Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
OTL Auswertung: Hatte mehrere Trojana!

OTL Auswertung: Hatte mehrere Trojana!


Log-Analyse und Auswertung: OTL Auswertung: Hatte mehrere Trojana!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 04.06.2011, 14:26   #1
ManderBB
 
OTL Auswertung: Hatte mehrere Trojana! - Standard

OTL Auswertung: Hatte mehrere Trojana!


Ich hatte vor kurzem mehrere Trojana auf meinem PC und hatte eig. auch alle entfernt, laut Antivir und co. Aber trotzdem werde ich im Internet immer auf falsche seiten weitergeleitet und möchte jetzt gern wissen woran es liegt.
Vielen Dank im Vorraus!!

OTL Logfile:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04.06.2011 14:45:26 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = c:\Users\XXXX\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 0000000 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,14 Gb Available Physical Memory | 7,02% Memory free
3,40 Gb Paging File | 1,13 Gb Available in Paging File | 33,31% Paging File free
Paging file location(s): c:\pagefile.sys 1500 2500 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 243,91 Gb Total Space | 153,91 Gb Free Space | 63,10% Space Free | Partition Type: NTFS
Drive D: | 221,85 Gb Total Space | 221,75 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
 
Computer Name: YYYY | User Name: XXXXX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Benedikt\Downloads\solutoinstaller121190.exe (Soluto Inc)
PRC - c:\Users\Benedikt\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files\Soluto\SolutoService.exe (Soluto)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avscan.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Google\Update\1.3.21.53\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\Defrag.exe (Microsoft Corp.)
PRC - C:\Windows\System32\DfrgNtfs.exe (Microsoft Corp.)
PRC - C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\FixCamera.exe ()
PRC - C:\Windows\vsnpstd3.exe ()
PRC - C:\Windows\tsnpstd3.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - c:\Users\Benedikt\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SolutoService) -- C:\Program Files\Soluto\SolutoService.exe (Soluto)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
SRV - (iprip) -- C:\Windows\System32\iprip.dll (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
SRV - (LckFldService) -- C:\Windows\System32\LckFldService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (Soluto) -- C:\Windows\system32\DRIVERS\Soluto.sys (Soluto LTD.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (LGVMODEM) -- C:\Windows\System32\drivers\lgvmodem.sys (LG Electronics Inc.)
DRV - (LgBttPort) -- C:\Windows\System32\drivers\lgbtport.sys (LG Electronics Inc.)
DRV - (lgbusenum) -- C:\Windows\System32\drivers\lgbtbus.sys (LG Electronics Inc.)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (SSHDRV5C) -- C:\Windows\System32\drivers\SSHDRV5C.sys ()
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\System32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (VtcDrv) -- C:\Windows\System32\drivers\vtcdrv.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (JRAID) -- C:\Windows\system32\DRIVERS\jraid.sys (JMicron Technology Corp.)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()
DRV - (JGOGO) -- C:\Windows\system32\DRIVERS\JGOGO.sys (JMicron )
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {3d684ca7-5d30-4a7e-9768-e17df98df80f} - C:\Program Files\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {667f86f1-c684-4aba-97a5-be7d02ea5156} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.pp2345.com/?1
IE - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "ToggleEN Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2077543&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/"
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.27.0
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..extensions.enabledItems: {542e4d79-1970-4e95-9862-fdb96f61b280}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: webmynd@yourentirelife.com:1.3
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.5
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.2.2
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.87
FF - prefs.js..extensions.enabledItems: toolbar@web.de:1.4
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..extensions.enabledItems: fbdislike@doweb.fr:1.2.2
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..extensions.enabledItems: battlefieldplay4free@ea.com:1.0.53.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?babsrc=toolbar2&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.28 21:46:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\toolbar@web.de: C:\Program Files\WEB.DE Toolbar IE8\Firefox\WEBDE_toolbar [2010.12.29 21:12:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.29 14:29:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.04.27 11:21:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.28 21:46:21 | 000,000,000 | ---D | M]
 
[2008.09.06 16:42:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Extensions
[2011.06.03 21:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions
[2011.05.06 22:44:45 | 000,000,000 | ---D | M] (ToggleEN Community Toolbar) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}
[2011.05.27 21:14:49 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2011.05.27 21:14:55 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010.06.26 13:53:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.05.06 22:44:46 | 000,000,000 | ---D | M] (IsoBuster Community Toolbar) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{266fcdca-7bb3-4da7-b3bf-f845dea2ebd6}
[2009.04.21 14:37:38 | 000,000,000 | ---D | M] (P2P MAX DE Atube Toolbar) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{667f86f1-c684-4aba-97a5-be7d02ea5156}
[2011.05.06 22:44:47 | 000,000,000 | ---D | M] (Eazel-DE Community Toolbar) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{69b6939f-c70d-45c5-9bbd-e2e2cc3dd8e5}
[2011.04.28 14:17:55 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2011.05.24 21:17:01 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.28 14:17:57 | 000,000,000 | ---D | M] (ZoneAlarm-Sicherheit Community Toolbar) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}
[2011.05.10 21:15:52 | 000,000,000 | ---D | M] (New Tab King) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\{FC5BAC7D-D696-4ba6-B913-CF8F000C33DF}
[2009.11.09 19:19:57 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\battlefieldheroespatcher@ea.com
[2011.04.17 22:39:07 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\battlefieldplay4free@ea.com
[2011.05.06 22:44:45 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\engine@conduit.com
[2011.04.29 15:03:48 | 000,000,000 | ---D | M] (FDislike) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\fbdislike@doweb.fr
[2010.12.30 00:08:11 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\ffxtlbr@Facemoods.com
[2009.09.16 19:05:00 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\moveplayer@movenetworks.com
[2011.04.27 13:22:26 | 000,000,000 | ---D | M] (Cooliris) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\piclens@cooliris.com
[2011.04.29 20:00:08 | 000,000,000 | ---D | M] (The Search Sidebar) -- C:\Users\Benedikt\AppData\Roaming\mozilla\Firefox\Profiles\8y35hulk.default\extensions\webmynd@yourentirelife.com
[2009.06.11 14:56:44 | 000,001,681 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\ask.uk.xml
[2011.05.07 15:01:30 | 000,002,387 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\askcom.xml
[2011.03.21 16:33:36 | 000,000,919 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\conduit.xml
[2009.07.14 17:34:38 | 000,000,687 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icq-search.xml
[2009.07.23 13:27:08 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-1.xml
[2010.04.09 22:17:52 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-10.xml
[2010.05.07 17:39:00 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-11.xml
[2010.06.27 18:17:27 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-12.xml
[2010.07.22 15:05:49 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-13.xml
[2010.07.26 17:13:30 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-14.xml
[2010.09.09 17:39:52 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-15.xml
[2010.09.17 20:15:27 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-16.xml
[2010.10.09 19:14:26 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-17.xml
[2010.10.22 20:37:58 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-18.xml
[2010.10.29 20:08:42 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-19.xml
[2009.08.06 19:45:51 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-2.xml
[2010.12.12 20:00:33 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-20.xml
[2011.03.04 20:33:41 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-21.xml
[2011.03.05 21:27:56 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-22.xml
[2011.03.25 21:20:22 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-23.xml
[2009.09.14 13:44:08 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-3.xml
[2009.10.30 19:56:44 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-4.xml
[2009.12.18 19:18:14 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-5.xml
[2010.01.07 19:31:21 | 000,000,961 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-6.xml
[2010.01.07 20:00:09 | 000,000,961 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-7.xml
[2010.03.12 17:00:33 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-8.xml
[2010.03.12 21:13:48 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin-9.xml
[2009.07.14 17:52:36 | 000,000,950 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\icqplugin.xml
[2009.02.06 15:29:11 | 000,001,632 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\live-search.xml
[2010.01.05 20:42:25 | 000,002,037 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\Mozilla\Firefox\Profiles\8y35hulk.default\searchplugins\myvideo-suche-.xml
[2011.04.27 00:29:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.07.14 16:07:25 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.10.18 16:05:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.03.02 23:03:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- 
() (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{20CC25E2-48C9-45E1-9A1F-1CCC1882B81B}.XPI
() (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.XPI
() (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
() (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
() (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
() (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM.XPI
() (No name found) -- C:\USERS\BENEDIKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8Y35HULK.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2011.04.29 14:29:33 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.03.25 21:26:40 | 000,002,428 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.10 17:00:26 | 000,002,035 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchDpg.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
Hosts file not found
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Messenger Plus DE Toolbar) - {3d684ca7-5d30-4a7e-9768-e17df98df80f} - C:\Program Files\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.)
O2 - BHO: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (WEB.DE Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE Toolbar IE8\uitb.dll (1und1 Mail und Media GmbH)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (FreeRIP.com Toolbar) - {081230F8-EA50-42A9-983C-D22ABC2EED3B} - C:\Program Files\FreeRIP3\toolband.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus DE Toolbar) - {3d684ca7-5d30-4a7e-9768-e17df98df80f} - C:\Program Files\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TorrentMan Toolbar) - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (WEB.DE Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE Toolbar IE8\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Messenger Plus DE Toolbar) - {3D684CA7-5D30-4A7E-9768-E17DF98DF80F} - C:\Program Files\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (TorrentMan Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE Toolbar IE8\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Messenger Plus DE Toolbar) - {3D684CA7-5D30-4A7E-9768-E17DF98DF80F} - C:\Program Files\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (TorrentMan Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE Toolbar IE8\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\..\Toolbar\WebBrowser: (Messenger Plus DE Toolbar) - {3D684CA7-5D30-4A7E-9768-E17DF98DF80F} - C:\Program Files\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\..\Toolbar\WebBrowser: (TorrentMan Toolbar) - {7C5C0F58-E061-457D-9033-77307F5ED00C} - C:\Program Files\TorrentMan\tbTorr.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE Toolbar IE8\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Auto Updater] C:\Users\Dominik\AppData\Roaming\Adobe Systems\Updater.exe (Assembly Company)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [FixCamera] C:\Windows\FixCamera.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\JM\JMInsIDE.exe ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003..\Run: [EA Core] File not found
O4 - HKU\S-1-5-21-3605460608-1570736370-2400408289-1003..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Benedikt\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE Toolbar IE8\uitb.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)
O20 - Winlogon\Notify\avldr: DllName - avldr.dll - File not found
O24 - Desktop WallPaper: C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O24 - Desktop BackupWallPaper: C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{863cc5d0-ee4c-11de-b34b-94009b9415cf}\Shell - "" = AutoRun
O33 - MountPoints2\{863cc5d0-ee4c-11de-b34b-94009b9415cf}\Shell\AutoRun\command - "" = F:\USBAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.06.04 14:42:42 | 000,051,144 | ---- | C] (Soluto LTD.) -- C:\Windows\System32\drivers\Soluto.sys
[2011.06.04 14:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soluto
[2011.06.04 14:42:20 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto
[2011.06.04 14:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Soluto
[2011.06.04 14:04:54 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{5B071611-310B-432E-ABDC-A9AB895B69D2}
[2011.06.03 22:57:15 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quick Memory Editor
[2011.06.03 22:57:14 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Memory Editor
[2011.06.03 22:43:57 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\Desktop\Neuer Ordner
[2011.06.03 22:32:46 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\LogMeIn Hamachi
[2011.06.03 22:32:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.06.03 22:32:28 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011.06.03 21:53:40 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{232AAEB9-3F19-4C9C-924F-D021C018B59E}
[2011.06.02 14:13:49 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{C538E08D-53C0-4F12-827B-C620225562E4}
[2011.06.02 00:28:01 | 000,000,000 | R--D | C] -- C:\Users\Benedikt\Documents\Notes
[2011.06.01 16:19:39 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{186A195A-D48C-407F-B83A-D1F9AE2B264A}
[2011.05.31 20:39:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011.05.31 20:39:23 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.5
[2011.05.31 20:39:16 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.05.31 16:02:29 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{52BEA093-203E-47D0-8227-C26CA02797F3}
[2011.05.30 16:20:30 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{9DD8C660-11E1-41A4-BA70-2347818A6048}
[2011.05.29 16:09:39 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\go
[2011.05.29 16:09:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO
[2011.05.29 14:57:04 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MCEdit
[2011.05.29 14:57:03 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\MCEdit
[2011.05.29 13:59:20 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{B0D23ED5-B1C2-426D-BF77-3CC90BD8F41C}
[2011.05.28 12:54:19 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{D63434EE-73C5-4FC1-86DD-368B73E06CED}
[2011.05.27 20:07:55 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\Desktop\INVedit
[2011.05.27 18:32:31 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\.minecraft
[2011.05.27 18:07:28 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{A9EE99C7-1907-4803-9326-16E49DDFB322}
[2011.05.25 18:16:06 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{13D7AD5B-81EB-49A5-A9CB-615D30DBCA2D}
[2011.05.24 21:17:00 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.24 21:16:56 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\Documents\DVDVideoSoft
[2011.05.24 21:16:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Plasmoo
[2011.05.24 15:18:12 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\Synthesia
[2011.05.24 15:16:28 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\Documents\Synthesia Music
[2011.05.24 15:16:28 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Synthesia
[2011.05.24 15:16:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia
[2011.05.24 15:16:28 | 000,000,000 | ---D | C] -- C:\Program Files\Synthesia
[2011.05.24 14:28:05 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{31E1BA75-D5D9-4B7C-B915-9E6FBF835792}
[2011.05.23 21:27:37 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{BDD11EA8-5EC1-429E-AC8C-1C995FE57ABF}
[2011.05.20 18:54:12 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{6BDBF7BF-8791-4FE2-A6F2-BF46BC876162}
[2011.05.19 21:29:07 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{BD7AABC9-8C81-4D01-BB25-6EFC709FFAE2}
[2011.05.19 09:28:37 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{8405B74A-3C26-4405-A65D-098B31361D51}
[2011.05.18 19:52:37 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{A91F1B40-4A88-46F9-8205-0C9A179ACCCD}
[2011.05.17 20:10:02 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{EEC3BB88-0B43-42C1-86A5-182BD3023DBE}
[2011.05.16 17:42:03 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{68B48F01-B36B-4226-93F0-831E161A50A0}
[2011.05.15 20:17:10 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{1F0D4996-006F-4928-90C1-1F713F2071FF}
[2011.05.14 23:58:15 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{5D1EC073-DF98-418A-8E6A-64BA8CBAD440}
[2011.05.14 19:30:10 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\Avira
[2011.05.14 11:57:47 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{8A8506B9-D967-4ADD-8C85-BA78B71764B8}
[2011.05.13 21:03:50 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{3CAC3425-7222-4AC2-9A63-6E9902F2F7F7}
[2011.05.12 19:08:09 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{BAA71C81-9900-4BDB-9F1D-D0F3129DE6F2}
[2011.05.11 18:52:07 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{DC2437DA-F314-428E-B382-4E59C4A56827}
[2011.05.10 15:05:02 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{0996B5B2-E701-40A6-9587-B5208E446739}
[2011.05.09 20:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2011.05.09 20:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2011.05.09 20:37:40 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeUndelete
[2011.05.09 20:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\FreeUndelete
[2011.05.09 18:03:14 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{8E2ECB1D-2E69-4545-BFAF-FB309BD881EE}
[2011.05.08 19:29:58 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{F327A41E-B1FC-41D6-86E5-283FA4E152F3}
[2011.05.07 22:53:11 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{2DB5DA68-BFEB-4DEC-BBF9-924D74C4FF29}
[2011.05.07 15:43:24 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\PMB Files
[2011.05.07 10:50:37 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{4FD4258E-A488-4D03-A4D2-05713E44B983}
[2011.05.06 14:35:12 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{FAD1A9C8-D1F7-4ADB-AFA9-E7348E657B86}
[2011.05.05 21:14:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\System Restore
[2011.05.05 16:17:21 | 000,000,000 | ---D | C] -- C:\Users\Benedikt\AppData\Local\{571635D9-1C82-4762-B33D-CACC9B8A1A03}
[2011.01.06 20:34:17 | 000,155,648 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd3.dll
[2011.01.06 20:34:17 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2011.01.06 20:34:16 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[2011.01.06 20:34:16 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll
 
========== Files - Modified Within 30 Days ==========
 
[2011.06.04 14:56:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{27137807-3851-40E5-9D8C-200A1B35CDF4}.job
[2011.06.04 14:55:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0520E69E-26D8-498C-AD66-71E332F376E7}.job
[2011.06.04 14:52:14 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{ED4DC7F5-282E-427F-9EFC-EFF316DF019B}.job
[2011.06.04 14:48:48 | 000,000,098 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.06.04 14:45:23 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.06.04 14:45:06 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.04 14:05:18 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.06.04 14:03:07 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011.06.04 14:03:03 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\SLOW-PCfighter-Dominik-Startup.job
[2011.06.04 14:02:38 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.04 14:02:38 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.04 14:02:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.04 14:02:28 | 2145,968,128 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.01 15:34:42 | 000,051,144 | ---- | M] (Soluto LTD.) -- C:\Windows\System32\drivers\Soluto.sys
[2011.05.31 20:39:16 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.05.29 18:22:48 | 000,001,356 | ---- | M] () -- C:\Users\Benedikt\AppData\Local\d3d9caps.dat
[2011.05.24 15:16:28 | 000,001,716 | ---- | M] () -- C:\Users\Benedikt\Desktop\Play Synthesia.lnk
[2011.05.20 19:28:47 | 000,000,041 | ---- | M] () -- C:\Users\Benedikt\AppData\Roaming\vispa.ini
[2011.05.19 12:11:00 | 000,674,316 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.19 12:11:00 | 000,634,694 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.19 12:11:00 | 000,140,212 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.19 12:11:00 | 000,115,894 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.07 17:08:17 | 000,000,025 | ---- | M] () -- C:\Windows\SIERRA.INI
[2011.05.07 12:16:15 | 000,000,404 | ---- | M] () -- C:\Users\Benedikt\Desktop\Neuer Ordner.rar
 
========== Files Created - No Company Name ==========
 
[2011.06.04 14:48:48 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.06.02 14:32:07 | 2145,968,128 | -HS- | C] () -- C:\hiberfil.sys
[2011.05.29 16:09:40 | 000,001,603 | ---- | C] () -- C:\Users\Benedikt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play games (EasyBits GO).lnk
[2011.05.27 18:30:42 | 000,232,501 | ---- | C] () -- C:\Users\Benedikt\Desktop\Minecraft.exe
[2011.05.24 15:20:03 | 000,001,716 | ---- | C] () -- C:\Users\Benedikt\Desktop\Play Synthesia.lnk
[2011.05.20 19:27:56 | 000,000,041 | ---- | C] () -- C:\Users\Benedikt\AppData\Roaming\vispa.ini
[2011.05.07 12:16:15 | 000,000,404 | ---- | C] () -- C:\Users\Benedikt\Desktop\Neuer Ordner.rar
[2011.02.21 19:57:42 | 000,036,892 | ---- | C] () -- C:\Windows\System32\bassmod.dll
[2011.01.06 20:34:22 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2011.01.06 20:34:19 | 000,835,584 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2011.01.06 20:34:19 | 000,270,336 | ---- | C] () -- C:\Windows\tsnpstd3.exe
[2011.01.06 20:34:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2010.12.29 21:57:15 | 000,036,864 | ---- | C] () -- C:\Windows\System32\LckFldService.exe
[2010.12.07 20:20:21 | 000,210,944 | ---- | C] () -- C:\Windows\System32\msvcrt10.dll
[2010.12.07 20:20:21 | 000,005,515 | ---- | C] () -- C:\Windows\fmachine.ini
[2010.11.11 22:06:35 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.11.11 18:48:08 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.04.16 19:06:03 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010.04.02 22:27:58 | 008,676,883 | ---- | C] () -- C:\Windows\System32\mp3Media2.dll
[2010.04.02 22:17:19 | 000,001,074 | ---- | C] () -- C:\ProgramData\ss.ini
[2010.04.02 22:17:03 | 000,000,033 | ---- | C] () -- C:\ProgramData\{081230F8-EA50-42A9-983C-D22ABC2EED3B}.ini
[2010.03.29 22:03:04 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.03.29 22:03:04 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.01.31 20:12:00 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009.12.21 19:42:13 | 000,221,291 | ---- | C] () -- C:\Windows\Imei_dll.dll
[2009.12.21 19:42:13 | 000,040,960 | ---- | C] () -- C:\Windows\Sublock.dll
[2009.11.16 18:33:38 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009.11.09 19:49:25 | 000,138,264 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.11.09 19:49:25 | 000,138,056 | ---- | C] () -- C:\Users\Benedikt\AppData\Roaming\PnkBstrK.sys
[2009.11.09 19:49:10 | 000,234,768 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009.11.09 19:49:09 | 002,395,944 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2009.11.09 19:49:09 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009.09.26 13:08:01 | 000,000,164 | ---- | C] () -- C:\Windows\G403ph_K.INI
[2009.09.24 16:34:54 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.24 16:34:54 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll
[2009.04.21 15:23:26 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.03.07 10:05:13 | 000,001,356 | ---- | C] () -- C:\Users\Benedikt\AppData\Local\d3d9caps.dat
[2009.02.28 22:40:25 | 000,000,034 | -H-- | C] () -- C:\Windows\System32\Converter_sysquict.dat
[2009.02.28 22:40:04 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.02.28 22:40:02 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009.02.28 22:40:02 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.02.28 22:40:01 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.01.26 18:22:38 | 000,004,096 | -H-- | C] () -- C:\Users\Benedikt\AppData\Local\keyfile3.drm
[2009.01.01 20:59:31 | 000,034,816 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV5C.sys
[2008.12.25 20:24:18 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2008.12.25 20:24:18 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2008.12.25 20:24:18 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2008.12.18 22:27:24 | 006,320,872 | ---- | C] () -- C:\Program Files\npsibelius.dll
[2008.07.29 14:26:19 | 000,000,162 | ---- | C] () -- C:\Windows\G403ma_K.INI
[2008.07.29 14:25:59 | 000,375,296 | ---- | C] () -- C:\Windows\System32\tx32.dll
[2008.07.29 14:25:59 | 000,000,202 | ---- | C] () -- C:\Windows\System32\IC32.INI
[2008.07.25 11:16:17 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.07.22 20:33:24 | 003,086,336 | ---- | C] () -- C:\Windows\System32\NCMedia.dll
[2008.07.22 20:33:24 | 003,086,336 | ---- | C] () -- C:\Windows\System32\flvvideo.dll
[2008.07.22 20:33:24 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.07.22 20:33:24 | 000,383,238 | ---- | C] () -- C:\Windows\System32\libmp3lame-0.dll
[2008.07.22 17:04:33 | 003,345,408 | ---- | C] () -- C:\Windows\System32\avcodec-51.dll
[2008.07.22 17:04:33 | 000,448,512 | ---- | C] () -- C:\Windows\System32\avformat-50.dll
[2008.07.22 17:04:33 | 000,019,968 | ---- | C] () -- C:\Windows\System32\avutil-49.dll
[2008.07.20 14:19:14 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008.07.12 15:38:57 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2008.07.12 15:38:14 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2008.07.12 15:38:01 | 000,005,937 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.07.09 18:17:01 | 000,044,544 | ---- | C] () -- C:\Users\Benedikt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.06.15 00:54:15 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.04.02 11:26:17 | 000,000,907 | R--- | C] () -- C:\Windows\System32\AsusSetup.ini
[2008.04.02 11:26:17 | 000,000,263 | R--- | C] () -- C:\Windows\System32\raidmgmt.ini
[2008.04.02 11:26:06 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
[2008.04.02 11:26:05 | 000,012,231 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2008.01.21 09:15:58 | 000,674,316 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,140,212 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,442,416 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,634,694 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,115,894 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\System32\drivers\ADFUUD.SYS
[2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\ADFUUD.SYS
 
========== LOP Check ==========
 
[2011.05.30 18:57:45 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\.minecraft
[2010.11.11 19:56:40 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\Auslogics
[2011.04.21 20:55:56 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\Babylon
[2010.10.12 19:02:37 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\CheckPoint
[2010.01.20 16:22:01 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\Desktopicon
[2010.11.11 21:48:11 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\DNA
[2011.05.24 21:17:00 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.01 17:47:47 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\FireShot
[2010.11.09 22:01:10 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\GlarySoft
[2011.06.04 14:04:38 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\go
[2011.04.11 20:55:16 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\GrabPro
[2010.12.26 22:06:56 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\gtk-2.0
[2010.12.16 22:06:23 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\ICQ
[2008.06.16 17:44:39 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\ICQ Toolbar
[2011.02.27 16:51:14 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\LG Electronics
[2011.03.04 20:23:52 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\LolClient
[2008.07.13 13:08:07 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\MAGIX
[2010.10.03 21:09:16 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\NCH Swift Sound
[2011.04.16 15:54:04 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\Orbit
[2009.12.20 14:23:55 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\PC Suite
[2010.12.14 18:53:19 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\PhotoScape
[2011.04.11 20:45:27 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\ProgSense
[2011.04.28 18:57:23 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\SE_logs
[2011.04.28 18:59:52 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\SogouExplorer
[2011.05.24 15:19:47 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\Synthesia
[2010.06.07 17:26:49 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\TS3Client
[2010.01.03 23:59:24 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\TuneUp Software
[2011.04.21 15:33:09 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\Ubisoft
[2010.12.29 21:12:41 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\uiToolBar Desktop Icons
[2010.11.09 21:34:17 | 000,000,000 | ---D | M] -- C:\Users\Benedikt\AppData\Roaming\uTorrent
[2009.12.18 19:21:01 | 000,000,000 | -H-D | M] -- C:\Users\Benedikt\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2011.03.10 20:10:13 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\NCH Swift Sound
[2010.07.17 21:45:27 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\PC Suite
[2010.02.17 19:05:37 | 000,000,000 | ---D | M] -- C:\Users\Benutzer\AppData\Roaming\TuneUp Software
[2010.10.12 20:58:55 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\CheckPoint
[2011.06.03 21:52:00 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\DNA
[2008.07.22 17:04:43 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Eltima Software
[2011.03.06 01:36:04 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\facemoods.com
[2011.03.11 01:20:18 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Fighters
[2011.06.03 17:56:23 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\go
[2011.06.03 21:51:57 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ICQ
[2008.06.15 13:29:40 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\ICQ Toolbar
[2011.03.03 00:04:58 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\LolClient
[2008.07.12 15:41:25 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\MAGIX
[2010.10.04 17:16:07 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\MusE
[2010.10.02 19:05:53 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\NCH Swift Sound
[2009.12.19 00:29:21 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Nokia
[2010.01.08 00:06:41 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Nseries
[2011.04.11 22:45:37 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\PC Suite
[2011.02.15 11:42:08 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Systweak
[2008.12.08 20:39:05 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\TuneUp Software
[2010.10.17 17:41:19 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\Ubisoft
[2010.08.14 14:53:02 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\VSO
[2010.10.13 22:25:33 | 000,000,000 | ---D | M] -- C:\Users\Dominik\AppData\Roaming\XMedia Recode
[2010.10.14 18:27:15 | 000,000,000 | ---D | M] -- C:\Users\Smiljana\AppData\Roaming\CheckPoint
[2008.12.15 20:46:34 | 000,000,000 | ---D | M] -- C:\Users\Smiljana\AppData\Roaming\ICQ Toolbar
[2010.01.06 20:15:10 | 000,000,000 | ---D | M] -- C:\Users\Smiljana\AppData\Roaming\PC Suite
[2011.05.26 17:19:36 | 000,000,000 | ---D | M] -- C:\Users\Smiljana\AppData\Roaming\Synthesia
[2008.09.30 20:15:53 | 000,000,000 | ---D | M] -- C:\Users\Smiljana\AppData\Roaming\TuneUp Software
[2011.06.04 14:03:07 | 000,000,320 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2011.02.15 17:17:31 | 000,000,256 | ---- | M] () -- C:\Windows\Tasks\Regclean Pro_MONTHLY.job
[2011.04.27 10:42:10 | 000,000,276 | ---- | M] () -- C:\Windows\Tasks\Regclean Pro_UPDATES.job
[2011.06.04 00:16:11 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.06.04 14:03:03 | 000,000,360 | ---- | M] () -- C:\Windows\Tasks\SLOW-PCfighter-Dominik-Startup.job
[2011.06.04 14:55:00 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0520E69E-26D8-498C-AD66-71E332F376E7}.job
[2011.06.04 14:56:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{27137807-3851-40E5-9D8C-200A1B35CDF4}.job
[2011.06.04 14:52:14 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{ED4DC7F5-282E-427F-9EFC-EFF316DF019B}.job
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
(C:\ProgramData\Microsoft\Windows\Start Menu\Programs\???????) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\搜狗高速浏览器
 
< End of report >
--- --- ---
Alt 05.06.2011, 16:48   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
OTL Auswertung: Hatte mehrere Trojana! - Standard

OTL Auswertung: Hatte mehrere Trojana!


Zitat:
Ich hatte vor kurzem mehrere Trojana auf meinem PC und hatte eig. auch alle entfernt, laut Antivir und co
Und welche waren das? Bitte alle Logs von AntiVir posten und den Programmen, die du als "Co" bezeichnest
__________________

__________________
Antwort

Themen zu OTL Auswertung: Hatte mehrere Trojana!
?????, adobe, antivir, assembly, autorun, avg, avira, babylontoolbar, bho, bingbar, bonjour, canon, conduit, converter, defender, desktop, error, falsche seite, firefox, format, google, home, internet, logfile, mozilla, mp3, msvcrt, nvlddmkm.sys, object, oldtimer, otl auswertung, plug-in, regclean, regclean pro, registry, scan, sched.exe, searchplugins, security, security scan, software, start menu, vista


« Spaßprogramme und 1x Spyware erfolgreich entfernen | Windows Recovery + Trojaner »


Ähnliche Themen: OTL Auswertung: Hatte mehrere Trojana!


  1. Ständig Probleme beim Windows Update! Eventuell Trojana? Auswertung meiner Log Datei...
    Log-Analyse und Auswertung - 30.01.2013 (3)
  2. GVU Trojana 2.07 Windows 7
    Plagegeister aller Art und deren Bekämpfung - 28.10.2012 (10)
  3. Skype Trojana
    Plagegeister aller Art und deren Bekämpfung - 03.10.2012 (17)
  4. Skype Trojana
    Plagegeister aller Art und deren Bekämpfung - 30.09.2012 (5)
  5. Freund hatte mehrere viren auf seiner Festplatte
    Log-Analyse und Auswertung - 09.06.2011 (4)
  6. BKA Trojana Problem
    Log-Analyse und Auswertung - 13.05.2011 (16)
  7. BKA Trojana
    Plagegeister aller Art und deren Bekämpfung - 22.04.2011 (35)
  8. OTL-Auswertung: Hatte Vor kurzem Trojaner!
    Log-Analyse und Auswertung - 21.04.2011 (1)
  9. Mehrere Trojaner gefunden - Auswertung von hijackthis-log
    Log-Analyse und Auswertung - 22.02.2010 (11)
  10. Trojana.wie krieg ich ihn weg?
    Plagegeister aller Art und deren Bekämpfung - 22.01.2009 (1)
  11. Trojana virus
    Mülltonne - 29.09.2008 (0)
  12. Trojana TR/BHO.czo
    Log-Analyse und Auswertung - 29.07.2008 (5)
  13. Trojana TR/Inject.ZS
    Plagegeister aller Art und deren Bekämpfung - 29.03.2008 (10)
  14. hatte scvhost problem, bitte um auswertung
    Log-Analyse und Auswertung - 12.04.2007 (11)
  15. Hab ein Trojana!!!
    Plagegeister aller Art und deren Bekämpfung - 13.05.2005 (12)
  16. Trojana/Virus per ICQ?
    Plagegeister aller Art und deren Bekämpfung - 15.12.2004 (4)
  17. Ich hab nen trojana
    Plagegeister aller Art und deren Bekämpfung - 28.09.2004 (22)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema OTL Auswertung: Hatte mehrere Trojana! - Ich hatte vor kurzem mehrere Trojana auf meinem PC und hatte eig. auch alle entfernt, laut Antivir und co. Aber trotzdem werde ich im Internet immer auf falsche seiten weitergeleitet - OTL Auswertung: Hatte mehrere Trojana!...
Archiv
Du betrachtest: OTL Auswertung: Hatte mehrere Trojana! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129