Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows Sperrung, Aufforderung zur Zahlung i.H.v. 50 EUR (https://www.trojaner-board.de/105983-windows-sperrung-aufforderung-zahlung-i-h-v-50-eur.html)

Taxman19 08.12.2011 20:24
Windows Sperrung, Aufforderung zur Zahlung i.H.v. 50 EUR
 
Hallo!

Ich wünsche einen guten Abend! Vorweg! Vielen Dank das es euch gibt! Danke für die Zeit!

Jetzt zum Problem. Wie oben schon ersichtlich habe auch ich offenbar nicht die nötigen Programme (bei mir nur das übliche Antivir) installiert, so dass mich auch dieser "Trojaner" erwischt hat! :headbang:

Ich habe bereits die Forenbeiträge gelesen und gehofft das ich es allein schaffen könnte, jedoch wurde so eindringlich davor gewarnt es ohne Hilfe eurerseits zu versuchen das ich euch leider auch belästigen muss.

OTL habe ich installiert und den Lauf durchgeführt! Werde die Dateien anhängen und harre der Dinge.

:dankeschoen:

Taxman19 08.12.2011 20:27
Leider finde ich die Funktion für den 2. Anhang nicht daher hier:OTL Logfile:
Code:
OTL logfile created on: 08.12.2011 20:09:06 - Run 1
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Dokumente und Einstellungen\Freunde\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,05 Gb Available Physical Memory | 52,37% Memory free
2,85 Gb Paging File | 1,96 Gb Available in Paging File | 68,78% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 181,65 Gb Total Space | 1,83 Gb Free Space | 1,01% Space Free | Partition Type: NTFS
 
Computer Name: DARKNESS | User Name: Freunde | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Dokumente und Einstellungen\Freunde\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Norton 360\Engine\5.0.0.125\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Programme\Hotspot Shield\bin\openvpntray.exe ()
PRC - C:\Programme\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
PRC - C:\Programme\Orbitdownloader\orbitnet.exe (Orbitdownloader.com)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\LANCOM\Advanced VPN Client\NcpBudgetGui.exe (NCP engineering GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Toshiba\TOSHIBA Controls\TFncKy.exe (TOSHIBA Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Programme\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA)
PRC - C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programme\Google\Chrome\Application\15.0.874.121\pdf.dll ()
MOD - C:\Programme\Google\Chrome\Application\15.0.874.121\avutil-51.dll ()
MOD - C:\Programme\Google\Chrome\Application\15.0.874.121\avformat-53.dll ()
MOD - C:\Programme\Google\Chrome\Application\15.0.874.121\avcodec-53.dll ()
MOD - C:\Programme\Google\Chrome\Application\15.0.874.121\gcswf32.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\Hotspot Shield\bin\openvpntray.exe ()
MOD - C:\Programme\Hotspot Shield\bin\lang\gui-eng.dll ()
MOD - C:\Programme\Orbitdownloader\wtlctrl.dll ()
MOD - C:\Programme\LANCOM\Advanced VPN Client\NCPMIF32.DLL ()
MOD - C:\Programme\LANCOM\Advanced VPN Client\NCPDLG.DLL ()
MOD - C:\Programme\Intel\Wireless\Bin\IntStngs.dll ()
MOD - C:\Programme\LANCOM\Advanced VPN Client\NCPCFG.DLL ()
 
 
========== Win32 Services (SafeList) ==========
 
 
========== Driver Services (SafeList) ==========
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = Kostenlose E-Mail - Free Mail - E-Cards - Arcor das Newsportal
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Bing
IE - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN, Hotmail und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Programme\Virtual Earth 3D\ [2009.10.18 20:20:48 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2629: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohPlayer: C:\Programme\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll (Veoh Networks Inc)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.04.02 19:35:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.13 11:55:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011.12.08 18:15:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn\ [2011.12.07 21:22:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.11.11 18:48:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.10.09 21:09:46 | 000,000,000 | ---D | M]
 
[2011.11.12 14:10:35 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2007.04.06 18:07:21 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011.11.12 14:10:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.11.11 18:48:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2007.11.09 15:10:50 | 000,034,384 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\logging.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.03 10:54:50 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.03 10:54:50 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011.10.03 10:54:50 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.03 10:54:50 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.03 10:54:50 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.03 10:54:50 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Orbit Downloader (Enabled) = C:\Programme\Google\Chrome\Application\plugins\nporbit.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Programme\DivX\DivX Content Uploader\npUpload.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Programme\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: NPVeohVersion4 plugin (Enabled) = C:\Programme\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Dokumente und Einstellungen\Freunde\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2009.08.15 16:54:31 | 000,321,627 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 10.252.70.10  NTPOIP.SERVICES.DATEVNET.DE
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        Scan | Free Anti Virus | Bitdefender | Malware | Avast | Avg | Spyware Removal | Adware at 0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf!
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 11017 more lines...
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programme\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (dsWebAllowBHO Class) - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Programme\Windows Desktop Search\dsWebAllow.dll (Microsoft Corporation)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\5.0.0.125\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\5.0.0.125\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Programme\BitTorrentBar\tbBit1.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (FreeOnlineRadioPlayerRecorder Toolbar) - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Programme\FreeOnlineRadioPlayerRecorder\tbFre2.dll (Conduit Ltd.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Programme\Hotspot Shield\hssie\HssIE.dll (AnchorFree Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\5.0.0.125\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Programme\BitTorrentBar\tbBit1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MSN Suche Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Toolbar Suite\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programme\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (FreeOnlineRadioPlayerRecorder Toolbar) - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Programme\FreeOnlineRadioPlayerRecorder\tbFre2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006\..\Toolbar\ShellBrowser: (MSN Suche Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Toolbar Suite\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006\..\Toolbar\WebBrowser: (MSN Suche Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Toolbar Suite\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [000StTHK] C:\WINDOWS\System32\000StTHK.exe ()
O4 - HKLM..\Run: [ALUAlert] "\ALuNotify.exe" "/LOWDISKSPACE C" File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ccApp] C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [NcpBudgetGui] C:\Programme\LANCOM\Advanced VPN Client\NcpBudgetGui.exe (NCP engineering GmbH)
O4 - HKLM..\Run: [NcpMonitor] C:\Programme\LANCOM\Advanced VPN Client\ncpmon.exe (NCP engineering GmbH)
O4 - HKLM..\Run: [NcpPopup] C:\Programme\LANCOM\Advanced VPN Client\ncppopup.exe (NCP engineering GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PadTouch] C:\Programme\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TFncKy] TFncKy.exe File not found
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006..\Run: [TOSCDSPD] C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\WINDOWS\is-EKFDF.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware (registration)] C:\Programme\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\CIVStart.Exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Orbit.lnk = C:\Programme\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00  [binary data]
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00  [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &MSN Suche - C:\Programme\MSN Toolbar Suite\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - C:\Programme\MSN Toolbar Suite\de-de\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - C:\Programme\MSN Toolbar Suite\de-de\msntabres.dll.mui (Microsoft Corporation)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} https://goasp.datev.de/CACHE/stc/1/binaries/vpnweb.cab (Reg Error: Key error.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/webplayer/stage6/windows/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {9522589E-57B9-46C5-9A77-1F1C1CCBE550} file://D:\ols\cd-db\fscax.cab (F-Secure Online Scanner 2.1 (CD version))
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0FA2302-8E99-4F8E-936B-5CD0F03EB5DE}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Programme\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\DVCCSA: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Qosmio_NonHD.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Qosmio_NonHD.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.07 07:31:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.08 19:53:28 | 000,331,384 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symtdiv.sys
[2011.12.08 19:53:27 | 000,369,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symtdi.sys
[2011.12.08 19:53:26 | 000,296,568 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnets.sys
[2011.12.08 19:53:23 | 000,744,568 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symefa.sys
[2011.12.08 19:53:21 | 000,340,088 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symds.sys
[2011.12.08 19:53:20 | 000,050,168 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.sys
[2011.12.08 19:53:16 | 000,516,216 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.sys
[2011.12.08 19:53:15 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\ironx86.sys
[2011.12.08 19:50:57 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Freunde\Desktop\OTL.exe
[2011.12.08 19:49:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0501000.01D
[2011.12.08 19:43:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freunde\Anwendungsdaten\HPAppData
[2011.12.08 19:41:02 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.12.08 19:41:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freunde\Anwendungsdaten\Malwarebytes
[2011.12.07 21:23:39 | 000,652,336 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymEFA.sys
[2011.12.07 21:23:39 | 000,509,560 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\srtsp.sys
[2011.12.07 21:23:39 | 000,368,248 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\symtdi.sys
[2011.12.07 21:23:39 | 000,340,016 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymDS.sys
[2011.12.07 21:23:39 | 000,330,360 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\symtdiv.sys
[2011.12.07 21:23:39 | 000,295,032 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\symnets.sys
[2011.12.07 21:23:39 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\Ironx86.sys
[2011.12.07 21:23:39 | 000,050,168 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\srtspx.sys
[2011.12.07 21:22:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2011.12.07 21:22:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0500000.07D
[2011.12.07 21:22:17 | 000,000,000 | ---D | C] -- C:\Programme\Windows Sidebar
[2011.12.07 21:22:17 | 000,000,000 | ---D | C] -- C:\Programme\Norton 360
[2011.12.07 21:22:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Norton 360
[2011.12.07 21:22:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
[2011.12.07 21:21:36 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware
[2011.12.07 21:21:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com
[2011.12.07 21:07:56 | 148,385,712 | ---- | C] (Symantec Corporation) -- C:\Dokumente und Einstellungen\Freunde\Desktop\N360_5.0.0.125_SYMTB_CNET_LOEM_MRFTT_233_5628_1C.exe
[2011.12.07 21:04:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freunde\Eigene Dateien\Downloads
[2011.12.07 21:04:51 | 013,421,552 | ---- | C] (SUPERAntiSpyware.com) -- C:\Dokumente und Einstellungen\Freunde\Desktop\SUPERAntiSpyware.exe
[2011.12.07 21:03:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freunde\Anwendungsdaten\ProgSense
[2011.12.07 21:03:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freunde\Anwendungsdaten\Orbit
[2011.12.07 20:56:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freunde\Lokale Einstellungen\Anwendungsdaten\Google
[2011.12.07 20:49:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freunde\Anwendungsdaten\Avira
[2011.11.23 18:24:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Earth
[2011.11.12 14:10:33 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.11.12 14:10:33 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.11.12 14:10:33 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.08 19:54:38 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011.12.08 19:54:38 | 000,007,468 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2011.12.08 19:54:38 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2011.12.08 19:54:35 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011.12.08 19:50:18 | 000,001,526 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Orbit.lnk
[2011.12.08 19:41:02 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.12.08 19:32:46 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.08 19:32:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.08 19:32:04 | 2146,484,224 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.08 19:28:14 | 000,002,163 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Safari.lnk
[2011.12.08 19:28:14 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.12.08 18:26:36 | 000,709,968 | ---- | M] () -- C:\WINDOWS\is-EKFDF.exe
[2011.12.08 18:26:36 | 000,012,782 | ---- | M] () -- C:\WINDOWS\is-EKFDF.msg
[2011.12.08 18:26:36 | 000,000,415 | ---- | M] () -- C:\WINDOWS\is-EKFDF.lst
[2011.12.08 18:21:23 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.08 18:14:13 | 000,043,762 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.12.08 18:11:54 | 000,750,534 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\Cat.DB
[2011.12.07 21:23:47 | 000,001,873 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton 360.LNK
[2011.12.07 21:21:44 | 000,001,642 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.12.07 18:25:49 | 013,421,552 | ---- | M] (SUPERAntiSpyware.com) -- C:\Dokumente und Einstellungen\Freunde\Desktop\SUPERAntiSpyware.exe
[2011.12.07 00:00:01 | 000,000,340 | ---- | M] () -- C:\WINDOWS\System32\tversity.cookies
[2011.12.06 21:40:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.04 14:03:00 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011.11.23 18:24:36 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2011.11.21 18:33:42 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.11.18 18:25:50 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2011.11.13 11:55:19 | 000,001,721 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Converter.lnk
[2011.11.12 14:09:58 | 000,474,086 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.11.12 14:09:58 | 000,454,268 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.11.12 14:09:58 | 000,092,604 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.11.12 14:09:58 | 000,079,322 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.08 19:53:27 | 000,007,877 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnetv.cat
[2011.12.08 19:53:27 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnetv.inf
[2011.12.08 19:53:25 | 000,007,458 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnet.cat
[2011.12.08 19:53:25 | 000,001,446 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnet.inf
[2011.12.08 19:53:23 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symefa.inf
[2011.12.08 19:53:22 | 000,007,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symefa.cat
[2011.12.08 19:53:21 | 000,002,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symds.inf
[2011.12.08 19:53:20 | 000,001,389 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.inf
[2011.12.08 19:53:18 | 000,007,454 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.cat
[2011.12.08 19:53:16 | 000,007,450 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.cat
[2011.12.08 19:53:16 | 000,001,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.inf
[2011.12.08 19:53:15 | 000,007,528 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\iron.cat
[2011.12.08 19:53:15 | 000,000,742 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\iron.inf
[2011.12.08 19:50:08 | 000,001,526 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Orbit.lnk
[2011.12.08 19:49:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symds.cat
[2011.12.08 19:49:29 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\isolate.ini
[2011.12.08 19:32:04 | 2146,484,224 | -HS- | C] () -- C:\hiberfil.sys
[2011.12.08 18:26:36 | 000,709,968 | ---- | C] () -- C:\WINDOWS\is-EKFDF.exe
[2011.12.08 18:26:36 | 000,012,782 | ---- | C] () -- C:\WINDOWS\is-EKFDF.msg
[2011.12.08 18:26:36 | 000,000,415 | ---- | C] () -- C:\WINDOWS\is-EKFDF.lst
[2011.12.08 18:10:48 | 000,750,534 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\Cat.DB
[2011.12.07 21:23:47 | 000,001,873 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton 360.LNK
[2011.12.07 21:22:42 | 000,003,374 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymEFA.inf
[2011.12.07 21:22:42 | 000,002,792 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymDS.inf
[2011.12.07 21:22:42 | 000,001,474 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymNetV.inf
[2011.12.07 21:22:42 | 000,001,446 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymNet.inf
[2011.12.07 21:22:42 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\srtspx.inf
[2011.12.07 21:22:42 | 000,001,383 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\srtsp.inf
[2011.12.07 21:22:42 | 000,000,742 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\Iron.inf
[2011.12.07 21:22:27 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\symnetv.cat
[2011.12.07 21:22:27 | 000,007,528 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\iron.cat
[2011.12.07 21:22:27 | 000,007,458 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymNet.cat
[2011.12.07 21:22:27 | 000,007,456 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymEFA.cat
[2011.12.07 21:22:27 | 000,007,454 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\srtspx.cat
[2011.12.07 21:22:27 | 000,007,450 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymDS.cat
[2011.12.07 21:22:27 | 000,007,450 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\srtsp.cat
[2011.12.07 21:22:27 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\isolate.ini
[2011.12.07 21:21:44 | 000,001,642 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.11.23 18:24:36 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2011.09.09 00:04:58 | 000,444,283 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\WinPcapNmap.exe
[2010.11.22 10:18:52 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010.09.06 22:03:33 | 000,338,552 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.08.22 07:40:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cd.dat
[2010.08.04 20:03:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010.07.04 16:58:28 | 000,000,021 | ---- | C] () -- C:\WINDOWS\DvInesKurusOleServer003.INI
[2010.07.02 21:59:19 | 000,000,470 | ---- | C] () -- C:\WINDOWS\IMG2PDF.ini
[2010.04.02 19:33:53 | 000,023,671 | ---- | C] () -- C:\WINDOWS\hpqins15.dat
[2010.01.27 03:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009.11.27 08:17:24 | 000,078,170 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2009.07.12 16:49:52 | 000,001,381 | ---- | C] () -- C:\WINDOWS\scummvm.ini
[2009.07.04 13:32:55 | 000,080,896 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01.exe
[2009.06.18 19:36:05 | 000,000,311 | ---- | C] () -- C:\WINDOWS\game.ini
[2009.06.11 13:23:33 | 000,003,309 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.06.07 14:06:16 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.06.07 14:06:15 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.05.22 22:05:43 | 000,170,044 | ---- | C] () -- C:\WINDOWS\hpqins00.dat
[2009.04.18 23:25:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2009.04.18 22:49:21 | 000,264,025 | ---- | C] () -- C:\WINDOWS\hpqins11.dat
[2009.04.18 22:20:25 | 000,179,231 | ---- | C] () -- C:\WINDOWS\hpoins28.dat.temp
[2009.04.18 22:20:25 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat.temp
[2009.04.18 21:51:26 | 000,003,245 | ---- | C] () -- C:\WINDOWS\tm.ini
[2009.04.18 19:01:57 | 000,179,090 | ---- | C] () -- C:\WINDOWS\hpoins28.dat
[2009.04.18 19:01:57 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat
[2009.03.25 18:00:36 | 000,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2009.03.02 00:21:28 | 000,000,108 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.01.18 18:26:09 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
[2009.01.17 22:33:54 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\msadio.dll
[2008.08.27 07:47:54 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.08.27 07:47:38 | 000,107,832 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008.08.27 07:47:37 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008.08.27 07:47:36 | 002,250,024 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2008.08.26 08:28:40 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2008.08.09 21:02:38 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\wwindowdp32.dll
[2008.08.05 18:42:57 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008.07.26 19:26:21 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI
[2008.07.26 19:24:45 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll
[2008.07.26 19:23:24 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2008.07.26 19:22:00 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008.07.19 00:16:30 | 000,063,716 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008.07.17 22:31:24 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2008.07.17 22:31:24 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2008.07.17 22:31:24 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe
[2008.07.17 22:31:24 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.07.17 22:31:23 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe
[2008.06.23 21:07:46 | 000,000,509 | ---- | C] () -- C:\WINDOWS\System32\DARKNESS.jrf.init
[2008.06.23 19:20:30 | 000,000,021 | ---- | C] () -- C:\WINDOWS\KurusDeinstall.INI
[2008.06.22 19:34:09 | 000,000,074 | ---- | C] () -- C:\WINDOWS\webica.ini
[2008.06.22 19:32:22 | 000,000,021 | ---- | C] () -- C:\WINDOWS\DvInesKurusOleServer002.INI
[2008.06.22 19:32:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\netop.ini
[2008.06.22 19:31:48 | 000,000,110 | ---- | C] () -- C:\WINDOWS\dvinesinstart001.INI
[2008.06.22 19:31:48 | 000,000,110 | ---- | C] () -- C:\WINDOWS\dvinesinstalllocation001.INI
[2008.06.22 19:31:34 | 000,000,021 | ---- | C] () -- C:\WINDOWS\startup.INI
[2008.06.03 22:30:25 | 000,008,192 | -HS- | C] () -- C:\WINDOWS\o2cLicStore.bin
[2008.06.03 22:29:18 | 000,000,503 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini
[2008.06.03 22:29:18 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini
[2008.03.01 21:03:31 | 000,000,031 | ---- | C] () -- C:\WINDOWS\idc.ini
[2007.12.09 21:43:11 | 000,000,015 | ---- | C] () -- C:\WINDOWS\Powerplayer.ini
[2007.12.09 21:39:30 | 000,000,564 | ---- | C] () -- C:\WINDOWS\psnetwork.ini
[2007.09.01 10:13:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2007.08.10 23:34:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007.08.05 23:04:48 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.07.14 22:56:52 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.05.28 00:32:06 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2007.04.06 18:07:11 | 000,002,266 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007.03.27 23:44:38 | 000,000,059 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2007.03.27 23:44:38 | 000,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2007.03.27 23:44:38 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2007.03.18 15:26:47 | 000,000,614 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2007.02.15 22:06:12 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2007.01.28 15:47:12 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2007.01.28 15:47:12 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2007.01.28 15:01:59 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\KMVIDC32.DLL
[2007.01.14 09:51:54 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2007.01.14 09:51:53 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2007.01.13 23:55:54 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007.01.13 21:30:08 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2007.01.12 20:33:09 | 000,001,359 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2007.01.09 21:40:16 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2007.01.09 17:58:10 | 000,000,092 | R--- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2007.01.08 22:53:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2007.01.08 15:46:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2007.01.06 19:56:55 | 000,558,592 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2007.01.06 19:56:53 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2007.01.06 19:40:14 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007.01.06 15:58:29 | 000,003,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Freunde\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.06 15:58:28 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Freunde\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007.01.05 19:13:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ToDisc.INI
[2006.10.06 10:17:23 | 000,000,562 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini
[2006.09.28 13:55:34 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2006.09.26 13:01:40 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.09.07 17:04:53 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.09.07 17:04:53 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006.09.07 17:04:53 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.09.07 17:04:53 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.09.07 17:04:52 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.09.07 17:04:52 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006.09.07 17:04:51 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006.09.07 17:04:51 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006.09.07 17:04:51 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006.09.07 10:49:28 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.09.07 09:39:23 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.09.07 08:53:51 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006.09.07 08:53:51 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006.09.07 08:53:51 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006.09.07 08:53:51 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006.09.07 08:53:51 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006.09.07 08:53:51 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006.09.07 08:51:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006.09.07 08:43:48 | 000,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2006.09.07 08:33:33 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006.09.07 08:33:33 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006.09.07 08:33:33 | 000,010,161 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006.09.07 08:33:33 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006.09.07 08:25:03 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\000StTHK.exe
[2006.09.07 08:23:30 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.09.07 08:22:42 | 000,298,848 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006.09.07 07:34:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006.09.07 07:28:34 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.09.07 07:18:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll
[2006.09.07 07:18:01 | 000,159,744 | ---- | C] () -- C:\WINDOWS\MakeMrk.exe
[2006.09.07 07:18:01 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006.09.07 07:17:52 | 000,474,086 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006.09.07 07:17:52 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006.09.07 07:17:52 | 000,092,604 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006.09.07 07:17:52 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006.09.07 07:17:26 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\syscvchk.dll
[2006.09.07 07:17:22 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.09.07 07:17:19 | 000,454,268 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.09.07 07:17:19 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.09.07 07:17:19 | 000,079,322 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.09.07 07:17:19 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.09.07 07:17:16 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.09.07 07:17:16 | 000,004,598 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.09.07 07:17:14 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006.09.07 07:17:11 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.09.07 07:17:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.09.07 07:17:08 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.09.07 07:17:01 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005.09.02 13:44:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005.07.22 20:30:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004.10.01 08:11:20 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004.07.20 16:04:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004.01.15 13:43:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2004.01.14 01:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2001.05.03 08:03:58 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\smcelp32.ini
[2001.05.03 08:03:58 | 000,000,219 | ---- | C] () -- C:\WINDOWS\System32\pspgru.ini
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 115 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:FB1B13D8
@Alternate Data Stream - 113 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

< End of report >
--- --- ---

markusg 08.12.2011 20:27
hi
otl.txt bitte noch :-)

Taxman19 08.12.2011 20:29
Leider finde ich die Funktion für den 2. Anhang nicht daher hier:
OTL Logfile:
Code:
OTL logfile created on: 08.12.2011 20:09:06 - Run 1
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Dokumente und Einstellungen\Freunde\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,05 Gb Available Physical Memory | 52,37% Memory free
2,85 Gb Paging File | 1,96 Gb Available in Paging File | 68,78% Paging File free
Paging file location(s): C:\pagefile.sys 1024 1024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 181,65 Gb Total Space | 1,83 Gb Free Space | 1,01% Space Free | Partition Type: NTFS
 
Computer Name: DARKNESS | User Name: Freunde | NOT logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Dokumente und Einstellungen\Freunde\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Norton 360\Engine\5.0.0.125\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Programme\Hotspot Shield\bin\openvpntray.exe ()
PRC - C:\Programme\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
PRC - C:\Programme\Orbitdownloader\orbitnet.exe (Orbitdownloader.com)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\LANCOM\Advanced VPN Client\NcpBudgetGui.exe (NCP engineering GmbH)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Toshiba\TOSHIBA Controls\TFncKy.exe (TOSHIBA Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Programme\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA)
PRC - C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programme\Google\Chrome\Application\15.0.874.121\pdf.dll ()
MOD - C:\Programme\Google\Chrome\Application\15.0.874.121\avutil-51.dll ()
MOD - C:\Programme\Google\Chrome\Application\15.0.874.121\avformat-53.dll ()
MOD - C:\Programme\Google\Chrome\Application\15.0.874.121\avcodec-53.dll ()
MOD - C:\Programme\Google\Chrome\Application\15.0.874.121\gcswf32.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\Hotspot Shield\bin\openvpntray.exe ()
MOD - C:\Programme\Hotspot Shield\bin\lang\gui-eng.dll ()
MOD - C:\Programme\Orbitdownloader\wtlctrl.dll ()
MOD - C:\Programme\LANCOM\Advanced VPN Client\NCPMIF32.DLL ()
MOD - C:\Programme\LANCOM\Advanced VPN Client\NCPDLG.DLL ()
MOD - C:\Programme\Intel\Wireless\Bin\IntStngs.dll ()
MOD - C:\Programme\LANCOM\Advanced VPN Client\NCPCFG.DLL ()
 
 
========== Win32 Services (SafeList) ==========
 
 
========== Driver Services (SafeList) ==========
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = Kostenlose E-Mail - Free Mail - E-Cards - Arcor das Newsportal
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Bing
IE - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN, Hotmail und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Programme\Virtual Earth 3D\ [2009.10.18 20:20:48 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2629: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohPlayer: C:\Programme\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll (Veoh Networks Inc)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.04.02 19:35:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.11.13 11:55:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011.12.08 18:15:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn\ [2011.12.07 21:22:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.11.11 18:48:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.10.09 21:09:46 | 000,000,000 | ---D | M]
 
[2011.11.12 14:10:35 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2007.04.06 18:07:21 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011.11.12 14:10:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.11.11 18:48:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2007.11.09 15:10:50 | 000,034,384 | ---- | M] () -- C:\Programme\mozilla firefox\plugins\logging.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.03 10:54:50 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.03 10:54:50 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011.10.03 10:54:50 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.03 10:54:50 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.03 10:54:50 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.03 10:54:50 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Orbit Downloader (Enabled) = C:\Programme\Google\Chrome\Application\plugins\nporbit.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Programme\DivX\DivX Content Uploader\npUpload.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Programme\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: NPVeohVersion4 plugin (Enabled) = C:\Programme\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Dokumente und Einstellungen\Freunde\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2009.08.15 16:54:31 | 000,321,627 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 10.252.70.10  NTPOIP.SERVICES.DATEVNET.DE
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        Anti Spyware | Cash Advance | Debt Consolidation | Insurance | Cell Phones at 0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf!
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 11017 more lines...
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programme\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (dsWebAllowBHO Class) - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Programme\Windows Desktop Search\dsWebAllow.dll (Microsoft Corporation)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\5.0.0.125\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\5.0.0.125\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Programme\BitTorrentBar\tbBit1.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll (Google Inc.)
O2 - BHO: (FreeOnlineRadioPlayerRecorder Toolbar) - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Programme\FreeOnlineRadioPlayerRecorder\tbFre2.dll (Conduit Ltd.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Programme\Hotspot Shield\hssie\HssIE.dll (AnchorFree Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\5.0.0.125\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Programme\BitTorrentBar\tbBit1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MSN Suche Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Toolbar Suite\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programme\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (FreeOnlineRadioPlayerRecorder Toolbar) - {f999a48b-1950-4d81-9971-79018f807b4b} - C:\Programme\FreeOnlineRadioPlayerRecorder\tbFre2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006\..\Toolbar\ShellBrowser: (MSN Suche Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Toolbar Suite\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006\..\Toolbar\WebBrowser: (MSN Suche Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Toolbar Suite\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [000StTHK] C:\WINDOWS\System32\000StTHK.exe ()
O4 - HKLM..\Run: [ALUAlert] "\ALuNotify.exe" "/LOWDISKSPACE C" File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ccApp] C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [NcpBudgetGui] C:\Programme\LANCOM\Advanced VPN Client\NcpBudgetGui.exe (NCP engineering GmbH)
O4 - HKLM..\Run: [NcpMonitor] C:\Programme\LANCOM\Advanced VPN Client\ncpmon.exe (NCP engineering GmbH)
O4 - HKLM..\Run: [NcpPopup] C:\Programme\LANCOM\Advanced VPN Client\ncppopup.exe (NCP engineering GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PadTouch] C:\Programme\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TFncKy] TFncKy.exe File not found
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006..\Run: [TOSCDSPD] C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKLM..\RunOnce: [InnoSetupRegFile.0000000001] C:\WINDOWS\is-EKFDF.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware (registration)] C:\Programme\Malwarebytes' Anti-Malware\mbamext.dll (Malwarebytes Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\CIVStart.Exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Orbit.lnk = C:\Programme\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00  [binary data]
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00  [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKU\S-1-5-21-2438034613-2327497867-1286197980-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &MSN Suche - C:\Programme\MSN Toolbar Suite\msntb.dll (Microsoft Corporation)
O8 - Extra context menu item: In neuer Registerkarte im Hintergrund öffnen - C:\Programme\MSN Toolbar Suite\de-de\msntabres.dll.mui (Microsoft Corporation)
O8 - Extra context menu item: In neuer Registerkarte im Vordergrund öffnen - C:\Programme\MSN Toolbar Suite\de-de\msntabres.dll.mui (Microsoft Corporation)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} https://goasp.datev.de/CACHE/stc/1/binaries/vpnweb.cab (Reg Error: Key error.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/webplayer/stage6/windows/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {9522589E-57B9-46C5-9A77-1F1C1CCBE550} file://D:\ols\cd-db\fscax.cab (F-Secure Online Scanner 2.1 (CD version))
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 vpnweb.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0FA2302-8E99-4F8E-936B-5CD0F03EB5DE}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Programme\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\DVCCSA: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Qosmio_NonHD.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Qosmio_NonHD.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.07 07:31:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.08 19:53:28 | 000,331,384 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symtdiv.sys
[2011.12.08 19:53:27 | 000,369,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symtdi.sys
[2011.12.08 19:53:26 | 000,296,568 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnets.sys
[2011.12.08 19:53:23 | 000,744,568 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symefa.sys
[2011.12.08 19:53:21 | 000,340,088 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symds.sys
[2011.12.08 19:53:20 | 000,050,168 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.sys
[2011.12.08 19:53:16 | 000,516,216 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.sys
[2011.12.08 19:53:15 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0501000.01D\ironx86.sys
[2011.12.08 19:50:57 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Freunde\Desktop\OTL.exe
[2011.12.08 19:49:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0501000.01D
[2011.12.08 19:43:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freunde\Anwendungsdaten\HPAppData
[2011.12.08 19:41:02 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.12.08 19:41:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freunde\Anwendungsdaten\Malwarebytes
[2011.12.07 21:23:39 | 000,652,336 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymEFA.sys
[2011.12.07 21:23:39 | 000,509,560 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\srtsp.sys
[2011.12.07 21:23:39 | 000,368,248 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\symtdi.sys
[2011.12.07 21:23:39 | 000,340,016 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymDS.sys
[2011.12.07 21:23:39 | 000,330,360 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\symtdiv.sys
[2011.12.07 21:23:39 | 000,295,032 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\symnets.sys
[2011.12.07 21:23:39 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\Ironx86.sys
[2011.12.07 21:23:39 | 000,050,168 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0500000.07D\srtspx.sys
[2011.12.07 21:22:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2011.12.07 21:22:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0500000.07D
[2011.12.07 21:22:17 | 000,000,000 | ---D | C] -- C:\Programme\Windows Sidebar
[2011.12.07 21:22:17 | 000,000,000 | ---D | C] -- C:\Programme\Norton 360
[2011.12.07 21:22:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Norton 360
[2011.12.07 21:22:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
[2011.12.07 21:21:36 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware
[2011.12.07 21:21:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com
[2011.12.07 21:07:56 | 148,385,712 | ---- | C] (Symantec Corporation) -- C:\Dokumente und Einstellungen\Freunde\Desktop\N360_5.0.0.125_SYMTB_CNET_LOEM_MRFTT_233_5628_1C.exe
[2011.12.07 21:04:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freunde\Eigene Dateien\Downloads
[2011.12.07 21:04:51 | 013,421,552 | ---- | C] (SUPERAntiSpyware.com) -- C:\Dokumente und Einstellungen\Freunde\Desktop\SUPERAntiSpyware.exe
[2011.12.07 21:03:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freunde\Anwendungsdaten\ProgSense
[2011.12.07 21:03:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freunde\Anwendungsdaten\Orbit
[2011.12.07 20:56:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freunde\Lokale Einstellungen\Anwendungsdaten\Google
[2011.12.07 20:49:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freunde\Anwendungsdaten\Avira
[2011.11.23 18:24:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Earth
[2011.11.12 14:10:33 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2011.11.12 14:10:33 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2011.11.12 14:10:33 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.08 19:54:38 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2011.12.08 19:54:38 | 000,007,468 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2011.12.08 19:54:38 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2011.12.08 19:54:35 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2011.12.08 19:50:18 | 000,001,526 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Orbit.lnk
[2011.12.08 19:41:02 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.12.08 19:32:46 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.08 19:32:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.08 19:32:04 | 2146,484,224 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.08 19:28:14 | 000,002,163 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Safari.lnk
[2011.12.08 19:28:14 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.12.08 18:26:36 | 000,709,968 | ---- | M] () -- C:\WINDOWS\is-EKFDF.exe
[2011.12.08 18:26:36 | 000,012,782 | ---- | M] () -- C:\WINDOWS\is-EKFDF.msg
[2011.12.08 18:26:36 | 000,000,415 | ---- | M] () -- C:\WINDOWS\is-EKFDF.lst
[2011.12.08 18:21:23 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.08 18:14:13 | 000,043,762 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2011.12.08 18:11:54 | 000,750,534 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\Cat.DB
[2011.12.07 21:23:47 | 000,001,873 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton 360.LNK
[2011.12.07 21:21:44 | 000,001,642 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.12.07 18:25:49 | 013,421,552 | ---- | M] (SUPERAntiSpyware.com) -- C:\Dokumente und Einstellungen\Freunde\Desktop\SUPERAntiSpyware.exe
[2011.12.07 00:00:01 | 000,000,340 | ---- | M] () -- C:\WINDOWS\System32\tversity.cookies
[2011.12.06 21:40:18 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.04 14:03:00 | 000,000,966 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011.11.23 18:24:36 | 000,001,887 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2011.11.21 18:33:42 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.11.18 18:25:50 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2011.11.13 11:55:19 | 000,001,721 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DivX Plus Converter.lnk
[2011.11.12 14:09:58 | 000,474,086 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.11.12 14:09:58 | 000,454,268 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.11.12 14:09:58 | 000,092,604 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.11.12 14:09:58 | 000,079,322 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[16 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.08 19:53:27 | 000,007,877 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnetv.cat
[2011.12.08 19:53:27 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnetv.inf
[2011.12.08 19:53:25 | 000,007,458 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnet.cat
[2011.12.08 19:53:25 | 000,001,446 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symnet.inf
[2011.12.08 19:53:23 | 000,003,373 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symefa.inf
[2011.12.08 19:53:22 | 000,007,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symefa.cat
[2011.12.08 19:53:21 | 000,002,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symds.inf
[2011.12.08 19:53:20 | 000,001,389 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.inf
[2011.12.08 19:53:18 | 000,007,454 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtspx.cat
[2011.12.08 19:53:16 | 000,007,450 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.cat
[2011.12.08 19:53:16 | 000,001,383 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\srtsp.inf
[2011.12.08 19:53:15 | 000,007,528 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\iron.cat
[2011.12.08 19:53:15 | 000,000,742 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\iron.inf
[2011.12.08 19:50:08 | 000,001,526 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Orbit.lnk
[2011.12.08 19:49:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\symds.cat
[2011.12.08 19:49:29 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0501000.01D\isolate.ini
[2011.12.08 19:32:04 | 2146,484,224 | -HS- | C] () -- C:\hiberfil.sys
[2011.12.08 18:26:36 | 000,709,968 | ---- | C] () -- C:\WINDOWS\is-EKFDF.exe
[2011.12.08 18:26:36 | 000,012,782 | ---- | C] () -- C:\WINDOWS\is-EKFDF.msg
[2011.12.08 18:26:36 | 000,000,415 | ---- | C] () -- C:\WINDOWS\is-EKFDF.lst
[2011.12.08 18:10:48 | 000,750,534 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\Cat.DB
[2011.12.07 21:23:47 | 000,001,873 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton 360.LNK
[2011.12.07 21:22:42 | 000,003,374 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymEFA.inf
[2011.12.07 21:22:42 | 000,002,792 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymDS.inf
[2011.12.07 21:22:42 | 000,001,474 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymNetV.inf
[2011.12.07 21:22:42 | 000,001,446 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymNet.inf
[2011.12.07 21:22:42 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\srtspx.inf
[2011.12.07 21:22:42 | 000,001,383 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\srtsp.inf
[2011.12.07 21:22:42 | 000,000,742 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\Iron.inf
[2011.12.07 21:22:27 | 000,007,877 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\symnetv.cat
[2011.12.07 21:22:27 | 000,007,528 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\iron.cat
[2011.12.07 21:22:27 | 000,007,458 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymNet.cat
[2011.12.07 21:22:27 | 000,007,456 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymEFA.cat
[2011.12.07 21:22:27 | 000,007,454 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\srtspx.cat
[2011.12.07 21:22:27 | 000,007,450 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\SymDS.cat
[2011.12.07 21:22:27 | 000,007,450 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\srtsp.cat
[2011.12.07 21:22:27 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0500000.07D\isolate.ini
[2011.12.07 21:21:44 | 000,001,642 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.11.23 18:24:36 | 000,001,887 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2011.09.09 00:04:58 | 000,444,283 | ---- | C] () -- C:\Programme\Gemeinsame Dateien\WinPcapNmap.exe
[2010.11.22 10:18:52 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010.09.06 22:03:33 | 000,338,552 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.08.22 07:40:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cd.dat
[2010.08.04 20:03:40 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2010.07.04 16:58:28 | 000,000,021 | ---- | C] () -- C:\WINDOWS\DvInesKurusOleServer003.INI
[2010.07.02 21:59:19 | 000,000,470 | ---- | C] () -- C:\WINDOWS\IMG2PDF.ini
[2010.04.02 19:33:53 | 000,023,671 | ---- | C] () -- C:\WINDOWS\hpqins15.dat
[2010.01.27 03:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009.11.27 08:17:24 | 000,078,170 | ---- | C] () -- C:\WINDOWS\hpqins05.dat
[2009.07.12 16:49:52 | 000,001,381 | ---- | C] () -- C:\WINDOWS\scummvm.ini
[2009.07.04 13:32:55 | 000,080,896 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01.exe
[2009.06.18 19:36:05 | 000,000,311 | ---- | C] () -- C:\WINDOWS\game.ini
[2009.06.11 13:23:33 | 000,003,309 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.06.07 14:06:16 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.06.07 14:06:15 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.05.22 22:05:43 | 000,170,044 | ---- | C] () -- C:\WINDOWS\hpqins00.dat
[2009.04.18 23:25:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2009.04.18 22:49:21 | 000,264,025 | ---- | C] () -- C:\WINDOWS\hpqins11.dat
[2009.04.18 22:20:25 | 000,179,231 | ---- | C] () -- C:\WINDOWS\hpoins28.dat.temp
[2009.04.18 22:20:25 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat.temp
[2009.04.18 21:51:26 | 000,003,245 | ---- | C] () -- C:\WINDOWS\tm.ini
[2009.04.18 19:01:57 | 000,179,090 | ---- | C] () -- C:\WINDOWS\hpoins28.dat
[2009.04.18 19:01:57 | 000,000,932 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat
[2009.03.25 18:00:36 | 000,000,280 | ---- | C] () -- C:\WINDOWS\System32\epoPGPsdk.dll.sig
[2009.03.02 00:21:28 | 000,000,108 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2009.01.18 18:26:09 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo3.dll
[2009.01.17 22:33:54 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\msadio.dll
[2008.08.27 07:47:54 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2008.08.27 07:47:38 | 000,107,832 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2008.08.27 07:47:37 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2008.08.27 07:47:36 | 002,250,024 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2008.08.26 08:28:40 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2008.08.09 21:02:38 | 000,000,031 | ---- | C] () -- C:\WINDOWS\System32\wwindowdp32.dll
[2008.08.05 18:42:57 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008.07.26 19:26:21 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI
[2008.07.26 19:24:45 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll
[2008.07.26 19:23:24 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2008.07.26 19:22:00 | 000,005,937 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2008.07.19 00:16:30 | 000,063,716 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2008.07.17 22:31:24 | 000,502,784 | ---- | C] () -- C:\WINDOWS\x2.64.exe
[2008.07.17 22:31:24 | 000,240,128 | ---- | C] () -- C:\WINDOWS\System32\x.264.exe
[2008.07.17 22:31:24 | 000,066,560 | ---- | C] () -- C:\WINDOWS\MOTA113.exe
[2008.07.17 22:31:24 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2008.07.17 22:31:23 | 000,217,073 | ---- | C] () -- C:\WINDOWS\meta4.exe
[2008.06.23 21:07:46 | 000,000,509 | ---- | C] () -- C:\WINDOWS\System32\DARKNESS.jrf.init
[2008.06.23 19:20:30 | 000,000,021 | ---- | C] () -- C:\WINDOWS\KurusDeinstall.INI
[2008.06.22 19:34:09 | 000,000,074 | ---- | C] () -- C:\WINDOWS\webica.ini
[2008.06.22 19:32:22 | 000,000,021 | ---- | C] () -- C:\WINDOWS\DvInesKurusOleServer002.INI
[2008.06.22 19:32:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\netop.ini
[2008.06.22 19:31:48 | 000,000,110 | ---- | C] () -- C:\WINDOWS\dvinesinstart001.INI
[2008.06.22 19:31:48 | 000,000,110 | ---- | C] () -- C:\WINDOWS\dvinesinstalllocation001.INI
[2008.06.22 19:31:34 | 000,000,021 | ---- | C] () -- C:\WINDOWS\startup.INI
[2008.06.03 22:30:25 | 000,008,192 | -HS- | C] () -- C:\WINDOWS\o2cLicStore.bin
[2008.06.03 22:29:18 | 000,000,503 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini
[2008.06.03 22:29:18 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini
[2008.03.01 21:03:31 | 000,000,031 | ---- | C] () -- C:\WINDOWS\idc.ini
[2007.12.09 21:43:11 | 000,000,015 | ---- | C] () -- C:\WINDOWS\Powerplayer.ini
[2007.12.09 21:39:30 | 000,000,564 | ---- | C] () -- C:\WINDOWS\psnetwork.ini
[2007.09.01 10:13:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2007.08.10 23:34:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007.08.05 23:04:48 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.07.14 22:56:52 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.05.28 00:32:06 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2007.04.06 18:07:11 | 000,002,266 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007.03.27 23:44:38 | 000,000,059 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2007.03.27 23:44:38 | 000,000,020 | -H-- | C] () -- C:\WINDOWS\akebook.ini
[2007.03.27 23:44:38 | 000,000,004 | -H-- | C] () -- C:\WINDOWS\a3kebook.ini
[2007.03.18 15:26:47 | 000,000,614 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2007.02.15 22:06:12 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2007.01.28 15:47:12 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2007.01.28 15:47:12 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2007.01.28 15:01:59 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\KMVIDC32.DLL
[2007.01.14 09:51:54 | 000,278,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2007.01.14 09:51:53 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2007.01.13 23:55:54 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2007.01.13 21:30:08 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2007.01.12 20:33:09 | 000,001,359 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2007.01.09 21:40:16 | 000,021,504 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2007.01.09 17:58:10 | 000,000,092 | R--- | C] () -- C:\WINDOWS\System32\ftdiun2k.ini
[2007.01.08 22:53:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2007.01.08 15:46:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2007.01.06 19:56:55 | 000,558,592 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2007.01.06 19:56:53 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2007.01.06 19:40:14 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007.01.06 15:58:29 | 000,003,584 | ---- | C] () -- C:\Dokumente und Einstellungen\Freunde\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.01.06 15:58:28 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Freunde\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007.01.05 19:13:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ToDisc.INI
[2006.10.06 10:17:23 | 000,000,562 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini
[2006.09.28 13:55:34 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2006.09.26 13:01:40 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2006.09.08 08:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2006.09.07 17:04:53 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.09.07 17:04:53 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006.09.07 17:04:53 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.09.07 17:04:53 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.09.07 17:04:52 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.09.07 17:04:52 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006.09.07 17:04:51 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006.09.07 17:04:51 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006.09.07 17:04:51 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006.09.07 10:49:28 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.09.07 09:39:23 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.09.07 08:53:51 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006.09.07 08:53:51 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006.09.07 08:53:51 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006.09.07 08:53:51 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006.09.07 08:53:51 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006.09.07 08:53:51 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006.09.07 08:51:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2006.09.07 08:43:48 | 000,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2006.09.07 08:33:33 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2006.09.07 08:33:33 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2006.09.07 08:33:33 | 000,010,161 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2006.09.07 08:33:33 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2006.09.07 08:25:03 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\000StTHK.exe
[2006.09.07 08:23:30 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.09.07 08:22:42 | 000,298,848 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006.09.07 07:34:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006.09.07 07:28:34 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.09.07 07:18:02 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll
[2006.09.07 07:18:01 | 000,159,744 | ---- | C] () -- C:\WINDOWS\MakeMrk.exe
[2006.09.07 07:18:01 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006.09.07 07:17:52 | 000,474,086 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006.09.07 07:17:52 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006.09.07 07:17:52 | 000,092,604 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006.09.07 07:17:52 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006.09.07 07:17:26 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\syscvchk.dll
[2006.09.07 07:17:22 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.09.07 07:17:19 | 000,454,268 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.09.07 07:17:19 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.09.07 07:17:19 | 000,079,322 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.09.07 07:17:19 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.09.07 07:17:16 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.09.07 07:17:16 | 000,004,598 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.09.07 07:17:14 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006.09.07 07:17:11 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.09.07 07:17:11 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.09.07 07:17:08 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.09.07 07:17:01 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005.09.02 13:44:00 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005.07.22 20:30:00 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004.10.01 08:11:20 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2004.07.20 16:04:00 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004.01.15 13:43:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2004.01.14 01:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2001.05.03 08:03:58 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\smcelp32.ini
[2001.05.03 08:03:58 | 000,000,219 | ---- | C] () -- C:\WINDOWS\System32\pspgru.ini
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 115 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:FB1B13D8
@Alternate Data Stream - 113 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

< End of report >
--- --- ---

markusg 08.12.2011 20:41
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.
  • Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
    Tool

    Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Hinweis:
    Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.
  • Poste bitte die C:\Combofix.txt in deiner nächsten Antwort.

Taxman19 08.12.2011 21:41
OK! Endlich fertig!

Leider habe ich die Wiederherstellungskonsole nicht installiert! Mein Profil kann ja nicht Online gehen da ja der Trojaner aktiv wird, und im abgesicherten Modus geht das Internet irgendwie nicht!?

Viell. hilft es ja trotzdem weiter??

Danke das ihr so schnell antwortet! Spitze! Zufall? Egal! :daumenhoc

markusg 08.12.2011 21:50
geh mal wieder in den normalen modus, öffne malwarebytes poste alle log
unter malwarebytes, logdateien zu finden

Taxman19 08.12.2011 21:55
Meinst du im "Problemprofil" oder geht auch "hier" in einem Nebenprofil?
Weil im Hauptprofil muss ich mich ja vom Internet trennen, da der Trojaner sonst wieder aufpoppt! ODER?

PS: ich hab hier im Nebenprofil sämtliche Icons, den Start Button etc. verloren! Auch rechte Maustaste Kontextmenü funzt net!?

markusg 08.12.2011 22:13
nein du musst alle logs im problem profil erstellen sonst bringts ja nicht viel.

Taxman19 08.12.2011 22:16
OK! Ich werde Sie posten!

Taxman19 08.12.2011 22:16
Die Zweite, Sorry muss ich immer Text eingeben?

markusg 08.12.2011 22:17
wird das system für onlinebanking einkäufe oder ähnlich wichtiges genutzt

Taxman19 08.12.2011 22:17
Ist ein wenig peinlich immer
was schrieben zu müssen!

Taxman19 08.12.2011 22:18
Das soll wirklich
kein Spam sein!

Taxman19 08.12.2011 22:19
Ja leider!
Für alles möglich inkl. VPN Tunnel zur Arbeit!


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:26 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19