Trojaner-Board
Seite 4 von 4 « Erste 23 4
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Your Protection immer noch da? (https://www.trojaner-board.de/84768-your-protection-immer-noch.html)

FastCore 06.05.2010 11:58
Code:
OTL Extras logfile created on: 06.05.2010 12:36:45 - Run 3
OTL by OldTimer - Version 3.2.4.1    Folder = C:\Dokumente und Einstellungen\FreshOne\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
511,00 Mb Total Physical Memory | 195,00 Mb Available Physical Memory | 38,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 91,47 Gb Total Space | 50,56 Gb Free Space | 55,28% Space Free | Partition Type: NTFS
Drive D: | 91,89 Gb Total Space | 75,99 Gb Free Space | 82,70% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SEPPL
Current User Name: FreshOne
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
"DisableMonitoring" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"12154:TCP" = 12154:TCP:*:Enabled:BitComet 12154 TCP
"12154:UDP" = 12154:UDP:*:Enabled:BitComet 12154 UDP
"21526:TCP" = 21526:TCP:*:Enabled:BitComet 21526 TCP
"21526:UDP" = 21526:UDP:*:Enabled:BitComet 21526 UDP
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"12415:TCP" = 12415:TCP:*:Enabled:BitComet 12415 TCP
"12415:UDP" = 12415:UDP:*:Enabled:BitComet 12415 UDP
"58386:TCP" = 58386:TCP:*:Enabled:Pando Media Booster
"58386:UDP" = 58386:UDP:*:Enabled:Pando Media Booster
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Nexon\Combat Arms\CombatArms.exe" = C:\Nexon\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"C:\Nexon\Combat Arms\Engine.exe" = C:\Nexon\Combat Arms\Engine.exe:*Enabled:Engine.exe -- File not found
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Programme\ICQ7.0\ICQ.exe" = C:\Programme\ICQ7.0\ICQ.exe:*:Enabled:ICQ7 -- File not found
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\ccapp.exe" = %windir%\system32\unst.exe:*:Enabled:System Process -- File not found
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL -- (AOL LLC)
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL -- (AOL LLC)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NexonUS\NGM\NGM.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"%windir%\explorer.exe" = %windir%\explorer.exe:*:Enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine -- ()
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NexonEU\NGM\NGM.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Programme\Windows Live\Sync\WindowsLiveSync.exe" = C:\Programme\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{1246FF64-3035-4A92-8FE6-A968275495EB}" = Sony Vegas Pro 8.0
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}" = PC Connectivity Solution
"{1A655D51-1423-48A3-B748-8F5A0BE294C8}" = Microsoft Visual J# .NET Redistributable Package 1.1
"{1E460998-5C2C-4ACF-A9AA-3629BD9C06C2}" = Samsung PC Studio
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{295C31E5-3F91-498E-9623-DA24D2FA2B6A}" = T-Online WLAN-Access Finder
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SONY_MEDIAMGR2)
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{428102E6-8A39-48B9-8389-847F5A44A600}" = MSXML 4.0
"{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"{51FD8515-2F15-4E6D-A93C-BC6988AEC29A}" = Sony Media Manager 2.3
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{54BB0384-1C33-488F-A95B-877E480D3EDC}" = MSXML 4.0
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{572F2464-AB8F-4D1C-B934-FD133E6B7CA2}" = Philips GoGear Digital Audio Player
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69D598A7-A9C5-4396-8C92-39465FF2C874}" = Philips SPC530NC Webcam
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{994223F3-A99B-4DDD-9E1D-0190A17C6860}" = Windows Live Family Safety
"{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}" = Brother MFL-Pro Suite
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A7E07C2B-2220-4415-87E3-784D5814BC93}" = NVIDIA PhysX v8.09.04
"{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}" = Nokia PC Suite
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3E3F224-704C-4873-BA3E-0B8D3D4C59E8}" = Samsung PC Studio 3
"{D7A6C517-11F2-419F-B5BB-27772B939698}" = NvMixer
"{DE54F85C-DB65-4691-B15D-1EF9149F0FD6}" = MangaBrowser for SHONEN JUMP 40th
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EA57A1B9-0DD2-44DD-9B70-64E8DA553F6F}" = Philips VLounge
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EF901A4B-A25A-4962-83C6-C6691D062ED9}" = Nero Mega Plugin Pack
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go
"{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}" = Disc2Phone
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows-Treiberpaket - Nokia Modem  (02/15/2007 3.1)
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0)
"55D5CDE7F2833CC4A2AAF96249CE79DDFC71E592" = Windows-Treiberpaket - Philips CL (phaudlwr) MEDIA  (05/07/2008 1.0.5.12)
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Windows-Treiberpaket - MobileTop (sshpmdm) Modem  (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Windows-Treiberpaket - MobileTop (sshpusb) USB  (02/23/2007 2.5.0.0)
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Windows-Treiberpaket - Nokia Modem  (05/22/2008 7.00.0.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AOL Deinstallation" = AOL Deinstallation
"AOLCoach de" = AOL Coach Version 1.0(Build:20040201.2 de)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows-Treiberpaket - Nokia Modem  (02/15/2007 3.1)
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Windows-Treiberpaket - Nokia Modem  (05/22/2008 3.8)
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"F83654168F2669A249A823C6255ACB1405E1E04E" = Windows-Treiberpaket - Philips (SPC530) Image  (05/21/2008 1.01.3.6650)
"FA64675F2B582DB559A1BE34C9F1F0208D44A7FE" = Windows-Treiberpaket - Philips USB  (05/21/2008 1.01.3.6650)
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.1
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Studio_is1" = Free Studio version 4.2
"Free Video to Mp3 Converter_is1" = Free Video to Mp3 Converter version 3.1
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 2.8
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Icy Tower v1.3.1_is1" = Icy Tower v1.3.1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{4E68EAA3-775A-4542-A08A-47DB8E8E74A6}" = NTI Backup NOW! 3
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA nTune
"InstallShield_{C438B7C4-B4F8-49C5-A4DF-FF6F1F242778}" = NTI CD & DVD-Maker Gold
"Killzone 2 Screensaver" = Killzone 2 Screensaver
"LiveUpdate" = LiveUpdate 2.7 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"MPE" = MyPhoneExplorer
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Philips Intelligent Agent_is1" = Philips Intelligent Agent
"RTP for RM2K (Png, Wav, Midi, Fonts)" = RTP for RM2K (Png, Wav, Midi, Fonts)
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"Uninstall_is1" = Uninstall 1.0.0.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGTK-2_is1" = GTK+ 2.10.13 runtime environment
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 25.04.2010 15:06:01 | Computer Name = SEPPL | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung mbam.exe, Version 1.45.0.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 25.04.2010 15:12:28 | Computer Name = SEPPL | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung mbam.exe, Version 1.45.0.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 27.04.2010 12:41:31 | Computer Name = SEPPL | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 01.05.2010 07:07:25 | Computer Name = SEPPL | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung mbam.exe, Version 1.45.0.0, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 02.05.2010 11:01:31 | Computer Name = SEPPL | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
 nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
 
Error - 03.05.2010 06:03:06 | Computer Name = SEPPL | Source = Google Update | ID = 20
Description =
 
Error - 03.05.2010 07:03:06 | Computer Name = SEPPL | Source = Google Update | ID = 20
Description =
 
Error - 04.05.2010 16:36:01 | Computer Name = SEPPL | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung javara.exe, Version 1.15.0.1745, fehlgeschlagenes
 Modul ntdll.dll, Version 5.1.2600.5755, Fehleradresse 0x0000100b.
 
Error - 04.05.2010 16:40:02 | Computer Name = SEPPL | Source = MsiInstaller | ID = 10005
Description = Produkt: Java(TM) 6 Update 7 -- Interner Fehler 2753. RegUtils
 
Error - 04.05.2010 16:49:50 | Computer Name = SEPPL | Source = MsiInstaller | ID = 10005
Description = Produkt: Java(TM) 6 Update 7 -- Interner Fehler 2753. RegUtils
 
[ System Events ]
Error - 05.05.2010 07:15:08 | Computer Name = SEPPL | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Verwaltungsservice
 vom CryproStorage-System.
 
Error - 05.05.2010 07:15:08 | Computer Name = SEPPL | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Verwaltungsservice vom CryproStorage-System" wurde aufgrund
 folgenden Fehlers nicht gestartet:  %%1053
 
Error - 05.05.2010 09:51:39 | Computer Name = SEPPL | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Verwaltungsservice
 vom CryproStorage-System.
 
Error - 05.05.2010 09:51:39 | Computer Name = SEPPL | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Verwaltungsservice vom CryproStorage-System" wurde aufgrund
 folgenden Fehlers nicht gestartet:  %%1053
 
Error - 05.05.2010 15:18:44 | Computer Name = SEPPL | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Verwaltungsservice
 vom CryproStorage-System.
 
Error - 05.05.2010 15:18:44 | Computer Name = SEPPL | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Verwaltungsservice vom CryproStorage-System" wurde aufgrund
 folgenden Fehlers nicht gestartet:  %%1053
 
Error - 05.05.2010 17:13:31 | Computer Name = SEPPL | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Verwaltungsservice
 vom CryproStorage-System.
 
Error - 05.05.2010 17:13:31 | Computer Name = SEPPL | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Verwaltungsservice vom CryproStorage-System" wurde aufgrund
 folgenden Fehlers nicht gestartet:  %%1053
 
Error - 06.05.2010 04:46:34 | Computer Name = SEPPL | Source = Service Control Manager | ID = 7009
Description = Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Verwaltungsservice
 vom CryproStorage-System.
 
Error - 06.05.2010 04:46:34 | Computer Name = SEPPL | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Verwaltungsservice vom CryproStorage-System" wurde aufgrund
 folgenden Fehlers nicht gestartet:  %%1053
 
 
< End of report >

FastCore 06.05.2010 12:02
Eset gibt mir keinen LOG ich habe es 1 Stunde und 50 Min durchlaufen lassen Ergebnis 0..Infiziertes.
Brauchst du diesen Log unbedingt? Habe es 2 mal gemacht nichts im ESET ORDNER.



Code:
OTL logfile created on: 06.05.2010 12:36:45 - Run 3
OTL by OldTimer - Version 3.2.4.1    Folder = C:\Dokumente und Einstellungen\FreshOne\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
511,00 Mb Total Physical Memory | 195,00 Mb Available Physical Memory | 38,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 91,47 Gb Total Space | 50,56 Gb Free Space | 55,28% Space Free | Partition Type: NTFS
Drive D: | 91,89 Gb Total Space | 75,99 Gb Free Space | 82,70% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SEPPL
Current User Name: FreshOne
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010.05.03 17:17:29 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\FreshOne\Desktop\OTL.exe
PRC - [2010.04.03 19:30:43 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2010.04.01 13:33:15 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.03.02 11:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.02.18 11:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.09.30 19:58:42 | 000,026,464 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Contacts\wlcomm.exe
PRC - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008.11.24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2007.07.18 16:52:26 | 000,070,144 | ---- | M] (AlcaTech) -- C:\WINDOWS\system32\mmrtkrnl.exe
PRC - [2007.06.19 17:17:39 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007.01.22 17:22:38 | 000,118,784 | ---- | M] (NVIDIA) -- C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe
PRC - [2006.11.03 10:56:14 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmplayer.exe
PRC - [2004.10.07 17:53:06 | 000,131,072 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NvMixer\NvMixerTray.exe
PRC - [2003.08.27 10:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) -- C:\WINDOWS\wanmpsvc.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.05.03 17:17:29 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\FreshOne\Desktop\OTL.exe
MOD - [2008.04.14 04:21:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2006.05.03 23:53:54 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\framedyn.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2010.04.01 13:33:15 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.02.10 22:59:00 | 003,654,060 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009.12.21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) [Auto | Stopped] -- C:\Programme\Gemeinsame Dateien\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
SRV - [2009.08.28 20:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009.08.05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009.05.27 03:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR2) SQL Server (SONY_MEDIAMGR2)
SRV - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008.11.24 22:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008.11.24 22:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008.11.24 22:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008.08.07 11:17:30 | 000,575,488 | ---- | M] (Nokia.) [Disabled | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.01.22 17:22:38 | 000,118,784 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2006.10.23 14:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Disabled | Stopped] -- C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2005.11.15 13:02:04 | 000,061,440 | ---- | M] (T-Online International AG, Marmiko IT-Solutions GmbH) [Disabled | Stopped] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe -- (MZCCntrl)
SRV - [2005.11.01 12:30:46 | 000,172,032 | ---- | M] (T-Systems International GmbH) [Disabled | Stopped] -- C:\Programme\T-Online\DSL-Manager\TODslSvc.exe -- (TODslService)
SRV - [2005.04.04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.08.27 10:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2010.04.11 16:36:12 | 000,007,168 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\utm3otux.sys -- (utm3otux)
DRV - [2010.03.01 10:05:19 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.02.16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.08.05 23:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009.07.23 21:07:40 | 000,006,528 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\jumi.sys -- (jumi)
DRV - [2009.05.11 12:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.11.03 17:22:09 | 000,000,000 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.hs -- (LVUVC) Logitech QuickCam E3500(UVC)
DRV - [2008.11.01 20:44:57 | 000,021,672 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2008.11.01 20:44:57 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2008.10.30 14:41:05 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\system32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008.10.07 14:33:00 | 006,133,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2008.06.06 09:24:44 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.05.21 15:30:28 | 000,486,912 | ---- | M] (                                                            ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SPC530.sys -- (SPC530)
DRV - [2008.05.21 15:30:28 | 000,007,680 | ---- | M] (                                                            ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SPC530m.sys -- (SPC530m)
DRV - [2008.05.07 12:40:04 | 000,088,704 | R--- | M] (Philips Applied Technologies) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\phaudlwr.sys -- (phaudlwr)
DRV - [2008.05.07 07:38:36 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008.05.07 07:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008.05.07 07:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 20:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB-Audiotreiber (WDM)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.07.18 16:52:38 | 000,094,528 | ---- | M] (AlcaTech) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mmrtkrnl.sys -- (MMRTKRNL)
DRV - [2007.05.02 12:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007.05.02 12:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007.05.02 12:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007.03.29 17:33:54 | 000,134,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cam1690.sys -- (CAM1690)
DRV - [2007.02.15 14:14:28 | 000,019,840 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StMp3Rec.sys -- (StMp3Rec)
DRV - [2007.01.22 17:23:20 | 000,006,912 | ---- | M] (NVidia Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\nvoclock.sys -- (NVR0Dev)
DRV - [2006.10.21 11:56:24 | 000,033,824 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\oreans32.sys -- (oreans32)
DRV - [2006.09.18 15:59:08 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)
DRV - [2006.09.18 15:59:02 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)
DRV - [2006.09.18 15:59:00 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)
DRV - [2006.09.18 15:58:58 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)
DRV - [2006.09.18 15:58:54 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)
DRV - [2006.09.18 15:58:52 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)
DRV - [2006.09.18 15:58:48 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)
DRV - [2006.07.20 15:20:09 | 000,027,219 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\GDTdiIcpt.sys -- (GDTdiInterceptor)
DRV - [2006.07.20 15:20:02 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2006.07.19 05:37:26 | 000,324,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\eengine\eectrl.sys -- (eeCtrl)
DRV - [2006.03.13 18:35:28 | 000,079,488 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750obex.sys -- (k750obex)
DRV - [2006.03.13 18:35:26 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2006.03.13 18:35:20 | 000,089,872 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdm.sys -- (k750mdm)
DRV - [2006.03.13 18:35:18 | 000,006,576 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mdfl.sys -- (k750mdfl)
DRV - [2006.03.13 18:35:12 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2005.11.03 16:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.02.11 19:11:32 | 000,016,640 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvcchflt.sys -- (nvcchflt)
DRV - [2005.02.11 19:11:02 | 000,089,856 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvatabus.sys -- (nvatabus)
DRV - [2005.01.15 22:57:40 | 000,006,912 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2004.11.15 23:44:42 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2004.11.15 23:44:38 | 000,033,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2004.10.15 05:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004.09.10 20:02:12 | 000,412,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce) Service for NVIDIA(R) nForce(TM)
DRV - [2004.09.10 19:58:52 | 000,052,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax) Service for NVIDIA(R) nForce(TM)
DRV - [2004.03.01 17:03:34 | 000,016,896 | ---- | M] (Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Marmiko Shared\MAcNdis5.sys -- (MACNDIS5)
DRV - [2003.01.10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2000.10.15 19:38:54 | 000,016,068 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Programme\T-Online\DSL-Manager\Pcandis5.sys -- (PCANDIS5)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60441&qkw="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.04.16 11:06:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.05.04 22:48:26 | 000,000,000 | ---D | M]
 
[2008.11.17 22:14:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\FreshOne\Anwendungsdaten\Mozilla\Extensions
[2010.05.05 23:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\FreshOne\Anwendungsdaten\Mozilla\Firefox\Profiles\i39la197.default\extensions
[2009.09.03 16:12:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\FreshOne\Anwendungsdaten\Mozilla\Firefox\Profiles\i39la197.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.24 11:43:59 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\FreshOne\Anwendungsdaten\Mozilla\Firefox\Profiles\i39la197.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.05.05 23:35:38 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2006.09.07 13:13:00 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.05.04 22:48:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2008.11.11 09:38:54 | 000,663,552 | ---- | M] (BitComet) -- C:\Programme\Mozilla Firefox\plugins\npBitCometAgent.dll
[2006.09.20 03:13:22 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npbittorrent.dll
[2010.05.04 22:48:11 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.02.15 21:46:41 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Programme\Mozilla Firefox\plugins\npPandoWebInst.dll
[2009.10.30 13:50:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2007.07.26 13:05:16 | 000,001,329 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\crawlersrch.xml
[2009.10.30 13:50:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2009.10.30 13:50:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2009.10.30 13:50:38 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2009.10.30 13:50:38 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.04.24 11:03:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [fssui] C:\Programme\Windows Live\Family Safety\fsui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVIDIA nTune] C:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVMixerTray] C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [Realtime Audio Engine] C:\WINDOWS\System32\mmrtkrnl.exe (AlcaTech)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Dokumente und Einstellungen\FreshOne\Startmenü\Programme\Autostart\Ubisoft register.lnk = C:\Programme\Ubisoft\Register\schedule.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (Reg Error: Key error.)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} hxxp://messenger.zone.msn.com/binary/MJSS.cab69309.cab ()
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} hxxp://www.acclaim.com/cabs/acclaim_v5.cab (GameLauncher Control)
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://www.lokalisten.de/iup/ImageUploader4.cab (Image Uploader Control)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} hxxp://www.crucial.com/controls/cpcScanner.cab (Crucial cpcScan)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} hxxp://messenger.zone.msn.com/binary/Bankshot.cab57213.cab (CBreakshotControl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopetslive.com/dev/GoPetsWeb.cab (GoPetsWeb Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\FreshOne\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\FreshOne\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.01.15 22:52:36 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.05.05 13:21:46 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2010.05.04 22:48:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010.05.04 22:48:26 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.05.04 22:48:26 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.05.04 22:48:26 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.05.04 22:48:26 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.05.04 22:48:25 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.05.04 22:46:41 | 000,922,400 | ---- | C] (Sun Microsystems, Inc.) -- C:\Dokumente und Einstellungen\FreshOne\Desktop\jre-6u20-windows-i586-iftw-rv.exe
[2010.05.04 22:33:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\FreshOne\Desktop\Neuer Ordner
[2010.05.04 22:05:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.05.04 22:05:23 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.05.04 22:05:23 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.05.04 22:03:33 | 006,153,352 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Dokumente und Einstellungen\FreshOne\Eigene Dateien\mbam-setup.exe
[2010.05.04 12:34:02 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\FreshOne\IECompatCache
[2010.05.04 12:33:34 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\FreshOne\PrivacIE
[2010.05.04 12:30:31 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\FreshOne\IETldCache
[2010.05.04 12:27:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2010.05.04 12:25:58 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010.05.04 12:21:10 | 017,010,016 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\FreshOne\Desktop\IE8-WindowsXP-x86-DEU.exe
[2010.05.03 22:27:21 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.05.03 17:17:28 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\FreshOne\Desktop\OTL.exe
[2010.05.01 19:21:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\FreshOne\Anwendungsdaten\InstallShield
[2010.04.24 16:53:27 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\FreshOne\Desktop\Logs
[2010.04.24 16:31:56 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\FreshOne\Recent
[2010.04.24 11:21:51 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.04.24 10:42:11 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.04.24 10:40:49 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.04.24 10:40:49 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.04.24 10:40:49 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.04.24 10:40:49 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.04.23 13:30:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010.04.23 13:26:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\FreshOne\Anwendungsdaten\Avira
[2010.04.22 14:28:41 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010.04.22 14:21:06 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2010.04.22 14:21:05 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.04.22 14:21:05 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2010.04.22 14:21:05 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2010.04.22 14:21:05 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2010.04.22 14:21:05 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.04.22 14:21:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2010.04.17 19:48:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010.04.16 11:51:46 | 000,000,000 | ---D | C] -- C:\Programme\Jumi
[2010.04.10 13:57:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.04.10 13:19:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.04.08 23:10:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\FreshOne\Anwendungsdaten\Malwarebytes
[2010.04.08 20:11:25 | 083,704,128 | ---- | C] (Emsi Software GmbH                                          ) -- C:\Dokumente und Einstellungen\FreshOne\Eigene Dateien\a2FreeSetup27.exe
[2010.04.08 19:17:43 | 000,000,000 | ---D | C] -- C:\Programme\Defraggler
[2010.04.08 18:20:53 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.04.08 16:51:17 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\FreshOne\Desktop\Anti Virus
[2010.04.08 02:36:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2008.11.03 18:38:40 | 000,486,912 | ---- | C] (                                                            ) -- C:\WINDOWS\System32\drivers\SPC530.sys
[2008.11.03 18:38:40 | 000,007,680 | ---- | C] (                                                            ) -- C:\WINDOWS\System32\drivers\SPC530m.sys
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.05.06 12:23:33 | 000,200,819 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.05.06 12:23:05 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.06 12:23:02 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.06 12:03:02 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.06 10:45:47 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.06 10:45:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.06 10:45:25 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.06 00:12:26 | 010,747,904 | -H-- | M] () -- C:\Dokumente und Einstellungen\FreshOne\NTUSER.DAT
[2010.05.06 00:12:26 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\FreshOne\ntuser.ini
[2010.05.05 23:23:40 | 001,702,089 | ---- | M] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\Foto022.jpg
[2010.05.05 23:23:37 | 001,716,732 | ---- | M] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\Foto024.jpg
[2010.05.05 23:22:21 | 001,946,140 | ---- | M] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\Foto004.jpg
[2010.05.05 13:21:20 | 002,672,312 | ---- | M] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\esetsmartinstaller_enu.exe
[2010.05.04 22:48:11 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.05.04 22:48:11 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.05.04 22:48:11 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.05.04 22:48:11 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.05.04 22:48:11 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.05.04 22:46:41 | 000,922,400 | ---- | M] (Sun Microsystems, Inc.) -- C:\Dokumente und Einstellungen\FreshOne\Desktop\jre-6u20-windows-i586-iftw-rv.exe
[2010.05.04 22:05:28 | 000,000,680 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.04 22:03:40 | 006,153,352 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Dokumente und Einstellungen\FreshOne\Eigene Dateien\mbam-setup.exe
[2010.05.04 12:39:48 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.05.04 12:21:34 | 017,010,016 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\FreshOne\Desktop\IE8-WindowsXP-x86-DEU.exe
[2010.05.03 22:27:34 | 001,216,760 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.05.03 22:27:34 | 000,511,310 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.05.03 22:27:34 | 000,492,578 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.05.03 22:27:34 | 000,105,524 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.05.03 22:27:34 | 000,091,586 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.05.03 17:17:29 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\FreshOne\Desktop\OTL.exe
[2010.05.03 16:11:23 | 000,000,256 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.05.03 15:58:27 | 003,926,394 | R--- | M] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\ComboFix.exe
[2010.05.02 20:25:26 | 000,001,325 | ---- | M] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\Some Shit.lnk
[2010.05.01 18:04:45 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\eRLog.ini
[2010.04.30 13:22:47 | 000,015,312 | ---- | M] () -- C:\WINDOWS\System32\oodbs.lor
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010.04.24 11:03:23 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.04.24 10:42:22 | 000,000,460 | RHS- | M] () -- C:\boot.ini
[2010.04.23 14:45:43 | 000,001,470 | ---- | M] () -- C:\Dokumente und Einstellungen\FreshOne\Anwendungsdaten\wklnhst.dat
[2010.04.22 13:49:46 | 000,054,624 | ---- | M] () -- C:\WINDOWS\System32\1c616.sys
[2010.04.22 13:49:43 | 002,335,270 | ---- | M] () -- C:\WINDOWS\System32\b9915.mht
[2010.04.11 16:36:12 | 000,007,168 | ---- | M] () -- C:\WINDOWS\System32\drivers\utm3otux.sys
[2010.04.11 12:00:10 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.04.08 20:11:33 | 083,704,128 | ---- | M] (Emsi Software GmbH                                          ) -- C:\Dokumente und Einstellungen\FreshOne\Eigene Dateien\a2FreeSetup27.exe
[2010.04.08 19:12:24 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.04.08 17:06:46 | 000,001,081 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.04.08 17:06:46 | 000,000,389 | ---- | M] () -- C:\Boot.bak
[2010.04.08 00:12:08 | 042,341,360 | ---- | M] () -- C:\Dokumente und Einstellungen\FreshOne\Eigene Dateien\avira_antivir_personal10_de.exe
[2010.04.06 17:58:35 | 000,001,378 | ---- | M] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\Ardit´s Master Music VK.lnk
[3 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.05.05 23:22:54 | 001,702,089 | ---- | C] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\Foto022.jpg
[2010.05.05 23:22:51 | 001,716,732 | ---- | C] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\Foto024.jpg
[2010.05.05 23:21:50 | 001,946,140 | ---- | C] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\Foto004.jpg
[2010.05.05 13:21:17 | 002,672,312 | ---- | C] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\esetsmartinstaller_enu.exe
[2010.05.04 22:05:28 | 000,000,680 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.04 12:27:02 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2010.05.03 15:55:45 | 003,926,394 | R--- | C] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\ComboFix.exe
[2010.04.25 10:18:48 | 000,015,312 | ---- | C] () -- C:\WINDOWS\System32\oodbs.lor
[2010.04.24 23:08:15 | 000,001,582 | ---- | C] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\Mozilla Firefox.lnk
[2010.04.24 10:42:22 | 000,000,389 | ---- | C] () -- C:\Boot.bak
[2010.04.24 10:42:14 | 000,262,448 | ---- | C] () -- C:\cmldr
[2010.04.24 10:40:49 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.04.24 10:40:49 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.04.24 10:40:49 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.04.24 10:40:49 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.04.24 10:40:49 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.04.22 13:49:46 | 000,054,624 | ---- | C] () -- C:\WINDOWS\System32\1c616.sys
[2010.04.22 13:49:43 | 002,335,270 | ---- | C] () -- C:\WINDOWS\System32\b9915.mht
[2010.04.10 16:11:37 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\utm3otux.sys
[2010.04.08 00:11:50 | 042,341,360 | ---- | C] () -- C:\Dokumente und Einstellungen\FreshOne\Eigene Dateien\avira_antivir_personal10_de.exe
[2010.04.06 18:17:29 | 000,001,325 | ---- | C] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\Some Shit.lnk
[2010.04.06 17:56:56 | 000,001,378 | ---- | C] () -- C:\Dokumente und Einstellungen\FreshOne\Desktop\Ardit´s Master Music VK.lnk
[2010.01.21 20:50:29 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI
[2009.10.28 03:02:56 | 000,000,065 | ---- | C] () -- C:\WINDOWS\FISHUI.INI
[2009.09.14 12:40:46 | 000,051,712 | ---- | C] () -- C:\WINDOWS\System32\coodest.dll
[2009.07.09 16:39:07 | 000,473,600 | ---- | C] () -- C:\WINDOWS\System32\Harmony.dll
[2009.07.09 16:39:07 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\Unlha32.dll
[2008.11.14 17:50:28 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2008.11.14 17:50:28 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2008.11.07 23:33:46 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008.10.30 14:10:06 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008.10.07 14:33:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.10.07 14:33:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.10.07 14:33:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.10.07 14:33:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.10.07 14:33:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.06.11 10:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.06.11 10:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.06.11 10:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.06.11 10:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.06.11 10:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.06.11 10:02:34 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.06.11 10:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.06.11 10:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.06.11 10:02:32 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.06.05 09:58:26 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.03.29 17:23:21 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2008.03.08 19:27:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WB.ini
[2008.02.08 19:40:29 | 000,000,031 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2008.02.08 19:38:20 | 000,058,776 | ---- | C] () -- C:\WINDOWS\System32\ijjiPlugin2.dll
[2007.12.20 16:47:37 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.12.20 15:12:44 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\spacklsp.dll
[2007.12.20 14:59:13 | 000,000,211 | ---- | C] () -- C:\WINDOWS\uno.ini
[2007.12.20 14:59:08 | 000,287,744 | ---- | C] () -- C:\WINDOWS\uno364mi.dll
[2007.12.20 14:59:08 | 000,109,568 | ---- | C] () -- C:\WINDOWS\vos364mi.dll
[2007.12.20 14:59:08 | 000,091,648 | ---- | C] () -- C:\WINDOWS\osl364mi.dll
[2007.10.23 18:22:28 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007.10.22 18:28:21 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2007.10.22 18:28:21 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007.08.26 16:44:01 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2007.04.28 16:48:14 | 001,936,528 | ---- | C] () -- C:\WINDOWS\System32\ltmm15.dll
[2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2007.03.29 16:33:54 | 000,134,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\cam1690.sys
[2007.03.28 19:26:10 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\cam1690.dll
[2007.01.10 00:59:52 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2006.10.21 11:56:24 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2006.10.21 11:51:54 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006.10.21 11:51:54 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006.09.10 19:56:46 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Gnucleus.INI
[2006.07.20 15:20:09 | 000,052,858 | ---- | C] () -- C:\WINDOWS\System32\interceptor.sys
[2006.07.20 15:20:09 | 000,027,219 | ---- | C] () -- C:\WINDOWS\System32\drivers\GDTdiIcpt.sys
[2006.07.06 13:01:43 | 000,002,278 | ---- | C] () -- C:\WINDOWS\System32\eRLog.ini
[2006.07.05 13:49:17 | 000,000,391 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006.04.27 10:24:24 | 000,471,552 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2006.02.25 17:29:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSDraw.ini
[2005.12.21 18:50:11 | 000,000,784 | ---- | C] () -- C:\WINDOWS\NTIWVEDT.INI
[2005.12.04 18:55:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\JCMkr32.INI
[2005.11.17 18:29:22 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005.09.09 19:18:10 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Missing.ini
[2005.08.26 19:17:39 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDEC64Euro.ini
[2005.07.08 15:55:34 | 000,000,083 | ---- | C] () -- C:\WINDOWS\ALAUNCH.INI
[2005.06.21 22:37:42 | 000,045,568 | RHS- | C] () -- C:\WINDOWS\System32\cygz.dll
[2005.01.16 20:50:12 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.01.15 22:57:38 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\ntiembed.dll
[2005.01.15 22:57:05 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2005.01.15 22:57:05 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK32.dll
[2005.01.15 22:54:48 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005.01.15 22:50:22 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003.12.31 15:25:23 | 000,061,952 | ---- | C] () -- C:\WINDOWS\System32\ajnetmask.dll
[2003.12.25 22:21:16 | 000,087,040 | ---- | C] () -- C:\WINDOWS\System32\TrayIcon12.dll
[2001.12.26 16:12:30 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 498 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
@Alternate Data Stream - 110 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:888AFB86
@Alternate Data Stream - 104 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
@Alternate Data Stream - 101 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:661DFA1C
< End of report >

Larusso 06.05.2010 14:06
Logfile ist sauber :daumenhoc

Hier noch die letzten paar Schritte zur Säuberung Deines Rechners.

Schritt 1

Deinstalliere bitte deine aktuelle Version von Adobe Reader
Start--> Systemsteuerung--> Software--> Adobe Reader
und lade dir die neue Version von Hier herunter
Als alternative würde ich dir den schlankeren Foxit Reader empfehlen :)


Schritt 2

Combofix deinstallieren

Bitte vor der folgenden Aktion wieder temporär Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.

Start => Ausführen (bei Vista (Windows-Taste + R) => dort reinschreiben ComboFix /uninstall => Enter drücken - damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert, damit auch auch dieser die Schädlinge verschwinden.

Nun die eben deaktivierten Programme wieder aktivieren.


Schritt 3

Tool CleanUp

Starte bitte die OTL.exe.
Klicke nun auf den CleanUp Button. Dies wird die meisten Tools und Logfiles entfernen.
Sollte denoch etwas bestehen bleiben, bitte manuell entfernen sowie den Papierkorb leeren.


Schritt 4

Automatische Updates

Sehen wir nach ob die Updates für Windows sich automatisch downloaden. Das ist der beste Weg um all die Sicherheits- Patches und Fixes zu erhalten.

Windows + R Taste drücken. Kopiere nun folgenden Text in die Kommandozeile

RunDll32.exe shell32.dll,Control_RunDLL wscui.cpl

und klicke auf OK.
Stelle sicher das die automatischen Updates aktiviert sind.

Schritt 5

Um Dich für die Zukunft vor weiteren Infizierungen zu schützen empfehle ich Dir noch ein paar Programme.
  • SpywareBlaster
    Ein Tutorial zur Verwendung findest Du Hier

  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
    Hinweis: MBAM ersetzt keine Anti- Viren- Software.

  • Temp File Cleaner
    TFC ist ein wirklich starkes Tool zum entfernen von Temp Dateien vom IE und WIndows, leert den Papierkorb und noch viel mehr.
    Ausserdem hilft es Deinen Computer zu beschleunigen.
    Du kannst Dir TFC ( by OldTimer ) hier downloaden.

  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.

  • Halte Dein System aktuell
    Ich kann gar nicht oft genug betonen, wie wichtig es ist, dass der PC auf dem aktuellsten Stand der Dinge ist.
    Es werden oft genug Sicherheitslücken in Windows eigenen Anwendungen gefunden. Diese "Löcher" gehören entfernt, weil Angreifer diese womöglich nutzen um unauthorisiert auf Dein System zu zugreifen.
    Jeden zweiten Dienstag im Monat ist Update Tag. Besuche bitte dazu die Microsoft Update Seite.

  • Halte Deine Software aktuell
    Der einfachste Weg dafür ist der Secunia Online Software.


Schritt 6

Tipps für sicheres Surfen

Das sind meine Vorschläge.
Verwende einen alternativen Browser statt den IE.
Ich empfehle Mozilla Firefox.

Für Firefox gibt es verschiedenste AddOns um sicher durch das WWW zu kommen.
  • NoScript
    Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.

  • AdblockPlus
    Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
    Es spart ausserdem Downloadkapazität.

  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

FastCore 06.05.2010 17:00
Okay habe nun alles gemacht:Boogie:

Ich möchte mich bei dir herzlich bedanken das du dir Zeit genommen hast mein Problem zu lösen vielen vielen dank!!!:party:

Kannst es aus deinen Abos löschen.

Mfg
FastCore

Trojaner-Board FTW!!!!!!!!!!!!!!!


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:54 Uhr.
Seite 4 von 4 « Erste 23 4
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19