Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Ich würde gerne wissen ob mein PC wirklich rein ist. OTL Logfile inc.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 04.07.2011, 12:13   #1
darkwifer
 
Ich würde gerne wissen ob mein PC wirklich rein ist. OTL Logfile inc. - Standard

Ich würde gerne wissen ob mein PC wirklich rein ist. OTL Logfile inc.



Hallo
ich möchte einfach mal zur sicherheit das mein computer rein ist
(weil in letzter zeit gehäufte bluescreens entstehen) ein OTL logfile posten

OTL logfile created on: 04.07.2011 11:56:08 - Run 1
OTL by OldTimer - Version 3.2.25.0 Folder = C:\Users\Daniel\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,00 Gb Total Physical Memory | 1,17 Gb Available Physical Memory | 58,37% Memory free
4,23 Gb Paging File | 2,93 Gb Available in Paging File | 69,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138,62 Gb Total Space | 12,10 Gb Free Space | 8,73% Space Free | Partition Type: NTFS
Drive D: | 140,97 Gb Total Space | 99,13 Gb Free Space | 70,32% Space Free | Partition Type: NTFS

Computer Name: DANIEL-PC | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.07.04 11:54:32 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
PRC - [2011.07.04 11:43:35 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Daniel\Downloads\HiJackThis204.exe
PRC - [2011.06.28 15:30:52 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2011.06.28 15:30:50 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.25 12:30:46 | 000,884,696 | ---- | M] ({StringFileInfo_CompanyName}) -- C:\Programme\Ask.com\Updater\Updater.exe
PRC - [2011.05.26 11:29:03 | 000,800,768 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2011.04.27 15:30:48 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.02.16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011.01.27 17:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.01.14 14:36:33 | 000,025,984 | ---- | M] (Uniblue Systems Limited) -- C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2010.11.06 15:24:25 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.09.21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010.09.17 11:16:58 | 000,097,624 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2010.01.14 23:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 08:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.01.26 16:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.04.25 13:31:40 | 000,319,488 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\SysMonitor.exe
PRC - [2008.04.25 13:31:24 | 000,319,488 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Framework.Launcher.exe
PRC - [2008.04.25 13:30:26 | 000,024,576 | ---- | M] () -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.03.26 07:21:30 | 005,369,856 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.03.04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.03.04 23:38:28 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.01.29 12:25:10 | 000,598,016 | ---- | M] () -- C:\Programme\bin32\nSvcAppFlt.exe
PRC - [2008.01.29 12:24:46 | 000,163,840 | ---- | M] () -- C:\Programme\bin32\nSvcIp.exe
PRC - [2008.01.25 18:49:04 | 000,269,448 | ---- | M] (CyberLink) -- C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2007.06.15 16:55:00 | 000,300,544 | ---- | M] (Nokia.) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2006.11.03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAC207\Monitor.exe


========== Modules (SafeList) ==========

MOD - [2011.07.04 11:54:32 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
MOD - [2011.04.08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee\SiteAdvisor\sahook.dll
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.06.28 22:33:47 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\Programme\Common Files\Akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011.06.28 15:30:52 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.06.28 15:30:50 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Stopped] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.04.27 15:30:48 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.04.21 13:44:05 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.02.16 15:49:08 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011.01.27 17:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.06.07 12:22:00 | 003,549,224 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008.04.25 13:30:26 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.03.04 23:38:34 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.01.29 12:25:10 | 000,598,016 | ---- | M] () [Auto | Running] -- C:\Programme\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008.01.29 12:24:46 | 000,163,840 | ---- | M] () [Auto | Running] -- C:\Programme\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2008.01.25 18:49:04 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.06.15 16:55:00 | 000,300,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)


========== Driver Services (SafeList) ==========

DRV - [2011.06.28 15:30:58 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.28 15:30:58 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.07.01 14:21:14 | 000,034,896 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER)
DRV - [2009.08.01 18:34:37 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.08.01 18:34:28 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.05.11 11:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.30 03:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.11.12 17:41:54 | 004,179,456 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.09.29 18:12:04 | 000,012,832 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008.04.22 02:49:00 | 007,451,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.04.22 02:49:00 | 000,043,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.01.29 07:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008.01.25 14:02:02 | 000,140,832 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2007.10.12 10:53:10 | 000,013,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007.02.22 11:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 11:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 11:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007.02.22 11:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006.12.05 11:34:42 | 000,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)
DRV - [2005.04.14 14:12:32 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.04.04 12:43:22 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp32&d=1006&m=aspire_x3200
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {3d684ca7-5d30-4a7e-9768-e17df98df80f} - C:\Programme\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMes1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp32&d=1006&m=aspire_x3200
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?rd=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {3d684ca7-5d30-4a7e-9768-e17df98df80f} - C:\Programme\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMes1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Messenger Plus Live Germany Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2567732&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://de.msn.com/?ocid=mp"
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.0.3
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {542e4d79-1970-4e95-9862-fdb96f61b280}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {76aeea42-e04a-4b62-83ab-df4b2be2541e}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.2.0.2
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="


FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011.05.25 15:41:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.05.17 13:21:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.05.17 13:21:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.27 10:35:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.10 18:14:01 | 000,000,000 | ---D | M]

[2009.07.13 13:20:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions
[2011.07.04 00:08:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions
[2010.04.30 18:25:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.27 10:36:53 | 000,000,000 | ---D | M] (Messenger Plus DE Community Toolbar) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{3d684ca7-5d30-4a7e-9768-e17df98df80f}
[2011.06.28 12:04:30 | 000,000,000 | ---D | M] (Messenger Plus Live Germany Community Toolbar) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{542e4d79-1970-4e95-9862-fdb96f61b280}
[2011.06.22 19:50:08 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009.08.26 16:23:37 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(11)
[2011.06.28 12:04:35 | 000,000,000 | ---D | M] (MessengerPlusLive Germany TB Community Toolbar) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}
[2011.06.21 09:19:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.15 06:03:00 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.09 01:01:52 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011.06.30 13:14:04 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\DefaultManager@Microsoft
[2011.04.02 02:35:15 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\engine@conduit.com
[2011.06.28 20:43:21 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus WebGuard) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\toolbar@ask.com
[2010.04.21 12:07:06 | 000,000,957 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\conduit.xml
[2011.07.03 19:48:23 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-1.xml
[2011.03.03 16:13:22 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-2.xml
[2011.03.05 13:36:01 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-3.xml
[2011.03.25 09:35:16 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-4.xml
[2011.04.09 01:55:34 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-5.xml
[2011.05.10 18:14:49 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-6.xml
[2011.05.25 21:52:40 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-7.xml
[2011.06.27 10:36:58 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-8.xml
[2011.06.28 20:47:02 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin-9.xml
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\icqplugin.xml
[2011.04.09 01:01:30 | 000,003,915 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\c9xv440k.default\searchplugins\sweetim.xml
[2011.04.09 09:10:30 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.07.13 12:18:43 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.04.25 10:41:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.20 14:40:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.11 16:10:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.30 12:02:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.09 09:10:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
[2009.07.19 04:04:14 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009.09.29 16:31:54 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.12.27 14:11:15 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.04.25 10:41:24 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.20 14:40:18 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.11 16:10:05 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.30 12:02:04 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.09 09:10:30 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\DANIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\C9XV440K.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\DANIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\C9XV440K.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.06.27 10:35:51 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009.09.21 11:59:40 | 001,275,296 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\mozilla firefox\plugins\NpFv501.dll
[2011.05.10 18:13:52 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.10 18:13:52 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.05.10 18:13:53 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.10 18:13:53 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.06.21 09:21:33 | 000,001,952 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011.05.10 18:13:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.10 18:13:53 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2011.01.29 00:25:43 | 000,358,536 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 12309 more lines...
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (PriceGongBHO Class) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.1.0\PriceGongIE.dll (PriceGong)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Messenger Plus DE Toolbar) - {3d684ca7-5d30-4a7e-9768-e17df98df80f} - C:\Programme\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (MessengerPlusLive Germany TB Toolbar) - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMes1.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus DE Toolbar) - {3d684ca7-5d30-4a7e-9768-e17df98df80f} - C:\Programme\Messenger_Plus_DE\prxtbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (MessengerPlusLive Germany TB Toolbar) - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Programme\MessengerPlusLive_Germany_TB\tbMes1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (Messenger Plus Live Germany Toolbar) - {542E4D79-1970-4E95-9862-FDB96F61B280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (MessengerPlusLive Germany TB Toolbar) - {76AEEA42-E04A-4B62-83AB-DF4B2BE2541E} - C:\Programme\MessengerPlusLive_Germany_TB\tbMes1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Programme\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [AGEIA PhysX SysTray] C:\Programme\AGEIA Technologies\TrayIcon.exe ()
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Programme\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [EmpoweringTechnology] File not found
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Programme\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [PlusService] C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ICQ] File not found
O4 - HKCU..\Run: [Sidebar] C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Programme\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} hxxp://messenger.zone.msn.com/EN-US/a-LUXR/mjolauncher.cab (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{93e918f0-9626-11de-8bed-001d72b6afbd}\Shell\AutoRun\command - "" = G:\start.bat
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.07.04 11:54:30 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2011.07.04 11:08:48 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{7D4AC734-4BD1-4E94-AF72-39680E68A797}
[2011.07.03 15:54:32 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{86BFBCA9-E5C7-48F9-812C-386E4B460B22}
[2011.07.01 13:23:58 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{ACA47461-B84A-41A1-9C51-47703752CE51}
[2011.06.30 13:13:03 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{9653E2ED-BC0C-4F47-8AF8-A5A38569ADA8}
[2011.06.30 13:13:02 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{B3DCEAF5-DFE6-48D0-9092-F2D687E8935A}
[2011.06.30 03:03:11 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.06.30 00:01:40 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{3D9F3245-5463-4850-B8FC-535BCEFFF04D}
[2011.06.28 15:43:20 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2011.06.28 11:40:09 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{8DCCA5BD-E545-4951-89B8-25367224C83D}
[2011.06.27 16:17:51 | 000,380,928 | ---- | C] (MSNVirusRemoval.com - Macka's Software) -- C:\Users\Daniel\Desktop\MSNVirusRemover_4.28.7.06.exe
[2011.06.27 16:09:47 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\{D055C77B-AF6B-4779-B196-DAE39A0A1438}
[2011.06.27 14:48:30 | 000,000,000 | ---D | C] -- C:\Windows\de
[2011.06.27 14:46:19 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011.06.27 14:25:58 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Windows Live
[2011.06.24 09:20:53 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2011.06.24 09:20:52 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Conduit
[2011.06.24 09:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger_Plus_DE
[2011.06.24 09:17:44 | 000,000,000 | ---D | C] -- C:\Program Files\Yuna Software
[2011.06.20 17:30:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel\.ruslanka
[2011.06.20 17:30:10 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruslanka
[2011.06.12 16:07:17 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\gamigo
[2011.06.12 15:33:44 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\rtool
[2011.06.12 15:33:44 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Repair EN
[2011.06.12 15:33:18 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Launcher
[2011.06.12 15:24:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gamigo AG
[2011.06.12 03:20:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
[2011.06.06 22:18:18 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Paint.NET
[2008.07.22 10:01:25 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.07.04 11:54:32 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2011.07.04 11:17:04 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1962764048-2839661159-4131213997-1000UA.job
[2011.07.04 11:17:04 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1962764048-2839661159-4131213997-1000Core.job
[2011.07.04 11:06:28 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.04 11:06:28 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2011.07.04 11:05:57 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.04 11:05:57 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.04 11:05:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.04 11:05:47 | 2145,931,264 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.04 01:15:38 | 000,056,832 | ---- | M] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.04 01:05:06 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.03 23:53:36 | 210,402,604 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.06.30 13:07:14 | 000,343,128 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.06.30 03:14:04 | 000,736,030 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.06.30 03:14:04 | 000,696,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.30 03:14:04 | 000,168,288 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.06.30 03:14:04 | 000,142,476 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.29 16:00:51 | 000,000,032 | ---- | M] () -- C:\Windows\CD_Start.INI
[2011.06.28 15:30:58 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.06.28 15:30:58 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.06.27 16:17:52 | 000,380,928 | ---- | M] (MSNVirusRemoval.com - Macka's Software) -- C:\Users\Daniel\Desktop\MSNVirusRemover_4.28.7.06.exe
[2011.06.24 09:20:43 | 000,001,910 | ---- | M] () -- C:\Users\Daniel\Desktop\Plus World.lnk
[2011.06.23 15:12:08 | 000,109,684 | -H-- | M] () -- C:\Windows\System32\mlfcache.dat
[2011.06.21 09:19:40 | 000,006,836 | ---- | M] () -- C:\Users\Daniel\AppData\Local\d3d9caps.dat
[2011.06.20 17:30:11 | 000,000,772 | ---- | M] () -- C:\Users\Daniel\Desktop\Ruslanka.lnk
[2011.06.18 09:40:00 | 000,001,674 | ---- | M] () -- C:\Users\Daniel\Desktop\MineCraft.lnk
[2011.06.17 18:16:13 | 000,000,666 | ---- | M] () -- C:\Users\Daniel\Desktop\R.O.H.A.N. Vendetta.lnk
[2011.06.17 17:57:57 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.06.17 17:57:57 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.06.17 17:57:40 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.06.15 08:37:27 | 003,323,083 | ---- | M] () -- C:\Users\Daniel\Documents\Unbenannt (6).wma
[2011.06.15 08:27:00 | 003,596,973 | ---- | M] () -- C:\Users\Daniel\Documents\Unbenannt (5).wma
[2011.06.15 08:06:17 | 001,468,713 | ---- | M] () -- C:\Users\Daniel\Documents\Unbenannt (4).wma
[2011.06.12 15:53:02 | 000,000,427 | ---- | M] () -- C:\Users\Public\Desktop\Register Now.lnk
[2011.06.12 15:53:02 | 000,000,397 | ---- | M] () -- C:\Users\Public\Desktop\Play Now.lnk
[2011.06.09 22:13:07 | 002,568,763 | ---- | M] () -- C:\Users\Daniel\Documents\engel hassen besser.wma
[2011.06.08 19:46:15 | 000,440,503 | ---- | M] () -- C:\Users\Daniel\Documents\Unbenannt (3).wma
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.07.03 23:53:36 | 210,402,604 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.06.27 14:44:31 | 000,001,162 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011.06.27 14:42:18 | 000,001,231 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011.06.27 14:39:36 | 000,002,029 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011.06.24 09:20:43 | 000,001,910 | ---- | C] () -- C:\Users\Daniel\Desktop\Plus World.lnk
[2011.06.20 17:30:12 | 000,000,772 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ruslanka.lnk
[2011.06.20 17:30:11 | 000,000,772 | ---- | C] () -- C:\Users\Daniel\Desktop\Ruslanka.lnk
[2011.06.17 18:15:31 | 000,000,666 | ---- | C] () -- C:\Users\Daniel\Desktop\R.O.H.A.N. Vendetta.lnk
[2011.06.17 17:57:40 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.06.15 08:37:27 | 003,323,083 | ---- | C] () -- C:\Users\Daniel\Documents\Unbenannt (6).wma
[2011.06.15 08:27:00 | 003,596,973 | ---- | C] () -- C:\Users\Daniel\Documents\Unbenannt (5).wma
[2011.06.15 08:06:17 | 001,468,713 | ---- | C] () -- C:\Users\Daniel\Documents\Unbenannt (4).wma
[2011.06.12 15:24:33 | 000,000,427 | ---- | C] () -- C:\Users\Public\Desktop\Register Now.lnk
[2011.06.12 15:24:33 | 000,000,397 | ---- | C] () -- C:\Users\Public\Desktop\Play Now.lnk
[2011.06.09 22:13:07 | 002,568,763 | ---- | C] () -- C:\Users\Daniel\Documents\engel hassen besser.wma
[2011.06.08 19:46:14 | 000,440,503 | ---- | C] () -- C:\Users\Daniel\Documents\Unbenannt (3).wma
[2011.06.06 22:20:07 | 000,000,842 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2011.04.24 16:26:52 | 000,109,684 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011.02.19 12:34:36 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI
[2011.02.02 10:06:13 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2011.01.22 21:22:26 | 000,000,292 | ---- | C] () -- C:\Windows\vtmb.ini
[2011.01.10 14:55:21 | 000,026,340 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\UserTile.png
[2010.12.02 22:47:37 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI
[2010.11.06 15:44:19 | 000,182,272 | ---- | C] () -- C:\Windows\patchw32.dll
[2010.09.25 00:06:56 | 000,000,017 | ---- | C] () -- C:\Windows\Missing.ini
[2009.11.07 16:58:11 | 000,695,578 | ---- | C] () -- C:\Windows\unins000.exe
[2009.11.07 16:58:11 | 000,001,214 | ---- | C] () -- C:\Windows\unins000.dat
[2009.10.20 22:47:37 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.10.20 22:47:36 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.09.27 20:59:00 | 000,009,902 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\NMM-MetaData.db
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009.08.01 18:34:37 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.08.01 18:34:28 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.07.29 15:49:43 | 000,001,124 | ---- | C] () -- C:\Windows\wininit.ini
[2009.07.29 12:53:49 | 000,000,632 | ---- | C] () -- C:\Windows\Wlf.INI
[2009.07.26 02:06:04 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009.07.18 00:52:53 | 000,006,836 | ---- | C] () -- C:\Users\Daniel\AppData\Local\d3d9caps.dat
[2009.07.14 01:55:23 | 000,000,022 | ---- | C] () -- C:\Windows\msnmsgr.exe.ini
[2009.07.13 16:59:00 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.07.13 16:12:14 | 000,000,399 | ---- | C] () -- C:\Windows\System32\Remover.ini
[2009.07.13 16:12:12 | 000,040,960 | ---- | C] () -- C:\Windows\98Setup.exe
[2009.07.13 15:17:33 | 000,056,832 | ---- | C] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.13 13:20:06 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008.05.09 11:54:41 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008.05.09 11:54:41 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.05.09 11:16:47 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008.05.09 11:07:26 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008.05.09 11:07:26 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2008.05.09 11:07:26 | 000,000,008 | ---- | C] () -- C:\Windows\System32\drivers\rtkhdaud.dat
[2008.05.09 10:55:35 | 000,003,948 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008.01.21 09:15:58 | 000,736,030 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,168,288 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.01.01 13:31:57 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.01.01 13:31:57 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008.01.01 13:31:57 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.01.01 13:31:57 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2008.01.01 13:31:57 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2007.03.29 23:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,343,128 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,696,760 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,142,476 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:27:46 | 000,000,518 | ---- | C] () -- C:\Windows\System32\SP207.INI
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.10.11 00:32:12 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2006.10.11 00:32:12 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2006.10.11 00:08:18 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2006.03.20 21:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2003.08.18 16:55:48 | 000,086,016 | ---- | C] () -- C:\Windows\System32\LXBKIH.EXE
[2003.08.18 16:46:38 | 000,077,824 | ---- | C] () -- C:\Windows\System32\LXBKLCNP.DLL
[2002.11.13 21:40:22 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbkvs.dll
[2002.09.13 17:40:06 | 000,000,266 | ---- | C] () -- C:\Windows\System32\lxbkcoin.ini
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[2001.01.19 21:50:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\INSTMON.EXE

========== LOP Check ==========

[2009.07.13 23:40:55 | 000,000,000 | -HSD | M] -- C:\Users\Daniel\AppData\Roaming\.#
[2011.02.22 21:51:45 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\.minecraft
[2011.03.25 14:44:32 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\.minecraft server
[2008.05.09 11:28:28 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Acer GameZone Console
[2011.04.15 06:02:59 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.07.13 13:16:28 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\eSobi
[2009.11.07 17:00:03 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Flatcast
[2011.06.12 16:10:19 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\gamigo
[2010.10.02 18:37:32 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\HamsterSoft
[2011.06.30 05:13:19 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ICQ
[2011.06.12 15:33:26 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Launcher
[2011.04.08 12:56:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\LolClient
[2010.10.02 18:52:37 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Nokia
[2011.05.24 19:12:19 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Nokia Multimedia Player
[2011.04.13 15:15:37 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\OpenOffice.org
[2009.08.07 08:37:54 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\PC Suite
[2011.01.10 14:55:21 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\PeerNetworking
[2011.01.04 23:42:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\PhotoScape
[2011.06.12 15:50:10 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Repair EN
[2011.06.12 15:50:09 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\rtool
[2010.09.27 20:13:02 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Screaming Bee
[2011.04.12 13:36:37 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Simfy
[2011.02.27 17:16:10 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TeamViewer
[2011.05.25 15:30:49 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Teeworlds
[2010.12.03 23:58:43 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TS3Client
[2011.01.21 00:26:16 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Uniblue
[2010.12.29 01:46:56 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Warsow 0.6
[2009.07.14 18:04:50 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Zylom
[2011.07.04 11:06:28 | 000,000,334 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2011.07.04 01:20:55 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:4CF61E54

< End of report >

Alt 05.07.2011, 10:02   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ich würde gerne wissen ob mein PC wirklich rein ist. OTL Logfile inc. - Standard

Ich würde gerne wissen ob mein PC wirklich rein ist. OTL Logfile inc.



Zitat:
[2011.06.21 09:19:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.15 06:03:00 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.04.09 01:01:52 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011.06.30 13:14:04 | 000,000,000 | ---D | M] (Default Manager) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\DefaultManager@ Microsoft
[2011.04.02 02:35:15 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\engine@conduit. com
[2011.06.28 20:43:21 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus WebGuard) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\c9xv440k.default\extensions\toolbar@ask.com

Hm, was willst du mit diesen sinnfreien biw schädlichen Toolbars auf dem Rechner? Am besten alles entfernen wo Toolbar steht, was in der Systemsteuerung unter Software bzw. Programme und Funktionen zu sehen ist und bei zukünftigen Programminstallation immer die benutzerdefinierte Methode anklicken, damit man bei der Installation mögliche Toolbars abwählen kann.
Deinstalliere bei der Gelegenheit auch alle anderen unnötigen Programme über die Systemsteuerung.

Überleg dir auch gut, ob du in Zukunft weiterhin bei AntiVir bleiben willst. Die haben eine sehr fragwürdige Entscheidung getroffen, was nicht gerade seriös wirkt => http://www.trojaner-board.de/100374-...e-und-ask.html

Zitat:
ob mein PC wirklich rein ist
Sowas wie "wirklich" womit "100%" gemeint ist gibt es nicht.
Annähernd 100% hat man durch Plätten und Neuinstallationdes Systems, anähernd deswegen, weil es niemals 100% Sicherheit gibt, aber man hat die Gewissheit, dass alle Schädlinge aus der vorherigen Windowsinstallation entfernt wurden.
__________________

__________________

Antwort

Themen zu Ich würde gerne wissen ob mein PC wirklich rein ist. OTL Logfile inc.
akamai, alternate, antivir, autorun, avira, avira searchfree toolbar, bho, bluescreens, computer, conduit, converter, error, excel.exe, firefox, google, helper, hijack, hijackthis, home, intranet, logfile, mozilla, mp3, nvlddmkm.sys, otllogfile, popup, realtek, safer networking, scan, senden, server, siteadvisor, software, start menu, vista, überprüfen



Ähnliche Themen: Ich würde gerne wissen ob mein PC wirklich rein ist. OTL Logfile inc.


  1. Würde gerne diesen Mist wieder vom System haben
    Plagegeister aller Art und deren Bekämpfung - 14.05.2016 (20)
  2. Systweak Software gedownloadet, lies sich nach Neustart Deinstallieren - Würde es gerne kontrollieren lassen
    Plagegeister aller Art und deren Bekämpfung - 16.01.2014 (11)
  3. Keine auffälligkeiten, trotz 3 Jahre Internet + Keine Formatierung(Würde gerne kommplet check machen)
    Log-Analyse und Auswertung - 19.10.2012 (1)
  4. Skype Virus angeklickt aber nicht ausgeführt wurde nun gerne wissen ob mein PC sicher ist
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (1)
  5. Ich habe einen TR/ATRAPS.Gen Trojaner und würde gerne wissen wie ich den weg bekomme.
    Log-Analyse und Auswertung - 30.08.2012 (28)
  6. Ich würde gerne einen kompletten Systemcheck auf Viren etc. machen aber weiß nicht wie...
    Plagegeister aller Art und deren Bekämpfung - 21.05.2012 (42)
  7. Ich würde gerne Linux ausprobieren...viele Anfängerfragen
    Alles rund um Mac OSX & Linux - 19.01.2012 (7)
  8. Ist mein System rein?
    Log-Analyse und Auswertung - 02.05.2011 (10)
  9. Mein Account bei WoW würde gehackt
    Log-Analyse und Auswertung - 11.05.2010 (1)
  10. ich möchte gerne wissen ob mein system sauber ist Vielen dank
    Mülltonne - 10.04.2010 (0)
  11. Hätte gerne eine Auswertng zu meinem Logfile!
    Log-Analyse und Auswertung - 01.05.2007 (8)
  12. Mein Wissen ist erschöpft, bitte helft mir !
    Log-Analyse und Auswertung - 01.02.2006 (17)
  13. TR/Dldr.Mediket.S.2 würde ich gerne loswerden, kann mir jemand helfen?
    Plagegeister aller Art und deren Bekämpfung - 30.09.2005 (5)
  14. Würde bitte jemand mal mein Logfile checken??
    Log-Analyse und Auswertung - 04.05.2005 (2)
  15. Würde jemand mein HJT Log checken...?
    Log-Analyse und Auswertung - 23.01.2005 (21)
  16. Würde gerne meinen hijackthis Logfile von euch checken lassen. Vielen Dank
    Log-Analyse und Auswertung - 04.11.2004 (3)
  17. wie kann ich wissen ob mein PC gehackt ist ?
    Überwachung, Datenschutz und Spam - 05.10.2004 (12)

Zum Thema Ich würde gerne wissen ob mein PC wirklich rein ist. OTL Logfile inc. - Hallo ich möchte einfach mal zur sicherheit das mein computer rein ist (weil in letzter zeit gehäufte bluescreens entstehen) ein OTL logfile posten OTL logfile created on: 04.07.2011 11:56:08 - - Ich würde gerne wissen ob mein PC wirklich rein ist. OTL Logfile inc....
Archiv
Du betrachtest: Ich würde gerne wissen ob mein PC wirklich rein ist. OTL Logfile inc. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.