02 11:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)

DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)

DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)

DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)

DRV - [2006.11.02 11:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)

DRV - [2006.11.02 11:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)

DRV - [2006.11.02 11:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)

DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)

DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)

DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)

DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)

DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)

DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

DRV - [2006.11.02 09:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)

DRV - [2006.09.05 19:59:18 | 000,097,088 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se58mdm.sys -- (se58mdm)

DRV - [2006.09.05 19:59:14 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se58mdfl.sys -- (se58mdfl)

DRV - [2006.09.05 19:58:26 | 000,061,536 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\se58bus.sys -- (se58bus) Sony Ericsson Device 088 driver (WDM)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 2B 1D 76 75 06 CB 01  [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "ICQ Search"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"

FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.6.117

FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088

FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6

FF - prefs.js..extensions.enabledItems: {49f3fc85-dcfe-4e42-9301-226ebe658509}:0.6.6

FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004

FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0

FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971

FF - prefs.js..extensions.enabledItems: searchrecs@veoh.com:1.5.1

FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.5.4.20081105

FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:2.6.0.15

FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.232.0

FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q="

 

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v4.0.20506\WPF\DotNetAssistantExtension\ [2009.09.11 14:23:37 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010.08.14 21:47:03 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.07.23 14:17:55 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.08.13 09:11:14 | 000,000,000 | ---D | M]

 

[2009.03.28 14:03:22 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions

[2009.03.28 14:03:22 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org

[2010.08.15 22:41:40 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions

[2009.09.03 20:09:58 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010.04.15 04:57:47 | 000,000,000 | ---D | M] (LinkChecker) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\{49f3fc85-dcfe-4e42-9301-226ebe658509}

[2009.11.19 22:17:04 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2010.07.14 23:42:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

[2010.07.21 06:34:01 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}

[2010.08.14 21:18:06 | 000,000,000 | ---D | M] (ZoneAlarm-Sicherheit Toolbar) -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}

[2009.05.16 02:15:26 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\moveplayer@movenetworks.com

[2009.11.23 21:44:03 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\searchrecs@veoh.com

[2010.06.06 03:42:24 | 000,000,000 | ---D | M] -- C:\Users\Standard\AppData\Roaming\mozilla\Firefox\Profiles\e4ndxa7a.default\extensions\toolbar@ask.com

[2010.05.17 14:32:00 | 000,002,253 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\askcom.xml

[2010.06.15 00:31:50 | 000,000,943 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\conduit.xml

[2009.04.08 23:54:53 | 000,000,440 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\daemon-search.xml

[2010.08.15 22:51:28 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-1.xml

[2009.11.18 05:19:16 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-2.xml

[2009.12.20 05:36:08 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-3.xml

[2010.01.08 06:22:30 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-4.xml

[2010.02.18 21:48:52 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-5.xml

[2010.04.03 02:03:14 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-6.xml

[2010.05.17 14:31:54 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-7.xml

[2010.07.14 23:43:00 | 000,000,961 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin-8.xml

[2010.07.14 23:42:52 | 000,000,168 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin.gif

[2010.07.14 23:42:52 | 000,000,618 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin.src

[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Standard\AppData\Roaming\Mozilla\FireFox\Profiles\e4ndxa7a.default\searchplugins\icqplugin.xml

[2010.08.14 21:18:58 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions

[2009.09.09 11:13:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

[2009.03.24 11:10:44 | 000,114,688 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll

[2010.07.23 14:17:50 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2010.07.23 14:17:50 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2010.07.23 14:17:50 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2010.07.23 14:17:50 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2010.07.23 14:17:50 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2010.06.08 01:32:24 | 000,403,666 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: 127.0.0.1        www.007guard.com

O1 - Hosts: 127.0.0.1        007guard.com

O1 - Hosts: 127.0.0.1        008i.com

O1 - Hosts: 127.0.0.1        www.008k.com

O1 - Hosts: 127.0.0.1        008k.com

O1 - Hosts: 127.0.0.1        www.00hq.com

O1 - Hosts: 127.0.0.1        00hq.com

O1 - Hosts: 127.0.0.1        010402.com

O1 - Hosts: 127.0.0.1        www.032439.com

O1 - Hosts: 127.0.0.1        032439.com

O1 - Hosts: 127.0.0.1        www.0scan.com

O1 - Hosts: 127.0.0.1        0scan.com

O1 - Hosts: 127.0.0.1        1000gratisproben.com

O1 - Hosts: 127.0.0.1        www.1000gratisproben.com

O1 - Hosts: 127.0.0.1        1001namen.com

O1 - Hosts: 127.0.0.1        www.1001namen.com

O1 - Hosts: 127.0.0.1        100888290cs.com

O1 - Hosts: 127.0.0.1        www.100888290cs.com

O1 - Hosts: 127.0.0.1        www.100sexlinks.com

O1 - Hosts: 127.0.0.1        100sexlinks.com

O1 - Hosts: 127.0.0.1        10sek.com

O1 - Hosts: 127.0.0.1        www.10sek.com

O1 - Hosts: 127.0.0.1        www.1-2005-search.com

O1 - Hosts: 127.0.0.1        1-2005-search.com

O1 - Hosts: 13964 more lines...

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)

O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)

O3 - HKLM\..\Toolbar: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)

O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)

O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)

O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)

O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)

O4 - HKCU..\Run: [{427D3F2C-68EF-BD1E-D392-1BECB0DD60B1}] C:\Users\Standard\AppData\Roaming\Ivga\efik.exe File not found

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O16 - DPF: {59136DB4-6CA3-4B40-8F2F-BBF84B6F1E91} https://stream.web.de/mail/activex/mail_upload_11213.cab (Attachment Upload Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)

O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O24 - Desktop BackupWallPaper: C:\Users\Standard\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2008.11.15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - F:\Autorun.exe -- [ UDF ]

O32 - AutoRun File - [2008.10.11 19:03:48 | 000,000,054 | R--- | M] () - F:\Autorun.inf -- [ UDF ]

O33 - MountPoints2\{5fc4d1f3-23a7-11de-9f15-e4ff96c00dd0}\Shell - "" = AutoRun

O33 - MountPoints2\{5fc4d1f3-23a7-11de-9f15-e4ff96c00dd0}\Shell\AutoRun\command - "" = L:\autorun.exe -- File not found

O33 - MountPoints2\{5fc4d1f5-23a7-11de-9f15-e4ff96c00dd0}\Shell - "" = AutoRun

O33 - MountPoints2\{5fc4d1f5-23a7-11de-9f15-e4ff96c00dd0}\Shell\AutoRun\command - "" = M:\RunGame.exe -- File not found

O33 - MountPoints2\{5fc4d213-23a7-11de-9f15-e4ff96c00dd0}\Shell - "" = AutoRun

O33 - MountPoints2\{5fc4d213-23a7-11de-9f15-e4ff96c00dd0}\Shell\AutoRun\command - "" = N:\Autorun.exe -- File not found

O33 - MountPoints2\{82640234-24f3-11de-8d68-d15cbd9629c2}\Shell - "" = AutoRun

O33 - MountPoints2\{82640234-24f3-11de-8d68-d15cbd9629c2}\Shell\AutoRun\command - "" = O:\autorun.exe -- File not found

O33 - MountPoints2\{c20f525a-00dd-11de-924b-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{c20f525a-00dd-11de-924b-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2008.11.15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.)

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2010.08.14 21:19:05 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\ForceField Shared Files

[2010.08.14 21:19:04 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\CheckPoint

[2010.08.14 21:17:55 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit

[2010.08.14 21:17:54 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm-Sicherheit

[2010.08.14 21:17:40 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint

[2010.08.14 21:17:29 | 000,046,592 | ---- | C] (Zone Labs Inc.) -- C:\Windows\System32\vsutil_loc0407.dll

[2010.08.14 21:17:25 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsregexp.dll

[2010.08.14 21:16:59 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys

[2010.08.14 21:16:26 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zlcommdb.dll

[2010.08.14 21:16:26 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zlcomm.dll

[2010.08.14 21:16:19 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vswmi.dll

[2010.08.14 21:16:14 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zpeng25.dll

[2010.08.14 21:16:14 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsxml.dll

[2010.08.14 21:16:13 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vspubapi.dll

[2010.08.14 21:16:13 | 000,107,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsmonapi.dll

[2010.08.14 21:16:12 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsdata.dll

[2010.08.14 21:15:56 | 000,457,304 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\drivers\vsdatant.sys

[2010.08.14 21:15:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\ZoneLabs

[2010.08.14 21:15:53 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs

[2010.08.14 21:15:30 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint

[2010.08.14 21:15:29 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsinit.dll

[2010.08.14 21:15:29 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs

[2010.08.14 21:15:28 | 000,713,728 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsutil.dll

[2010.08.13 22:52:56 | 000,000,000 | ---D | C] -- C:\Users\Standard\Desktop\Neuer Ordner

[2010.08.12 21:22:09 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan

[2010.08.12 21:22:09 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

[2010.08.12 21:22:06 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan

[2010.08.11 00:42:00 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2010.08.11 00:42:00 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll

[2010.08.11 00:42:00 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2010.08.11 00:42:00 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2010.08.11 00:42:00 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2010.08.11 00:42:00 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2010.08.11 00:41:59 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2010.08.11 00:41:59 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2010.08.11 00:41:59 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2010.08.11 00:41:59 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2010.08.11 00:41:59 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2010.08.11 00:41:59 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2010.08.11 00:41:59 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2010.08.11 00:41:59 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2010.08.11 00:41:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2010.08.11 00:41:56 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll

[2010.08.11 00:41:44 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2010.08.11 00:41:40 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll

[2010.08.11 00:41:22 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2010.08.11 00:41:22 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2010.08.10 22:49:03 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\2K Games

[2010.08.10 22:48:37 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll

[2010.08.10 22:48:37 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll

[2010.08.10 22:48:37 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll

[2010.08.10 22:48:37 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll

[2010.08.10 22:48:37 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll

[2010.08.10 22:48:37 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll

[2010.08.10 22:48:36 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll

[2010.08.10 22:48:36 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll

[2010.08.10 22:48:36 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll

[2010.08.10 22:48:36 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll

[2010.08.10 22:48:36 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll

[2010.08.10 22:48:36 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll

[2010.08.10 22:48:36 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll

[2010.08.10 22:48:36 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll

[2010.08.10 22:48:36 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll

[2010.08.10 22:48:36 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll

[2010.08.10 22:48:35 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll

[2010.08.10 22:48:33 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll

[2010.08.10 22:48:31 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll

[2010.08.10 22:48:31 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll

[2010.08.10 22:48:31 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll

[2010.08.10 22:39:56 | 000,000,000 | ---D | C] -- C:\Users\Standard\Desktop\MafiaIIDemo

[2010.08.10 22:27:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam

[2010.08.10 22:27:48 | 000,000,000 | ---D | C] -- C:\Program Files\Steam

[2010.08.09 20:26:07 | 001,279,192 | ---- | C] (IObit                                                       ) -- C:\Users\Standard\Desktop\gamebooster_151.exe

[2010.08.05 04:40:12 | 000,000,000 | ---D | C] -- C:\Users\Standard\Desktop\neuuu

[2010.07.31 02:52:31 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Roaming\.purple

[2010.07.31 02:51:44 | 000,000,000 | ---D | C] -- C:\Program Files\Pidgin

[2010.07.25 02:47:19 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM

[2010.07.24 22:55:59 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll

[2010.07.24 22:20:00 | 000,000,000 | ---D | C] -- C:\Users\Standard\AppData\Local\Rockstar Games

[2010.07.22 00:47:06 | 000,000,000 | ---D | C] -- C:\Users\Standard\Documents\astragon Software GmbH

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2010.08.16 19:25:22 | 008,650,752 | ---- | M] () -- C:\Users\Standard\ntuser.dat

[2010.08.16 18:43:53 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2010.08.16 18:43:53 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2010.08.16 16:44:34 | 000,053,164 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2010.08.16 16:44:34 | 000,053,164 | ---- | M] () -- C:\ProgramData\nvModes.001

[2010.08.16 16:44:05 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job

[2010.08.16 16:44:05 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010.08.16 16:43:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010.08.16 16:43:50 | 3219,644,416 | -HS- | M] () -- C:\hiberfil.sys

[2010.08.16 16:42:52 | 000,524,288 | -HS- | M] () -- C:\Users\Standard\ntuser.dat{dc609bfd-582a-11df-b860-dbde0ba0b6e5}.TMContainer00000000000000000001.regtrans-ms

[2010.08.16 16:42:52 | 000,065,536 | -HS- | M] () -- C:\Users\Standard\ntuser.dat{dc609bfd-582a-11df-b860-dbde0ba0b6e5}.TM.blf

[2010.08.16 16:42:51 | 005,057,272 | -H-- | M] () -- C:\Users\Standard\AppData\Local\IconCache.db

[2010.08.16 15:42:00 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.08.14 21:19:28 | 000,421,442 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml

[2010.08.14 21:17:32 | 000,000,877 | ---- | M] () -- C:\Users\Standard\Desktop\ZoneAlarm Security.lnk

[2010.08.14 21:17:31 | 000,005,977 | ---- | M] () -- C:\Windows\System32\vsconfig.xml

[2010.08.14 21:13:54 | 048,045,056 | ---- | M] () -- C:\Users\Standard\Desktop\zaSetup_92_058_000_de.exe

[2010.08.13 22:55:20 | 001,650,452 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010.08.13 22:55:20 | 000,705,786 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2010.08.13 22:55:20 | 000,668,804 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010.08.13 22:55:20 | 000,152,416 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2010.08.13 22:55:20 | 000,127,858 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010.08.12 21:22:08 | 000,001,719 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

[2010.08.12 21:22:08 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2010.08.12 19:45:39 | 000,423,073 | ---- | M] () -- C:\Users\Standard\Desktop\mafia2.time.freez.rar

[2010.08.11 21:58:49 | 002,243,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010.08.10 22:44:26 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk

[2010.08.10 22:27:02 | 001,598,976 | ---- | M] () -- C:\Users\Standard\Desktop\SteamInstall.msi

[2010.08.10 13:58:25 | 001,037,617 | ---- | M] () -- C:\Users\Standard\Desktop\MafiaII.exe

[2010.08.09 20:26:56 | 000,000,891 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk

[2010.08.09 20:26:56 | 000,000,883 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk

[2010.08.09 20:26:13 | 001,279,192 | ---- | M] (IObit                                                       ) -- C:\Users\Standard\Desktop\gamebooster_151.exe

[2010.08.09 20:25:43 | 000,260,400 | ---- | M] () -- C:\Users\Standard\Desktop\SoftonicDownloader80984.exe

[2010.08.08 22:29:35 | 000,053,248 | ---- | M] () -- C:\Users\Standard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.08.03 04:42:47 | 000,000,218 | ---- | M] () -- C:\Users\Standard\.recently-used.xbel

[2010.07.24 22:55:59 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll

[2010.07.23 20:14:42 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2010.08.16 15:42:00 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.08.14 21:17:32 | 000,000,877 | ---- | C] () -- C:\Users\Standard\Desktop\ZoneAlarm Security.lnk

[2010.08.14 21:17:31 | 000,005,977 | ---- | C] () -- C:\Windows\System32\vsconfig.xml

[2010.08.14 21:15:56 | 000,421,442 | -H-- | C] () -- C:\Windows\System32\drivers\vsconfig.xml

[2010.08.14 21:13:52 | 048,045,056 | ---- | C] () -- C:\Users\Standard\Desktop\zaSetup_92_058_000_de.exe

[2010.08.12 21:22:08 | 000,001,719 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

[2010.08.12 21:22:08 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2010.08.12 19:40:37 | 001,037,617 | ---- | C] () -- C:\Users\Standard\Desktop\MafiaII.exe

[2010.08.12 04:47:37 | 000,423,073 | ---- | C] () -- C:\Users\Standard\Desktop\mafia2.time.freez.rar

[2010.08.10 22:27:48 | 000,000,792 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk

[2010.08.10 22:26:53 | 001,598,976 | ---- | C] () -- C:\Users\Standard\Desktop\SteamInstall.msi

[2010.08.09 20:26:56 | 000,000,891 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk

[2010.08.09 20:26:56 | 000,000,883 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster.lnk

[2010.08.09 20:25:43 | 000,260,400 | ---- | C] () -- C:\Users\Standard\Desktop\SoftonicDownloader80984.exe

[2010.08.03 04:42:47 | 000,000,218 | ---- | C] () -- C:\Users\Standard\.recently-used.xbel

[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat

[2009.10.19 18:03:40 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys

[2009.10.19 18:03:39 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys

[2009.09.17 02:02:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009.04.07 21:06:26 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys

[2009.03.18 18:42:50 | 000,077,824 | ---- | C] () -- C:\Windows\System32\HPZIDS01.dll

[2009.03.17 17:31:23 | 000,000,848 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys

[2008.07.26 08:25:02 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys

[2007.10.18 13:56:14 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll

[2007.10.18 13:56:14 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini

[2007.10.18 13:46:46 | 000,069,632 | ---- | C] () -- C:\Windows\System32\vuins32.dll

[2007.10.12 01:11:58 | 000,059,500 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006.08.11 09:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll

[2002.03.17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000096.DLL

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 72 bytes -> C:\Windows:4F9666BB02E53299

@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:6CC69D3C

@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:18AE7C5A

< End of report >

Dazu muss ich noch sagen das ich vorhin bei MAM auf Quarantäne und delete gegangen bin. Ist das nun in quarantäne und gelöscht?

Soll ich den ganzen system32 ordner in euer forum schicken weil ich finde das hier nicht mehr C:\Windows\System32\lowsec <----- sondern nur C:\Windows\System32\ <-- das ?