GVU Trojaner unter Windows XP
Hallo liebes Trojaner-Board Team,
ich hab mir heute den GVU Trojaner eingefangen hab schon versucht im Abgesicherten Modus ohne erfolg, mit Kaspersky auch kein erfolg.
Ich bitte um eure Hilfe.
LG
Eze
OTL Logfile: Code:
OTL logfile created on: 3/7/2013 7:28:34 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 146.48 Gb Total Space | 17.82 Gb Free Space | 12.16% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 207.57 Gb Free Space | 29.71% Space Free | Partition Type: NTFS
Drive E: | 151.60 Gb Total Space | 16.18 Gb Free Space | 10.67% Space Free | Partition Type: NTFS
Drive J: | 1.95 Gb Total Space | 1.29 Gb Free Space | 66.43% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2013/03/01 06:48:53 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/21 12:34:30 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/12 04:43:56 | 000,093,072 | ---- | M] (TomTom) [Auto] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013/02/07 07:35:32 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/02/07 07:33:43 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013/02/07 07:33:14 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/12/29 05:31:25 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/12/14 04:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/10/30 12:51:17 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/01/25 10:40:56 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/11/25 09:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto] -- C:\Programme\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/07/19 22:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011/03/04 05:38:48 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2010/12/23 04:41:36 | 003,304,768 | ---- | M] (devolo AG) [Auto] -- C:\Programme\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService)
SRV - [2010/07/04 12:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2006/10/26 07:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (smserial)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (AmdLLD)
DRV - [2012/12/12 04:19:04 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/12/12 04:19:04 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/11/16 03:29:26 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/09/19 23:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV - [2012/09/19 23:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV - [2012/08/27 08:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012/06/27 03:37:56 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2012/06/27 03:37:56 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2012/06/27 03:37:56 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2012/06/27 03:37:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2012/05/23 11:49:30 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2012/03/30 18:22:46 | 000,104,024 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2011/12/01 04:40:16 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NBVol.sys -- (NBVol)
DRV - [2011/12/01 04:40:16 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2010/06/14 02:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/06/10 05:32:14 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\npf_devolo.sys -- (NPF_devolo) NetGroup Packet Filter Driver (devolo)
DRV - [2007/07/23 02:56:58 | 000,042,624 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Alpham1.sys -- (Alpham1)
DRV - [2007/03/20 04:49:52 | 000,018,432 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Alpham2.sys -- (Alpham2)
DRV - [2006/07/24 09:05:00 | 000,005,632 | ---- | M] () [File_System | System] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/03/22 07:24:02 | 000,018,944 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/22 07:24:00 | 000,052,736 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/03/17 11:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={E76CB937-5325-11E2-A6AB-0018F30113C8}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Melle_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={E76CB937-5325-11E2-A6AB-0018F30113C8}
IE - HKU\Melle_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Plieni_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\Plieni_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Plieni_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 44 E4 7F 1B B2 19 CE 01 [binary data]
IE - HKU\Plieni_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\Plieni_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\Programme\Gemeinsame Dateien\Nero\BrowserPlugin\npBrowserPlugin.dll (Nero AG)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013/02/21 12:34:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
[2013/02/21 12:34:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013/02/21 12:34:31 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2013/01/16 19:11:04 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/01/16 19:11:04 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2013/01/16 19:11:04 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2013/01/16 19:11:04 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2013/01/16 19:11:04 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/01/16 19:11:04 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2013/01/18 05:43:25 | 000,445,395 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 ???,????,????cr67com,????,??????,?????112scg,tt???8bc8,?????
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
O1 - Hosts: 127.0.0.1 100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf!
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15296 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (smartdownloader Class) - {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - C:\Programme\SockshareDownloader\smarterdownloader.dll (TODO: <Company name>)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Melle_ON_C\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Plieni_ON_C\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Plieni_ON_C\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [Zboard] C:\Programme\Ideazon\ZEngine\Zboard.exe (Ideazon, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\Plieni\Startmenü\Programme\Autostart\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Melle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Plieni_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\UpdatusUser_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/06/24 05:39:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/11/16 14:59:50 | 000,000,134 | -H-- | M] () - J:\autorun.inf -- [ FAT ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/03/07 19:04:58 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2013/03/07 18:34:01 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\LocalService\Recent
[2013/03/07 17:48:30 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2013/03/07 17:48:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/07 06:26:39 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Plieni\8804639.dll
[2013/03/05 10:33:01 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Plieni\Recent
[2013/03/01 06:48:48 | 016,473,456 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013/02/28 17:33:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Plieni\Eigene Dateien\TomTom
[2013/02/28 17:33:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2013/02/28 17:32:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Plieni\Lokale Einstellungen\Anwendungsdaten\TomTom
[2013/02/28 17:32:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\TomTom
[2013/02/28 17:32:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TomTom
[2013/02/28 17:32:34 | 000,000,000 | ---D | C] -- C:\Programme\TomTom HOME 2
[2013/02/28 17:32:14 | 000,000,000 | ---D | C] -- C:\Programme\TomTom International B.V
[2013/02/21 12:34:23 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2013/02/13 07:25:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Plieni\Desktop\Qualitätsmanagement-SPZ-Landshut
========== Files - Modified Within 30 Days ==========
[2013/03/07 12:18:35 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9364088.pad
[2013/03/07 12:13:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/03/07 06:40:41 | 000,002,828 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9364088.js
[2013/03/07 06:29:55 | 000,000,004 | ---- | M] () -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\skype.ini
[2013/03/07 06:27:27 | 000,000,774 | ---- | M] () -- C:\Dokumente und Einstellungen\Plieni\Startmenü\Programme\Autostart\runctf.lnk
[2013/03/07 06:26:41 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Plieni\8804639.dll
[2013/03/07 05:48:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/03/07 04:09:29 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\Plieni\Desktop\Outlook.lnk
[2013/03/07 01:26:44 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/03/06 10:58:37 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\Melle\Desktop\Outlook.lnk
[2013/03/02 14:23:26 | 000,013,690 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/03/01 07:48:42 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2013/03/01 06:48:52 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/03/01 06:48:51 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/03/01 06:48:49 | 016,473,456 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013/02/28 17:32:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TomTom
[2013/02/23 16:41:31 | 000,233,984 | ---- | M] () -- C:\Dokumente und Einstellungen\Plieni\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/02/20 06:18:53 | 000,012,800 | ---- | M] () -- C:\Dokumente und Einstellungen\Melle\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/02/16 12:43:28 | 000,310,940 | ---- | M] () -- C:\Dokumente und Einstellungen\Plieni\Eigene Dateien\angelika aldistick.JPG
[2013/02/13 10:56:04 | 000,268,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/13 07:46:18 | 000,505,886 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013/02/13 07:46:18 | 000,484,092 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/13 07:46:18 | 000,096,178 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013/02/13 07:46:18 | 000,080,488 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
========== Files Created - No Company Name ==========
[2013/03/07 06:27:27 | 000,002,828 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9364088.js
[2013/03/07 06:27:27 | 000,000,774 | ---- | C] () -- C:\Dokumente und Einstellungen\Plieni\Startmenü\Programme\Autostart\runctf.lnk
[2013/03/07 06:27:21 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9364088.pad
[2013/03/07 06:27:15 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\skype.ini
[2013/02/16 12:43:28 | 000,310,940 | ---- | C] () -- C:\Dokumente und Einstellungen\Plieni\Eigene Dateien\angelika aldistick.JPG
[2013/01/27 08:27:16 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NAS.INI
[2013/01/18 05:58:51 | 000,000,847 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/11/24 18:59:20 | 003,123,272 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2012/09/13 11:55:20 | 000,000,089 | ---- | C] () -- C:\WINDOWS\System32\MSBII.dll
[2012/09/13 11:51:04 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2012/09/13 11:51:04 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2012/09/13 11:51:04 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\WKAuxil.dll
[2012/09/13 11:50:58 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\implode.dll
[2012/09/13 11:50:57 | 003,782,416 | ---- | C] () -- C:\WINDOWS\System32\mso97.dll
[2012/08/21 14:08:31 | 000,189,248 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2012/08/21 14:08:30 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2012/08/04 01:25:10 | 000,012,800 | ---- | C] () -- C:\Dokumente und Einstellungen\Melle\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/20 11:17:27 | 000,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\Plieni\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2012/07/18 11:41:48 | 000,494,296 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2025429265-1935655697-839522115-1005-0.dat
[2012/07/18 09:01:16 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Melle\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2012/07/18 08:24:11 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2012/07/18 08:24:11 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2012/07/18 08:24:05 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\$_hpcst$.hpc
[2012/07/18 08:07:44 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt
[2012/07/18 08:06:44 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012/07/15 06:37:07 | 000,233,984 | ---- | C] () -- C:\Dokumente und Einstellungen\Plieni\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/26 13:05:06 | 002,543,104 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2025429265-1935655697-839522115-1004-0.dat
[2012/06/26 13:05:06 | 000,272,178 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012/06/24 09:16:41 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2012/06/24 09:16:41 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2012/06/24 09:16:41 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2012/06/24 08:29:07 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2012/06/24 08:29:07 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2012/06/24 08:29:07 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2012/06/24 08:29:07 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2012/06/24 08:29:07 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2012/06/24 08:29:07 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2012/06/24 08:29:07 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2012/06/24 08:29:07 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2012/06/24 08:29:07 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2012/06/24 08:29:07 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2012/06/24 08:29:07 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2012/06/24 08:29:07 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2012/06/24 08:29:07 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2012/06/24 08:29:07 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2012/06/24 08:29:07 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2012/06/24 08:29:07 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2012/06/24 08:29:07 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2012/06/24 08:29:07 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2012/06/24 08:29:07 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2012/06/24 08:15:42 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX7400DEFGIPS.ini
[2012/06/24 08:08:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/06/24 07:13:33 | 001,074,560 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/06/24 07:13:33 | 001,074,560 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/06/24 07:13:33 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/06/24 07:13:16 | 002,284,064 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/06/24 06:59:56 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/24 06:27:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/06/24 06:26:40 | 000,268,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/24 05:48:21 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2012/06/24 05:45:52 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2012/06/24 05:40:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/06/24 05:37:35 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/05/23 11:49:34 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012/05/23 11:49:32 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012/05/23 11:49:32 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012/05/23 11:49:32 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012/05/23 11:49:32 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2009/10/06 02:16:02 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/08/02 07:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002/08/29 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/08/29 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/08/29 07:00:00 | 000,505,886 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2002/08/29 07:00:00 | 000,484,092 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/08/29 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/08/29 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2002/08/29 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/08/29 07:00:00 | 000,184,320 | -HS- | C] () -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\skype.dat
[2002/08/29 07:00:00 | 000,096,178 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2002/08/29 07:00:00 | 000,080,488 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/08/29 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/08/29 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2002/08/29 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/08/29 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/08/29 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/08/29 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2013/01/21 08:29:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\AskToolbar
[2013/01/21 08:30:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\CallingID
[2012/12/29 09:51:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\elsterformular
[2012/08/13 06:58:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\EPSON
[2012/06/24 09:36:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\Ideazon
[2013/01/21 08:30:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\ilividtoolbarguid
[2012/12/31 03:40:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\LocalLow
[2012/07/18 11:08:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\Samsung
[2013/01/21 08:29:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\searchresultstb
[2012/07/09 14:16:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\TeamViewer
[2013/02/20 06:19:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\UseNeXT
[2013/01/27 08:45:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\Anuman
[2012/10/17 01:11:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\AskToolbar
[2013/01/14 12:22:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\CallingID
[2012/08/16 09:19:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\elsterformular
[2012/07/09 13:25:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\EPSON
[2012/06/24 09:25:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\Ideazon
[2013/01/05 10:23:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\LocalLow
[2012/06/24 06:59:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\Oracle
[2012/12/01 05:23:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\PriceGong
[2012/08/21 14:08:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\PunkBuster
[2012/12/02 03:28:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\Samsung
[2013/01/05 10:23:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\searchresultstb
[2012/12/30 06:31:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\Sony Online Entertainment
[2013/02/04 01:21:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\TeamViewer
[2012/06/26 13:04:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\Temp
[2013/02/28 17:32:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\TomTom
[2012/09/30 07:10:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\Ubisoft
[2013/03/01 07:55:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\UseNeXT
[2012/06/24 07:31:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net
[2012/09/28 06:05:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverGenius
[2012/08/16 09:19:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2012/06/24 08:28:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON
[2012/12/27 09:21:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NTIReg
[2012/10/28 06:06:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Rockstar Games
[2012/06/26 12:59:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2012/06/24 08:46:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
[2013/02/11 07:12:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2013/02/28 17:33:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2012/09/25 13:14:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2012/06/24 08:33:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL
[2013/03/07 01:26:44 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 131 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05582920
< End of report >
--- --- ---
OTL Logfile: Code:
OTL logfile created on: 3/7/2013 7:28:34 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 146.48 Gb Total Space | 17.82 Gb Free Space | 12.16% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 207.57 Gb Free Space | 29.71% Space Free | Partition Type: NTFS
Drive E: | 151.60 Gb Total Space | 16.18 Gb Free Space | 10.67% Space Free | Partition Type: NTFS
Drive J: | 1.95 Gb Total Space | 1.29 Gb Free Space | 66.43% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2013/03/01 06:48:53 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/21 12:34:30 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/12 04:43:56 | 000,093,072 | ---- | M] (TomTom) [Auto] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013/02/07 07:35:32 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/02/07 07:33:43 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013/02/07 07:33:14 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/12/29 05:31:25 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/12/14 04:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/10/30 12:51:17 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/01/25 10:40:56 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/11/25 09:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto] -- C:\Programme\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/07/19 22:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011/03/04 05:38:48 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2010/12/23 04:41:36 | 003,304,768 | ---- | M] (devolo AG) [Auto] -- C:\Programme\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService)
SRV - [2010/07/04 12:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2006/10/26 07:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (smserial)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (AmdLLD)
DRV - [2012/12/12 04:19:04 | 000,134,336 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/12/12 04:19:04 | 000,083,944 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/11/16 03:29:26 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012/09/19 23:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV - [2012/09/19 23:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV - [2012/08/27 08:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012/06/27 03:37:56 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2012/06/27 03:37:56 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2012/06/27 03:37:56 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2012/06/27 03:37:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2012/05/23 11:49:30 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2012/03/30 18:22:46 | 000,104,024 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2011/12/01 04:40:16 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NBVol.sys -- (NBVol)
DRV - [2011/12/01 04:40:16 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2010/06/14 02:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/06/10 05:32:14 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\npf_devolo.sys -- (NPF_devolo) NetGroup Packet Filter Driver (devolo)
DRV - [2007/07/23 02:56:58 | 000,042,624 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Alpham1.sys -- (Alpham1)
DRV - [2007/03/20 04:49:52 | 000,018,432 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Alpham2.sys -- (Alpham2)
DRV - [2006/07/24 09:05:00 | 000,005,632 | ---- | M] () [File_System | System] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/03/22 07:24:02 | 000,018,944 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/22 07:24:00 | 000,052,736 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006/03/17 11:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={E76CB937-5325-11E2-A6AB-0018F30113C8}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" =
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Melle_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={E76CB937-5325-11E2-A6AB-0018F30113C8}
IE - HKU\Melle_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Plieni_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\Plieni_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Plieni_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 44 E4 7F 1B B2 19 CE 01 [binary data]
IE - HKU\Plieni_ON_C\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\Plieni_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\Programme\Gemeinsame Dateien\Nero\BrowserPlugin\npBrowserPlugin.dll (Nero AG)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013/02/21 12:34:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
[2013/02/21 12:34:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013/02/21 12:34:31 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2013/01/16 19:11:04 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/01/16 19:11:04 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2013/01/16 19:11:04 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2013/01/16 19:11:04 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2013/01/16 19:11:04 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/01/16 19:11:04 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2013/01/18 05:43:25 | 000,445,395 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 ???,????,????cr67com,????,??????,?????112scg,tt???8bc8,?????
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
O1 - Hosts: 127.0.0.1 100sexlinks.com - Informationen zum Thema Sex links. Diese Website steht zum Verkauf!
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15296 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (smartdownloader Class) - {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - C:\Programme\SockshareDownloader\smarterdownloader.dll (TODO: <Company name>)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Melle_ON_C\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Plieni_ON_C\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\Plieni_ON_C\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [Zboard] C:\Programme\Ideazon\ZEngine\Zboard.exe (Ideazon, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\Plieni\Startmenü\Programme\Autostart\runctf.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Melle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Plieni_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\UpdatusUser_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/06/24 05:39:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/11/16 14:59:50 | 000,000,134 | -H-- | M] () - J:\autorun.inf -- [ FAT ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/03/07 19:04:58 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2013/03/07 18:34:01 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\LocalService\Recent
[2013/03/07 17:48:30 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2013/03/07 17:48:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/03/07 06:26:39 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Plieni\8804639.dll
[2013/03/05 10:33:01 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Plieni\Recent
[2013/03/01 06:48:48 | 016,473,456 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013/02/28 17:33:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Plieni\Eigene Dateien\TomTom
[2013/02/28 17:33:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2013/02/28 17:32:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Plieni\Lokale Einstellungen\Anwendungsdaten\TomTom
[2013/02/28 17:32:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\TomTom
[2013/02/28 17:32:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TomTom
[2013/02/28 17:32:34 | 000,000,000 | ---D | C] -- C:\Programme\TomTom HOME 2
[2013/02/28 17:32:14 | 000,000,000 | ---D | C] -- C:\Programme\TomTom International B.V
[2013/02/21 12:34:23 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2013/02/13 07:25:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Plieni\Desktop\Qualitätsmanagement-SPZ-Landshut
========== Files - Modified Within 30 Days ==========
[2013/03/07 12:18:35 | 095,023,320 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9364088.pad
[2013/03/07 12:13:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/03/07 06:40:41 | 000,002,828 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9364088.js
[2013/03/07 06:29:55 | 000,000,004 | ---- | M] () -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\skype.ini
[2013/03/07 06:27:27 | 000,000,774 | ---- | M] () -- C:\Dokumente und Einstellungen\Plieni\Startmenü\Programme\Autostart\runctf.lnk
[2013/03/07 06:26:41 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Plieni\8804639.dll
[2013/03/07 05:48:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/03/07 04:09:29 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\Plieni\Desktop\Outlook.lnk
[2013/03/07 01:26:44 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/03/06 10:58:37 | 000,002,607 | ---- | M] () -- C:\Dokumente und Einstellungen\Melle\Desktop\Outlook.lnk
[2013/03/02 14:23:26 | 000,013,690 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/03/01 07:48:42 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2013/03/01 06:48:52 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/03/01 06:48:51 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/03/01 06:48:49 | 016,473,456 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013/02/28 17:32:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TomTom
[2013/02/23 16:41:31 | 000,233,984 | ---- | M] () -- C:\Dokumente und Einstellungen\Plieni\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/02/20 06:18:53 | 000,012,800 | ---- | M] () -- C:\Dokumente und Einstellungen\Melle\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/02/16 12:43:28 | 000,310,940 | ---- | M] () -- C:\Dokumente und Einstellungen\Plieni\Eigene Dateien\angelika aldistick.JPG
[2013/02/13 10:56:04 | 000,268,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/13 07:46:18 | 000,505,886 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013/02/13 07:46:18 | 000,484,092 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/13 07:46:18 | 000,096,178 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013/02/13 07:46:18 | 000,080,488 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
========== Files Created - No Company Name ==========
[2013/03/07 06:27:27 | 000,002,828 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9364088.js
[2013/03/07 06:27:27 | 000,000,774 | ---- | C] () -- C:\Dokumente und Einstellungen\Plieni\Startmenü\Programme\Autostart\runctf.lnk
[2013/03/07 06:27:21 | 095,023,320 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9364088.pad
[2013/03/07 06:27:15 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\skype.ini
[2013/02/16 12:43:28 | 000,310,940 | ---- | C] () -- C:\Dokumente und Einstellungen\Plieni\Eigene Dateien\angelika aldistick.JPG
[2013/01/27 08:27:16 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NAS.INI
[2013/01/18 05:58:51 | 000,000,847 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2012/11/24 18:59:20 | 003,123,272 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2012/09/13 11:55:20 | 000,000,089 | ---- | C] () -- C:\WINDOWS\System32\MSBII.dll
[2012/09/13 11:51:04 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\lffpx7.dll
[2012/09/13 11:51:04 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\lfkodak.dll
[2012/09/13 11:51:04 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\WKAuxil.dll
[2012/09/13 11:50:58 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\implode.dll
[2012/09/13 11:50:57 | 003,782,416 | ---- | C] () -- C:\WINDOWS\System32\mso97.dll
[2012/08/21 14:08:31 | 000,189,248 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2012/08/21 14:08:30 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2012/08/04 01:25:10 | 000,012,800 | ---- | C] () -- C:\Dokumente und Einstellungen\Melle\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/20 11:17:27 | 000,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\Plieni\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2012/07/18 11:41:48 | 000,494,296 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2025429265-1935655697-839522115-1005-0.dat
[2012/07/18 09:01:16 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Melle\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2012/07/18 08:24:11 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2012/07/18 08:24:11 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2012/07/18 08:24:05 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\$_hpcst$.hpc
[2012/07/18 08:07:44 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt
[2012/07/18 08:06:44 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012/07/15 06:37:07 | 000,233,984 | ---- | C] () -- C:\Dokumente und Einstellungen\Plieni\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/26 13:05:06 | 002,543,104 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2025429265-1935655697-839522115-1004-0.dat
[2012/06/26 13:05:06 | 000,272,178 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012/06/24 09:16:41 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2012/06/24 09:16:41 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2012/06/24 09:16:41 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2012/06/24 08:29:07 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2012/06/24 08:29:07 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2012/06/24 08:29:07 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2012/06/24 08:29:07 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2012/06/24 08:29:07 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2012/06/24 08:29:07 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2012/06/24 08:29:07 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2012/06/24 08:29:07 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2012/06/24 08:29:07 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2012/06/24 08:29:07 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2012/06/24 08:29:07 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2012/06/24 08:29:07 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2012/06/24 08:29:07 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2012/06/24 08:29:07 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2012/06/24 08:29:07 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2012/06/24 08:29:07 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2012/06/24 08:29:07 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2012/06/24 08:29:07 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2012/06/24 08:29:07 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2012/06/24 08:15:42 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX7400DEFGIPS.ini
[2012/06/24 08:08:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/06/24 07:13:33 | 001,074,560 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/06/24 07:13:33 | 001,074,560 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/06/24 07:13:33 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/06/24 07:13:16 | 002,284,064 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/06/24 06:59:56 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/06/24 06:27:23 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012/06/24 06:26:40 | 000,268,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/06/24 05:48:21 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2012/06/24 05:45:52 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2012/06/24 05:40:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012/06/24 05:37:35 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/05/23 11:49:34 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012/05/23 11:49:32 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012/05/23 11:49:32 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012/05/23 11:49:32 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012/05/23 11:49:32 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2009/10/06 02:16:02 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/08/02 07:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002/08/29 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/08/29 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/08/29 07:00:00 | 000,505,886 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2002/08/29 07:00:00 | 000,484,092 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/08/29 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/08/29 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2002/08/29 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/08/29 07:00:00 | 000,184,320 | -HS- | C] () -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\skype.dat
[2002/08/29 07:00:00 | 000,096,178 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2002/08/29 07:00:00 | 000,080,488 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/08/29 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/08/29 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2002/08/29 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/08/29 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/08/29 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/08/29 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2013/01/21 08:29:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\AskToolbar
[2013/01/21 08:30:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\CallingID
[2012/12/29 09:51:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\elsterformular
[2012/08/13 06:58:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\EPSON
[2012/06/24 09:36:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\Ideazon
[2013/01/21 08:30:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\ilividtoolbarguid
[2012/12/31 03:40:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\LocalLow
[2012/07/18 11:08:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\Samsung
[2013/01/21 08:29:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\searchresultstb
[2012/07/09 14:16:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\TeamViewer
[2013/02/20 06:19:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Melle\Anwendungsdaten\UseNeXT
[2013/01/27 08:45:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\Anuman
[2012/10/17 01:11:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\AskToolbar
[2013/01/14 12:22:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\CallingID
[2012/08/16 09:19:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\elsterformular
[2012/07/09 13:25:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\EPSON
[2012/06/24 09:25:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\Ideazon
[2013/01/05 10:23:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\LocalLow
[2012/06/24 06:59:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\Oracle
[2012/12/01 05:23:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\PriceGong
[2012/08/21 14:08:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\PunkBuster
[2012/12/02 03:28:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\Samsung
[2013/01/05 10:23:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\searchresultstb
[2012/12/30 06:31:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\Sony Online Entertainment
[2013/02/04 01:21:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\TeamViewer
[2012/06/26 13:04:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\Temp
[2013/02/28 17:32:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\TomTom
[2012/09/30 07:10:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\Ubisoft
[2013/03/01 07:55:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Plieni\Anwendungsdaten\UseNeXT
[2012/06/24 07:31:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Battle.net
[2012/09/28 06:05:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverGenius
[2012/08/16 09:19:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2012/06/24 08:28:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON
[2012/12/27 09:21:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NTIReg
[2012/10/28 06:06:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Rockstar Games
[2012/06/26 12:59:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2012/06/24 08:46:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
[2013/02/11 07:12:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2013/02/28 17:33:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2012/09/25 13:14:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2012/06/24 08:33:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL
[2013/03/07 01:26:44 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 131 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05582920
< End of report >
--- --- --- |
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
SecurityCheck und:
