| |  50 Euro Trojaner
 Hallo!
Ich habe mir auch den 50 Euro Trojaner eingefangen und will hiermit um Hilfe bitten. Den OTL Scan habe ich jetzt mal durchlaufen lassen.
Hier das OTL Logfile Zitat:
OTL logfile created on: 3/6/2012 3:36:15 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 1 (Version = 6.0.6001) - Type = System
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 458.21 Gb Total Space | 228.98 Gb Free Space | 49.97% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 8.19 Gb Free Space | 1.76% Space Free | Partition Type: NTFS
Drive I: | 7.55 Gb Total Space | 1.01 Gb Free Space | 13.35% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2011/09/02 08:29:30 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/07/08 13:57:05 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/28 06:20:43 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/09/23 09:36:06 | 000,051,168 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2009/08/27 10:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/04/30 04:23:26 | 000,090,112 | ---- | M] () [Auto] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2009/04/08 05:38:14 | 000,092,008 | ---- | M] (TomTom) [Auto] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2008/08/29 09:20:56 | 000,935,208 | ---- | M] (Nero AG) [Auto] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/08/07 04:17:30 | 000,575,488 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/08/07 04:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2008/04/28 12:26:47 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/12 10:36:12 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/03/20 09:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (SymIMMP)
DRV - File not found [Kernel | On_Demand] -- -- (SymIM)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand] -- -- (EraserUtilRebootDrv)
DRV - [2011/07/08 13:57:06 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/08 13:57:06 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/04/16 07:21:16 | 000,015,232 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/11/23 06:40:40 | 000,091,216 | ---- | M] (High Criteria inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TotRec8.sys -- (TotRec8)
DRV - [2010/09/23 02:46:08 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/11/19 08:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM)
DRV - [2009/11/19 08:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS)
DRV - [2009/11/19 08:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2009/11/19 08:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM)
DRV - [2009/11/19 08:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM)
DRV - [2009/11/19 08:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2009/11/19 08:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009/10/20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2009/10/05 03:08:42 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2009/05/11 04:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/02/13 05:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/06/06 03:24:44 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008/05/07 01:38:36 | 000,008,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/05/07 01:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/05/07 01:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2007/12/11 18:51:28 | 000,021,280 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand] -- C:\Program Files\PC-Doctor 5 for Windows\pcd5srvc.pkms -- (PCD5SRVC{BD6912E3-AC9D80E8-05040000})
DRV - [2007/12/04 23:01:00 | 007,580,064 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/10/03 11:18:12 | 000,099,840 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/09/17 08:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2005/12/12 11:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)
DRV - [2001/09/17 11:07:54 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto] -- C:\Windows\System32\PfModNT.sys -- (PfModNT)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=81&bd=Pavilion&pf=desktop
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_at&c=81&bd=Pavilion&pf=desktop
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Admin_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\Admin_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ebay.de/itm/150763617330?ssPageName=STRK:MEWAX:IT&_trksid=p3984.m1423.l2649
IE - HKU\Admin_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Admin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Admin_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\Admin\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Admin\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Admin\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/02/22 11:09:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/25 15:31:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b8\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 8\components [2012/01/25 15:31:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0b8\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 8\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\Admin\Program Files\DNA [2008/08/30 14:25:17 | 000,000,000 | ---D | M]
[2010/01/16 15:34:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Extensions
[2009/08/01 06:35:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011/12/22 16:24:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ni8ygwyi.default\extensions
[2011/12/22 16:24:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ni8ygwyi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/03 07:43:52 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ni8ygwyi.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/09/14 05:03:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/01 12:10:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/14 05:03:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) --
[2011/01/22 12:24:12 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX 4.0 BETA 8\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/19 15:41:13 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX 4.0 BETA 8\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010/12/25 10:52:32 | 000,000,000 | ---D | M] (Feedback) -- C:\PROGRAM FILES\MOZILLA FIREFOX 4.0 BETA 8\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM
[2010/03/10 17:01:02 | 000,124,272 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
[2010/03/10 17:02:52 | 000,070,512 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2010/03/10 17:01:48 | 000,091,504 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2010/03/10 17:01:24 | 000,022,384 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2007/08/29 16:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2010/07/16 22:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/03/10 17:40:56 | 000,423,248 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2010/03/10 17:02:48 | 000,023,920 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2009/12/21 22:57:54 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009/12/21 22:57:54 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2009/12/21 22:57:54 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2009/12/21 22:57:54 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2009/12/21 22:57:54 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\Admin_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\Admin_ON_C\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKLM..\Run: [hpsysdrv] C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KBD] File not found
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [VX2bt1oYNKCLnkO] C:\Users\Admin\AppData\Roaming\h6s5ruij653.exe (Cutting Edge Software Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\Admin_ON_C..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\Admin_ON_C..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\Admin_ON_C..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\Admin_ON_C..\Run: [VX2bt1oYNKCLnkO] C:\Users\Admin\AppData\Roaming\h6s5ruij653.exe (Cutting Edge Software Inc.)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()
O7 - HKU\Admin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKU\Admin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = _ [binary data]
O7 - HKU\Admin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\Admin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Admin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Admin_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8 - Extra context menu item: &AOL Toolbar-Suche - C:\Program Files\AOL\AOL Toolbar 5.0\resources\de-AT\local\search.html ()
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Mit Mipony herunterladen - C:\Program Files\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (C:\Users\Admin\AppData\Roaming\h6s5ruij653.exe) - C:\Users\Admin\AppData\Roaming\h6s5ruij653.exe (Cutting Edge Software Inc.)
O20 - HKU\Admin_ON_C Winlogon: Shell - (C:\Users\Admin\AppData\Roaming\h6s5ruij653.exe) - C:\Users\Admin\AppData\Roaming\h6s5ruij653.exe (Cutting Edge Software Inc.)
O20 - HKU\Admin_ON_C Winlogon: UserInit - (C:\Users\Admin\AppData\Roaming\h6s5ruij653.exe) - C:\Users\Admin\AppData\Roaming\h6s5ruij653.exe (Cutting Edge Software Inc.)
O24 - Desktop WallPaper: C:\Background\sas-background.bmp
O24 - Desktop BackupWallPaper: C:\Background\sas-background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/27 09:44:55 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{20b68710-1240-11df-b62d-001e8cc58020}\Shell\AutoRun\command - "" = G:\PCStart.exe
O33 - MountPoints2\{33c1271d-aae3-11de-8af8-001e8cc58020}\Shell\AutoRun\command - "" = G:\.\samy_deluxe.exe
O33 - MountPoints2\{979e71c1-8edf-11de-9b11-001e8cc58020}\Shell\AutoRun\command - "" = L:\WDSetup.exe
O33 - MountPoints2\{98f55385-3f1f-11de-9c59-001e8cc58020}\Shell\AutoRun\command - "" = G:\APPInst.exe
O33 - MountPoints2\{cfcc8d03-47b2-11df-9190-001e8cc58020}\Shell - "" = AutoRun
O33 - MountPoints2\{cfcc8d03-47b2-11df-9190-001e8cc58020}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{d61e73ff-7e8a-11de-82fa-001e8cc58020}\Shell\AutoRun\command - "" = M:\InstallTomTomHOME.exe
O33 - MountPoints2\{e232cfe3-49e4-11df-9cd7-001e8cc58020}\Shell - "" = AutoRun
O33 - MountPoints2\{e232cfe3-49e4-11df-9cd7-001e8cc58020}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\{e42dfddf-c439-11dd-8308-806e6f6e6963}\Shell\AutoRun\command - "" = K:\WD_Windows_Tools\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/03/03 14:35:39 | 000,305,664 | ---- | C] (Cutting Edge Software Inc.) -- C:\Users\Admin\AppData\Roaming\h6s5ruij653.exe
[2012/02/22 11:06:18 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/02/20 04:52:06 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sfx32.dll
[2012/02/20 04:52:06 | 000,000,000 | ---D | C] -- C:\Users\Admin\AppData\Roaming\ASCON Installer
[2010/04/17 15:58:56 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe587C.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/03/03 14:49:46 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012/03/03 14:49:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/03 14:43:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-149490994-851355245-691603875-1000UA.job
[2012/03/03 14:38:47 | 000,000,286 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2012/03/03 14:38:46 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/03 14:38:46 | 000,000,286 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2012/03/03 14:38:39 | 000,003,968 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/03 14:38:39 | 000,003,968 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/03 14:37:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/03 14:35:36 | 000,305,664 | ---- | M] (Cutting Edge Software Inc.) -- C:\Users\Admin\AppData\Roaming\h6s5ruij653.exe
[2012/03/03 14:23:01 | 000,000,238 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2012/03/02 19:32:15 | 000,124,928 | ---- | M] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/02 16:43:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-149490994-851355245-691603875-1000Core.job
[2012/02/29 23:55:26 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2012/02/29 23:55:26 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2012/02/25 19:33:55 | 000,618,204 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/02/25 19:33:55 | 000,586,980 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/25 19:33:55 | 000,122,442 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/02/25 19:33:55 | 000,101,052 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/22 11:06:04 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2012/02/20 20:30:32 | 000,000,302 | ---- | M] () -- C:\Users\Admin\Desktop\Audi A4,A6,TT 19 Zoll Rotor Satz 255-35ZR 19 96Y Reifen Original in Bayern - Vöhringen Autoteile & Reifen eBay Kleinanzeigen.url
[2012/02/20 04:52:06 | 000,120,320 | ---- | M] () -- C:\Windows\System32\czip.ocx
[2012/02/20 04:52:06 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sfx32.dll
[2012/02/19 20:55:01 | 000,000,206 | ---- | M] () -- C:\Users\Admin\Desktop\Indirekte LED Beleuchtung Küche - YouTube.url
[2012/02/19 19:58:38 | 000,000,139 | ---- | M] () -- C:\Users\Admin\Desktop\Vinyl & CD Börse.url
[2012/02/15 06:59:53 | 000,000,206 | ---- | M] () -- C:\Users\Admin\Desktop\Sonja Schmidt - Ein Himmelblauer Trabant [1971] - YouTube.url
[2012/02/11 08:59:44 | 000,000,123 | ---- | M] () -- C:\Users\Admin\Desktop\Motive Company.url
[2012/02/10 19:12:26 | 000,000,144 | ---- | M] () -- C:\Users\Admin\Desktop\The 50 Best Henry Rollins Quotes - Spinner.url
[2012/02/10 18:26:41 | 000,000,201 | ---- | M] () -- C:\Users\Admin\Desktop\Lotus Grill.url
[2012/02/07 20:54:53 | 000,000,119 | ---- | M] () -- C:\Users\Admin\Desktop\Of Freaks and Inks Self-Identifying Jack Dracula.url
[2012/02/07 18:09:12 | 000,000,118 | ---- | M] () -- C:\Users\Admin\Desktop\Famous Fat Dave's Five Borough Eating Tour on the Wheels of Steel!.url
[2012/02/06 13:32:01 | 000,000,232 | ---- | M] () -- C:\Users\Admin\Desktop\Wandregal Belly Mortons Art Palace - Indische Möbel, chinesische Einrichtung, asiatisches Design - Wohnen mit Stil Wandr.url
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/03/03 14:49:46 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012/02/20 20:30:32 | 000,000,302 | ---- | C] () -- C:\Users\Admin\Desktop\Audi A4,A6,TT 19 Zoll Rotor Satz 255-35ZR 19 96Y Reifen Original in Bayern - Vöhringen Autoteile & Reifen eBay Kleinanzeigen.url
[2012/02/20 04:52:06 | 000,120,320 | ---- | C] () -- C:\Windows\System32\czip.ocx
[2012/02/19 19:58:38 | 000,000,139 | ---- | C] () -- C:\Users\Admin\Desktop\Vinyl & CD Börse.url
[2012/02/11 08:59:44 | 000,000,123 | ---- | C] () -- C:\Users\Admin\Desktop\Motive Company.url
[2012/02/10 19:12:26 | 000,000,144 | ---- | C] () -- C:\Users\Admin\Desktop\The 50 Best Henry Rollins Quotes - Spinner.url
[2012/02/10 18:26:41 | 000,000,201 | ---- | C] () -- C:\Users\Admin\Desktop\Lotus Grill.url
[2012/02/07 20:54:53 | 000,000,119 | ---- | C] () -- C:\Users\Admin\Desktop\Of Freaks and Inks Self-Identifying Jack Dracula.url
[2012/02/07 18:09:12 | 000,000,118 | ---- | C] () -- C:\Users\Admin\Desktop\Famous Fat Dave's Five Borough Eating Tour on the Wheels of Steel!.url
[2012/02/06 21:20:22 | 000,000,206 | ---- | C] () -- C:\Users\Admin\Desktop\Sonja Schmidt - Ein Himmelblauer Trabant [1971] - YouTube.url
[2011/04/24 06:02:33 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/04/24 06:02:33 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2010/11/27 16:56:57 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010/11/11 13:01:38 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2010/01/06 09:42:45 | 000,000,220 | ---- | C] () -- C:\Users\Admin\AppData\Roaming\wklnhst.dat
[2009/09/27 11:12:14 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009/09/27 11:11:43 | 000,006,211 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009/09/27 05:59:45 | 000,000,068 | ---- | C] () -- C:\Windows\SBWIN.INI
[2009/03/09 08:03:19 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/03/09 08:03:19 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/12/30 16:35:59 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2008/04/28 14:51:57 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/04/28 12:33:34 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2008/04/28 12:20:51 | 000,401,408 | ---- | C] () -- C:\Windows\System32\stepbuttons.dll
[2008/04/28 12:20:51 | 000,124,416 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2008/04/28 12:20:50 | 000,140,800 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2008/04/28 10:49:15 | 000,124,928 | ---- | C] () -- C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/04/28 10:35:42 | 000,000,680 | ---- | C] () -- C:\Users\Admin\AppData\Local\d3d9caps.dat
[2008/03/27 17:33:55 | 000,618,204 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/03/27 17:33:55 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/03/27 17:33:55 | 000,122,442 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/03/27 17:33:55 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008/03/27 09:38:51 | 000,111,448 | ---- | C] () -- C:\Windows\hpqins13.dat
[2008/03/27 09:24:17 | 000,061,440 | ---- | C] () -- C:\Windows\System32\OsdRemove.exe
[2008/03/27 09:21:35 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2008/03/27 09:21:35 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2007/03/29 17:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 001,726,592 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,586,980 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,101,052 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002/09/17 18:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe
[2002/06/05 19:01:58 | 000,029,696 | ---- | C] () -- C:\Windows\System32\asutl8.dll
========== LOP Check ==========
[2009/07/28 17:00:11 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Anvil Studio
[2010/11/11 13:01:37 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Apowersoft
[2012/02/20 04:52:06 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ASCON Installer
[2009/01/14 14:37:45 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\BitTorrent
[2008/08/30 17:56:23 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DNA
[2010/08/03 07:43:52 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\DVDVideoSoftIEHelpers
[2008/04/28 14:47:42 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Easy Thumbnails
[2010/11/06 19:45:30 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\FileZilla
[2010/07/24 02:31:59 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\ICAClient
[2011/10/14 16:46:26 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\MAGIX
[2011/10/26 16:14:27 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Mipony
[2008/08/13 02:47:07 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Nokia
[2008/08/10 07:21:08 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\PC Suite
[2010/04/17 12:56:05 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Sony
[2010/04/17 12:56:05 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Sony Setup
[2010/01/06 09:42:47 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\Template
[2009/08/01 06:35:02 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TomTom
[2010/11/26 16:22:47 | 000,000,000 | ---D | M] -- C:\Users\Admin\AppData\Roaming\TotalRecorder
[2008/04/28 10:06:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/01/07 06:32:52 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2010/07/24 01:45:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Citrix
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2008/04/28 10:06:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2008/04/28 10:06:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/01/10 04:28:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Installations
[2009/04/13 09:58:28 | 000,000,000 | ---D | M] -- C:\ProgramData\LightScribe
[2011/10/14 16:46:26 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2008/03/27 09:44:39 | 000,000,000 | ---D | M] -- C:\ProgramData\muvee Technologies
[2009/07/28 16:37:37 | 000,000,000 | ---D | M] -- C:\ProgramData\NCH Swift Sound
[2011/04/21 13:13:44 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2008/03/27 09:49:19 | 000,000,000 | ---D | M] -- C:\ProgramData\PC-Doctor
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2008/04/28 10:06:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2009/08/01 06:36:36 | 000,000,000 | ---D | M] -- C:\ProgramData\TomTom
[2008/04/28 10:06:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2008/04/28 10:11:35 | 000,000,000 | ---D | M] -- C:\ProgramData\WildTangent
[2010/08/12 06:49:59 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/02/28 10:59:46 | 000,000,000 | ---D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/11/28 06:48:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\{E961CE1B-C3EA-4882-9F67-F859B555D097}
[2012/03/03 14:49:46 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012/03/02 21:24:54 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/03/03 14:38:46 | 000,000,286 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2012/03/03 14:38:47 | 000,000,286 | -H-- | M] () -- C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2012/03/03 14:23:01 | 000,000,238 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
========== Purity Check ==========
< End of report >
|
|
06.03.2012, 16:00
Baum-Darstellung