| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.05.2010, 13:43
| #1 |
 |  Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen Hallo! Ich hab Probleme mit meinem Laptop. Seit einiger Zeit ruft Firefox falsche links auf. Wenn ich Google benutze und will ein Suchergebnis in einem neuen Tab öffnen, dann kommt meistens immer 2 mal Ebay oder irgendwas anderes. Erst danach beim 3. oder 4. versuch kommt die richtige Seite. Ich hab Bitdefender Internet-Security 2010 drauf. Ich hab schon paarmal komplett gescannt, bisher ohne Erfolg. Ich hab momentan den F-Secure Online-Scanner am laufen. Er hat eben 1 Malware und 7 Spyware gefunden. Was noch kommt weiß ich nicht. Was kann ich noch prüfen oder machen? Das Problem hab ich zwar schonmal mit der Suche gefunden, aber das ist 3 Jahre her und manche Programme die empfohlen wurden gibts nicht mehr. Es ist ein Core2Duo mit 2GB und Windows 7 Ultimate 32bit. |
|
19.05.2010, 15:39
| #2 | |
| |  Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen Hi!
__________________Ich hab mal Combofix und CCleaner durchlaufen lassen. Ich erhielt unter anderem auch Meldungen von gefundenen Rootkits. Hier mal ein Logfile: Zitat:
|
|
19.05.2010, 15:43
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen Hallo und
__________________ Combofix sollte nur auf Anweisung hin ausgeführt werden!! bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
19.05.2010, 16:03
| #4 |
| | Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen Hallo! Danke für die Hilfe. Hier die log OTL Code:
ATTFilter OTL logfile created on: 19.05.2010 16:55:08 - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\roadrunner1405\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free 7,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): c:\pagefile.sys 5000 5000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 9,88 Gb Free Space | 4,24% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ROADRUNNER-NB Current User Name: roadrunner1405 Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\roadrunner1405\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Thunderbird 3.0 Beta 3\thunderbird.exe (Mozilla Messaging) PRC - C:\Programme\BitDefender\BitDefender 2010\vsserv.exe (BitDefender S.R.L.) PRC - C:\Programme\a-squared Free\a2service.exe (Emsi Software GmbH) PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.) PRC - C:\Programme\BitDefender\BitDefender 2010\seccenter.exe (BitDefender S.R.L.) PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\Java\jre6\bin\jp2launcher.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Java\jre6\bin\java.exe (Sun Microsystems, Inc.) PRC - C:\Programme\Realtek\Audio\HDA\rthdvcpl.exe (Realtek Semiconductor) PRC - C:\Programme\TeamViewer\Version5\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Programme\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.) PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\xampp\mysql\bin\mysqld.exe (MySQL AB) PRC - C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\TCPSVCS.EXE (Microsoft Corporation) PRC - C:\Windows\System32\snmp.exe (Microsoft Corporation) PRC - C:\Windows\System32\psxss.exe (Microsoft Corporation) PRC - C:\Windows\System32\inetsrv\inetinfo.exe (Microsoft Corporation) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) PRC - C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) PRC - C:\Programme\Intel\AMT\UNS.exe (Intel Corporation) PRC - C:\Programme\Intel\AMT\atchksrv.exe (Intel Corporation) PRC - C:\Programme\Intel\AMT\LMS.exe (Intel Corporation) PRC - C:\Programme\Common Files\microsoft shared\VS7DEBUG\mdm.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\roadrunner1405\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_60\plugin_extra.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_60\plugin_net.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_60\plugin_nt.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_60\plugin_base.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_60\plugin_fragments.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_60\midas32.dll (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_60\plugin_registry.m32 (BitDefender S.R.L. Bucharest, ROMANIA) MOD - C:\Programme\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_60\leaktests.m32 (BitDefender SRL) MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (VSSERV) -- C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe (BitDefender S.R.L.) SRV - (a2free) -- C:\Program Files\a-squared Free\a2service.exe (Emsi Software GmbH) SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software) SRV - (MatSvc) -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation) SRV - (scan) -- C:\Programme\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (S.C. BitDefender S.R.L) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (LIVESRV) -- C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe (BitDefender S.R.L.) SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) Intel(R) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (CPUCooLServer) -- C:\Programme\CPUCooL\CooLSRV.exe () SRV - (MySQL) -- C:\xampp\mysql\bin\mysqld.exe (MySQL AB) SRV - (Apache2.2) -- C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) SRV - (Arrakis3) -- C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe (BitDefender S.R.L. hxxp://www.bitdefender.com) SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (Nero BackItUp Scheduler 4.0) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG) SRV - (StarMoney 7.0 OnlineUpdate) -- C:\Programme\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (LPDSVC) -- C:\Windows\System32\lpdsvc.dll (Microsoft Corporation) SRV - (WAS) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (W3SVC) -- C:\Windows\System32\inetsrv\iisw3adm.dll (Microsoft Corporation) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (ftpsvc) -- C:\Windows\System32\inetsrv\ftpsvc.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppHostSvc) -- C:\Windows\System32\inetsrv\apphostsvc.dll (Microsoft Corporation) SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (WMSVC) -- C:\Windows\System32\inetsrv\WMSvc.exe (Microsoft Corporation) SRV - (simptcp) -- C:\Windows\System32\TCPSVCS.EXE (Microsoft Corporation) SRV - (SNMP) -- C:\Windows\System32\snmp.exe (Microsoft Corporation) SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (IISADMIN) -- C:\Windows\System32\inetsrv\inetinfo.exe (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (OMSI download service) -- C:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe () SRV - (HsfXAudioService) -- C:\Windows\System32\XAudio32.dll (Conexant Systems, Inc.) SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (UNS) Intel(R) -- C:\Programme\Intel\AMT\UNS.exe (Intel Corporation) SRV - (atchksrv) Intel(R) -- C:\Programme\Intel\AMT\atchksrv.exe (Intel Corporation) SRV - (LMS) Intel(R) -- C:\Programme\Intel\AMT\LMS.exe (Intel Corporation) SRV - (TOSHIBA Bluetooth Service) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION) SRV - (tcsd_win32.exe) -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe () SRV - (SecureStorageService) -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe (Wave Systems Corp.) ========== Driver Services (SafeList) ========== DRV - (BDVEDISK) -- C:\Programme\BitDefender\BitDefender 2010\bdvedisk.sys (BitDefender) DRV - (bdfwfpf) -- C:\Programme\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys (BitDefender LLC) DRV - (BdfNdisf) -- C:\Windows\System32\drivers\BdfNdisf6.sys (BitDefender LLC) DRV - (bdfsfltr) -- C:\Windows\system32\DRIVERS\bdfsfltr.sys (BitDefender) DRV - (io.sys) -- C:\Windows\System32\drivers\io.sys () DRV - (avmaura) -- C:\Windows\System32\drivers\avmaura.sys (AVM Berlin) DRV - (AF15BDA) -- C:\Windows\System32\drivers\AF15BDA.sys (ITETech ) DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (BDFM) -- C:\Windows\System32\drivers\bdfm.sys (BitDefender S.R.L. Bucharest, ROMANIA) DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (ntiopnp) -- C:\Windows\System32\drivers\ntiopnp.sys () DRV - (ntiomin) -- C:\Windows\System32\drivers\ntiomin.sys () DRV - (zebrbus) -- C:\Windows\System32\drivers\zebrbus.sys (MCCI) DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (teamviewervpn) -- C:\Windows\System32\drivers\teamviewervpn.sys (TeamViewer GmbH) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys (Duplex Secure Ltd.) DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation) DRV - (Profos) -- C:\Programme\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys (BitDefender S.R.L.) DRV - (tdrpman124) Acronis Try&Decide and Restore Points filter (build 124) -- C:\Windows\system32\DRIVERS\tdrpm124.sys (Acronis) DRV - (snapman378) Acronis Snapshots Manager (Build 378) -- C:\Windows\system32\DRIVERS\snman378.sys (Acronis) DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (MQAC) -- C:\Windows\System32\drivers\mqac.sys (Microsoft Corporation) DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (RMCAST) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation) DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (PsxDrv) -- C:\Windows\System32\drivers\psxdrv.sys (Microsoft Corporation) DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation) DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (AF9035BDA) -- C:\Windows\System32\drivers\AF9035BDA.sys (AfaTech ) DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (Trufos) -- C:\Programme\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (BitDefender S.R.L.) DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio32.sys (Conexant Systems, Inc.) DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (TcUsb) -- C:\Windows\System32\drivers\tcusb.sys (UPEK Inc.) DRV - (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.) DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Winbond Electronics Corp.) DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications) DRV - (KeyAgent) -- C:\Windows\System32\drivers\KeyAgent.sys (Intel Corporation) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys (Intel Corporation) DRV - (ISODrive) -- C:\Programme\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.) DRV - (HECI) Intel(R) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation) DRV - (stmtpm) -- C:\Windows\system32\DRIVERS\stm_tpm.sys (STMicroelectronics, INC) DRV - (wbms_vista_x86) -- C:\Windows\System32\drivers\wbms_vista_x86.sys (Winbond Electronics Corp.) DRV - (DCamUSBGene) -- C:\Windows\System32\drivers\USBGENE.sys (Genesys Logic, Inc.) DRV - (tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION) DRV - (tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation) DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION) DRV - (wbsdmmc) -- C:\Windows\System32\drivers\wbsdmmc_vista_x86.sys (Winbond Electronics Corp.) DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.) DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation) DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.) DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\HSFHWAZL.sys (Conexant Systems, Inc.) DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation) DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.) DRV - (giveio) -- C:\Windows\System32\drivers\giveio.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F7 E9 F4 2F 3F E8 CA 01 [binary data] IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q=" FF - prefs.js..browser.search.openintab: true FF - prefs.js..browser.search.order.1: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "megaup" FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "megaup" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/" FF - prefs.js..extension.gacela.network.proxy.autoconfig_url: "hxxp://nurago29.pop-hannover.net/gacela2/gacela2_pilot0903/autoproxyconfig.php?id=10901&type=FF&version=2.1.16" FF - prefs.js..extension.gacela.network.proxy.type: 0 FF - prefs.js..extensions.enabledItems: fb_add_on@avm.de:1.5.5 FF - prefs.js..extensions.enabledItems: gmailthis@lazyrussian.com:2.2.9 FF - prefs.js..extensions.enabledItems: tabscope@xuldev.org:0.3.2 FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:0.9.10.2 FF - prefs.js..extensions.enabledItems: {06C43693-2C7F-4beb-BB52-EF92C6CA0C44}:0.6.3 FF - prefs.js..extensions.enabledItems: {32D83016-0657-4cd3-B7D2-0B4D12CEC60E}:1.3.7 FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1 FF - prefs.js..extensions.enabledItems: {7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}:5.2.4.8 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.3 FF - prefs.js..extensions.enabledItems: {8620c15f-30dc-4dba-a131-7c5d20cf4a29}:2.0.3 FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.6.3 FF - prefs.js..extensions.enabledItems: {aff87fa2-a58e-4edd-b852-0a20203c1e17}:0.7 FF - prefs.js..extensions.enabledItems: {ba243cb0-b824-4a26-9418-73ee795d9b9d}:1.0.3 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.3pre.100412a FF - prefs.js..extensions.enabledItems: {f65bf62a-5ffc-4317-9612-38907a779583}:1.3.0 FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0 FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.4.14.1 FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10 FF - prefs.js..extensions.enabledItems: {04CA07AB-7FC3-4110-A83F-EF1E6B75D5B0}:4.0.2 FF - prefs.js..extensions.enabledItems: {1AF3FC34-0725-4485-A939-6B40EB7CA96A}:1.8.1 FF - prefs.js..extensions.enabledItems: {2A10B180-05EF-11D9-8C50-444553540001}:2.6.6 FF - prefs.js..extensions.enabledItems: {3143B27B-F7DE-49d8-BF08-C2E4DEA71DBB}:1.0.2 FF - prefs.js..extensions.enabledItems: {36C13C8F-54F1-412e-8177-2E411719162D}:4.1.1 FF - prefs.js..extensions.enabledItems: {8803789a-23eb-44b4-bd48-6762fd320242}:1.0.20060118 FF - prefs.js..extensions.enabledItems: {a02c0c70-605c-11da-8cd6-0800200c9a66}:4.22 FF - prefs.js..extensions.enabledItems: {a81bafeb-b6ed-4501-aa17-15a2b3857e56}:3.5 FF - prefs.js..extensions.enabledItems: {bde351f9-0fcb-2fcf-3b9b-626f1f37d6e5}:0.8.2 FF - prefs.js..extensions.enabledItems: {bef86380-a99d-11da-a746-0800200c9a66}:1.0.1 FF - prefs.js..extensions.enabledItems: {c9c58820-7bd4-11da-a72b-0800200c9a66}:3.20100306 FF - prefs.js..extensions.enabledItems: {d3d70bca-2d54-425e-b02c-b7e2f4b07688}:3.5 FF - prefs.js..extensions.enabledItems: {e8cba685-830c-1283-6314-a6ae605cc7be}:2.0.1 FF - prefs.js..extensions.enabledItems: {F23DF9FE-E13C-4203-A3BF-61E8F8DC296C}:1.5.0.4 FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q=" FF - prefs.js..network.proxy.autoconfig_url: "hxxp://nurago29.pop-hannover.net/gacela2/gacela2_pilot0903/autoproxyconfig.php?id=10901&type=FF&version=2.1.16" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.3&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2010.04.02 21:58:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.04 11:54:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.04 11:54:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.5\extensions\\Components: C:\Program Files\Mozilla Thunderbird 3.0 Beta 3\components [2010.05.16 20:02:37 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdtbext\ [2010.02.20 20:40:33 | 000,000,000 | ---D | M] [2010.04.26 21:36:18 | 000,000,000 | ---D | M] -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Extensions [2010.04.26 21:36:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.05.18 22:21:29 | 000,000,000 | ---D | M] -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions [2010.04.25 23:32:35 | 000,000,000 | ---D | M] (Azerty III) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{04CA07AB-7FC3-4110-A83F-EF1E6B75D5B0} [2010.04.25 23:32:35 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2010.04.25 23:32:36 | 000,000,000 | ---D | M] (Send Page By Email) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{06C43693-2C7F-4beb-BB52-EF92C6CA0C44} [2010.04.25 23:32:36 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}(21) [2010.04.25 23:32:36 | 000,000,000 | ---D | M] (Metal Lion - Vista) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{1AF3FC34-0725-4485-A939-6B40EB7CA96A} [2010.04.25 23:32:36 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2010.04.25 23:32:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.04.25 23:32:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{2A10B180-05EF-11D9-8C50-444553540001} [2010.04.25 23:32:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{3143B27B-F7DE-49d8-BF08-C2E4DEA71DBB} [2010.04.25 23:32:36 | 000,000,000 | ---D | M] (Open Link Host) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{32D83016-0657-4cd3-B7D2-0B4D12CEC60E} [2010.04.25 23:32:36 | 000,000,000 | ---D | M] (Qute) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{36C13C8F-54F1-412e-8177-2E411719162D} [2010.04.25 23:32:36 | 000,000,000 | ---D | M] (PDF Download) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250} [2010.04.25 23:32:37 | 000,000,000 | ---D | M] (eBay Sidebar for Firefox) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088} [2010.04.25 23:32:37 | 000,000,000 | ---D | M] (ImageShack® Toolbar) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24} [2010.04.25 23:32:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.04.25 23:32:39 | 000,000,000 | ---D | M] (Nightly Tester Tools) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29} [2010.04.25 23:32:39 | 000,000,000 | ---D | M] (Netscape - Winscape) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{8803789a-23eb-44b4-bd48-6762fd320242} [2010.04.25 23:32:39 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644} [2010.04.25 23:32:39 | 000,000,000 | ---D | M] (MR Tech Toolkit) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC} [2010.04.25 23:32:39 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e} [2010.04.25 23:32:40 | 000,000,000 | ---D | M] (PimpZilla) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{a02c0c70-605c-11da-8cd6-0800200c9a66} [2010.04.25 23:32:40 | 000,000,000 | ---D | M] (jDownFF) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{a3b24d40-bac4-11dc-95ff-0800200c9a66} [2010.04.25 23:32:40 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2010.04.25 23:32:40 | 000,000,000 | ---D | M] (iFox) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{a81bafeb-b6ed-4501-aa17-15a2b3857e56} [2010.04.25 23:32:40 | 000,000,000 | ---D | M] (gTranslate) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17} [2010.04.25 23:32:40 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492} [2010.04.25 23:32:40 | 000,000,000 | ---D | M] (WataCrackaz AutoSMS) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{b422f337-27e5-4d5c-bb07-c189e7e7d7f2} [2010.04.25 23:32:40 | 000,000,000 | ---D | M] (Bookmark Duplicate Detector) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{ba243cb0-b824-4a26-9418-73ee795d9b9d} [2010.04.25 23:32:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{bde351f9-0fcb-2fcf-3b9b-626f1f37d6e5} [2010.04.25 23:32:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{bef86380-a99d-11da-a746-0800200c9a66} [2010.04.25 23:32:41 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8} [2010.04.25 23:32:41 | 000,000,000 | ---D | M] (Plain Text to Link [de]) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{C90B0826-5A17-4970-A5BF-A43D22452E21} [2010.04.25 23:32:45 | 000,000,000 | ---D | M] (iPox) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66} [2010.04.25 23:32:45 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7} [2010.04.25 23:32:45 | 000,000,000 | ---D | M] (iFox Smooth) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{d3d70bca-2d54-425e-b02c-b7e2f4b07688} [2010.04.25 23:32:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{dc572301-7619-498c-a57d-39143191b318} [2010.04.25 23:32:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{e8cba685-830c-1283-6314-a6ae605cc7be} [2010.05.17 14:28:38 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2010.04.25 23:32:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{F23DF9FE-E13C-4203-A3BF-61E8F8DC296C} [2010.04.25 23:32:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{f65bf62a-5ffc-4317-9612-38907a779583} [2010.04.25 23:32:34 | 000,000,000 | ---D | M] -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\DTToolbar@toolbarnet.com [2010.04.25 23:32:35 | 000,000,000 | ---D | M] -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\fb_add_on@avm.de [2010.04.25 23:32:35 | 000,000,000 | ---D | M] -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\gmailthis@lazyrussian.com [2010.04.25 23:32:35 | 000,000,000 | ---D | M] -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\qprefbtn@max.max [2010.04.25 23:32:35 | 000,000,000 | ---D | M] -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\qtl.co.il@gmail.com [2010.04.25 23:32:35 | 000,000,000 | ---D | M] -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\savesession@noasobi.net [2010.04.25 23:32:35 | 000,000,000 | ---D | M] -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\speedtest@gotomyhelp.com [2010.04.25 23:32:35 | 000,000,000 | ---D | M] -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\tabscope@xuldev.org [2010.04.25 23:32:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66}\chrome\mozapps\extensions [2010.04.25 23:32:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\roadrunner1405\AppData\Roaming\mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{c9c58820-7bd4-11da-a72b-0800200c9a66}\chrome\mozapps\extensions\CVS [2009.10.24 16:45:56 | 000,002,399 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Roaming\Mozilla\FireFox\Profiles\jx3wb3ha.default\searchplugins\daemon-search.xml [2010.05.13 20:12:43 | 000,000,950 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Roaming\Mozilla\FireFox\Profiles\jx3wb3ha.default\searchplugins\icqplugin-1.xml [2010.01.01 17:58:50 | 000,000,961 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Roaming\Mozilla\FireFox\Profiles\jx3wb3ha.default\searchplugins\icqplugin-2.xml [2010.01.10 20:38:48 | 000,000,961 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Roaming\Mozilla\FireFox\Profiles\jx3wb3ha.default\searchplugins\icqplugin-3.xml [2010.02.28 19:44:00 | 000,000,961 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Roaming\Mozilla\FireFox\Profiles\jx3wb3ha.default\searchplugins\icqplugin-4.xml [2010.03.12 20:07:44 | 000,000,950 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Roaming\Mozilla\FireFox\Profiles\jx3wb3ha.default\searchplugins\icqplugin-5.xml [2010.03.24 09:25:26 | 000,000,950 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Roaming\Mozilla\FireFox\Profiles\jx3wb3ha.default\searchplugins\icqplugin-6.xml [2010.03.25 20:37:24 | 000,000,950 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Roaming\Mozilla\FireFox\Profiles\jx3wb3ha.default\searchplugins\icqplugin-7.xml [2010.04.25 22:55:18 | 000,000,950 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Roaming\Mozilla\FireFox\Profiles\jx3wb3ha.default\searchplugins\icqplugin-8.xml [2010.05.15 17:24:43 | 000,000,950 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Roaming\Mozilla\FireFox\Profiles\jx3wb3ha.default\searchplugins\icqplugin-9.xml [2010.02.03 15:37:50 | 000,000,947 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Roaming\Mozilla\FireFox\Profiles\jx3wb3ha.default\searchplugins\icqplugin.xml [2009.11.11 22:04:22 | 000,002,108 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Roaming\Mozilla\FireFox\Profiles\jx3wb3ha.default\searchplugins\qtl.xml [2010.05.17 14:28:33 | 000,003,915 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Roaming\Mozilla\FireFox\Profiles\jx3wb3ha.default\searchplugins\sweetim.xml [2010.05.15 17:34:29 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.04.27 13:03:14 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.05.19 16:00:12 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Programme\BitDefender\BitDefender 2010\ietoolbar.dll (BitDefender S.R.L.) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe (BitDefender S.R.L.) O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe (BitDefender S.R.L.) O4 - HKLM..\Run: [MsmqIntCert] C:\Windows\System32\mqrt.dll (Microsoft Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - Startup: C:\Users\roadrunner1405\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk = C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) O4 - Startup: C:\Users\roadrunner1405\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird 3.0 Beta 3.lnk = C:\Programme\Mozilla Thunderbird 3.0 Beta 3\thunderbird.exe (Mozilla Messaging) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\biolsp.dll (Wave Systems Corp.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\biolsp.dll (Wave Systems Corp.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\biolsp.dll (Wave Systems Corp.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\biolsp.dll (Wave Systems Corp.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\biolsp.dll (Wave Systems Corp.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\biolsp.dll (Wave Systems Corp.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation) O24 - Desktop WallPaper: C:\Users\roadrunner1405\Pictures\Ines.jpg O24 - Desktop BackupWallPaper: C:\Users\roadrunner1405\Pictures\Ines.jpg O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (wvauth) - C:\Windows\System32\wvauth.dll (Wave Systems Corp.) O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.05.19 16:51:34 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Users\roadrunner1405\Desktop\OTL.exe [2010.05.19 16:00:14 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2010.05.19 15:57:19 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\AppData\Local\temp [2010.05.19 15:31:28 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2010.05.19 15:31:28 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2010.05.19 15:31:28 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2010.05.19 15:31:12 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2010.05.19 15:30:17 | 000,000,000 | ---D | C] -- C:\Qoobox [2010.05.19 15:29:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2010.05.19 15:22:37 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2010.05.19 14:57:13 | 003,382,520 | ---- | C] (Piriform Ltd) -- C:\Users\roadrunner1405\Desktop\ccsetup231.exe [2010.05.19 14:24:48 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure [2010.05.18 19:15:49 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\NDS Kernel Utility [2010.05.18 17:58:59 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\NDS [2010.05.18 17:27:53 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\NAVIGONSD [2010.05.17 23:05:22 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\Avatar [2010.05.17 17:23:27 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\Alarmanlage [2010.05.17 14:28:23 | 000,000,000 | ---D | C] -- C:\Programme\SweetIM [2010.05.17 14:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM [2010.05.16 19:58:30 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\Robin Hood [2010.05.16 13:48:48 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\Navteq Deutschland 2009 -2010 [2010.05.16 03:13:25 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\Iron.Man.2.TELESYNC.German.XviD-2Brothers [2010.05.15 23:57:01 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\Kampf.der.Titanen.2010.TS.LD.German.PROPER2.XViD.Chefflo [2010.05.15 17:03:06 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.1 [2010.05.12 12:10:54 | 003,648,320 | ---- | C] (AVM Gmbh) -- C:\Users\roadrunner1405\Desktop\AVM_TAPI_Services_for_FRITZ!Box.exe [2010.05.10 20:42:23 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll [2010.05.10 20:42:23 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys [2010.05.08 14:25:37 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Documents\Turbo Lister Backup [2010.05.07 21:15:40 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Documents\KMPlayer [2010.05.07 21:15:29 | 000,000,000 | ---D | C] -- C:\Programme\The KMPlayer [2010.05.07 21:02:24 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\AppData\Local\ratDVD [2010.05.07 21:02:03 | 000,000,000 | ---D | C] -- C:\Programme\ratDVD [2010.05.07 15:32:46 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\AppData\Local\Diagnostics [2010.05.05 13:07:51 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Documents\Turbo Lister [2010.05.05 12:56:56 | 000,000,000 | ---D | C] -- C:\Programme\eBay [2010.05.05 12:56:56 | 000,000,000 | ---D | C] -- C:\ProgramData\eBay [2010.05.04 12:12:46 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\AppData\Local\FixItCenter [2010.05.04 11:58:15 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur [2010.05.04 11:54:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage [2010.05.04 11:50:49 | 000,000,000 | ---D | C] -- C:\Windows\MATS [2010.05.04 11:50:48 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Fix it Center [2010.05.04 00:44:30 | 000,000,000 | ---D | C] -- C:\Programme\Registry Easy [2010.05.03 19:18:38 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro [2010.04.28 08:28:01 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Documents\a-squared Free [2010.04.28 08:28:01 | 000,000,000 | ---D | C] -- C:\Programme\a-squared Free [2010.04.27 15:59:33 | 000,000,000 | R--D | C] -- C:\Users\Public\Documents\C64 Files [2010.04.27 15:59:33 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Cloanto [2010.04.27 15:59:33 | 000,000,000 | ---D | C] -- C:\Programme\Cloanto [2010.04.27 15:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Cloanto [2010.04.27 14:10:41 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\C64 [2010.04.27 12:25:32 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2010.04.27 12:10:19 | 000,030,536 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2010.04.27 12:09:34 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2010 [2010.04.27 12:07:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} [2010.04.27 11:45:41 | 000,000,000 | ---D | C] -- C:\Programme\Unlocker [2010.04.26 22:37:15 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2010.04.26 22:35:02 | 000,000,000 | ---D | C] -- C:\Programme\GridinSoft Trojan Killer [2010.04.26 22:13:13 | 000,000,000 | ---D | C] -- C:\Programme\QSoft [2010.04.26 22:12:13 | 000,000,000 | ---D | C] -- C:\Programme\NoVirusThanks [2010.04.26 22:07:00 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Documents\Simply Super Software [2010.04.26 22:06:45 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ztvcabinet.dll [2010.04.26 22:06:42 | 000,000,000 | ---D | C] -- C:\Programme\Trojan Remover [2010.04.26 22:06:42 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\AppData\Roaming\Simply Super Software [2010.04.26 22:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software [2010.04.26 17:56:28 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\Stargate Universe S01e13 german sub HDTV XVID - FQ [2010.04.26 17:52:53 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\Stargate Universe - 1x14 - Human [2010.04.26 11:00:24 | 000,209,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabctl32.ocx [2010.04.26 11:00:24 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Msinet.ocx [2010.04.26 11:00:24 | 000,000,000 | ---D | C] -- C:\ZL_DB_CCcam_SoftCam_Control [2010.04.25 23:15:47 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\AppData\Roaming\Mozilla [2010.04.25 23:15:47 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\AppData\Local\Mozilla [2010.04.25 23:15:39 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2010.04.25 18:54:07 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\Navi [2010.04.25 12:22:26 | 000,000,000 | ---D | C] -- C:\Programme\WindowsServices [2010.04.25 12:22:22 | 000,364,032 | ---- | C] (CoreCodec) -- C:\Windows\System32\CoreAVCDecoder.ax [2010.04.25 12:22:20 | 000,000,000 | ---D | C] -- C:\Programme\TimHillOne [2010.04.25 10:34:12 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\Lena Meyer Landrut Unser Star für Oslo - Satellite [2010.04.24 15:18:19 | 000,000,000 | ---D | C] -- C:\Users\roadrunner1405\Desktop\FULL - Assassins Creed II DVD5 - GENTi [2010.04.24 13:05:58 | 000,000,000 | ---D | C] -- C:\Programme\PGWARE [2010.04.23 16:59:54 | 001,044,480 | R--- | C] (eHelp Corporation.) -- C:\Windows\System32\roboex32.dll [2010.04.23 16:59:54 | 000,049,152 | R--- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\inetwh32.dll ========== Files - Modified Within 30 Days ========== [2010.05.19 16:56:39 | 002,883,584 | -HS- | M] () -- C:\Users\roadrunner1405\NTUSER.DAT [2010.05.19 16:51:34 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Users\roadrunner1405\Desktop\OTL.exe [2010.05.19 16:24:28 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.05.19 16:24:28 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.05.19 16:00:18 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini [2010.05.19 16:00:12 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2010.05.19 15:59:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.05.19 15:58:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.05.19 15:58:49 | 1577,275,392 | -HS- | M] () -- C:\hiberfil.sys [2010.05.19 15:44:52 | 000,000,052 | ---- | M] () -- C:\Windows\System32\ashttpstats.csv [2010.05.19 15:26:40 | 000,021,368 | ---- | M] () -- C:\Users\roadrunner1405\Desktop\cc_20100519_152631.reg [2010.05.19 14:57:23 | 003,382,520 | ---- | M] (Piriform Ltd) -- C:\Users\roadrunner1405\Desktop\ccsetup231.exe [2010.05.19 14:55:32 | 003,691,277 | R--- | M] () -- C:\Users\roadrunner1405\Desktop\ComboFix.exe [2010.05.18 00:07:03 | 000,003,584 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.17 18:06:35 | 000,016,946 | ---- | M] () -- C:\Users\roadrunner1405\Desktop\996389782_2.jpg [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_unmip.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\phar_histprot.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_webproxy.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_video.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_tabloids.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_socialnetworks.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_searchengines.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_regionaltlds.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_pornography.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlineshop.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinepay.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_onlinedating.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_news.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_im.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_illegal.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_hate.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_games.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_gambling.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | M] () -- C:\Windows\System32\pc_drugs.dat [2010.05.12 12:11:01 | 003,648,320 | ---- | M] (AVM Gmbh) -- C:\Users\roadrunner1405\Desktop\AVM_TAPI_Services_for_FRITZ!Box.exe [2010.05.12 11:38:29 | 000,001,606 | ---- | M] () -- C:\Users\roadrunner1405\Desktop\Überweisungen.rtf [2010.05.10 20:33:58 | 000,171,136 | RHS- | M] () -- C:\loadmgr [2010.05.10 20:21:27 | 002,779,605 | -H-- | M] () -- C:\Users\roadrunner1405\AppData\Local\IconCache.db [2010.05.10 14:56:07 | 000,072,784 | ---- | M] (BitDefender LLC) -- C:\Windows\System32\drivers\BdfNdisf6.sys [2010.05.10 14:05:30 | 000,000,112 | ---- | M] () -- C:\ProgramData\ge8aaiu.dat [2010.05.07 21:28:18 | 000,000,194 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Roaming\default.rss [2010.05.07 21:11:01 | 000,002,853 | ---- | M] () -- C:\ProgramData\hQrLb0N2.PIF [2010.05.07 21:03:39 | 000,068,610 | ---- | M] () -- C:\ProgramData\hQrLb0N2.exe [2010.05.04 20:43:59 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\OV9655S.SET [2010.05.04 12:39:56 | 000,000,036 | ---- | M] () -- C:\Users\roadrunner1405\AppData\Local\housecall.guid.cache [2010.05.04 12:05:39 | 000,000,042 | ---- | M] () -- C:\Windows\System32\RegistryEasy.lie [2010.04.27 19:59:24 | 000,001,844 | ---- | M] () -- C:\Users\roadrunner1405\Desktop\UseNeXT.lnk [2010.04.27 16:27:19 | 000,002,644 | ---- | M] () -- C:\Users\roadrunner1405\Documents\C64 Files.lnk [2010.04.27 15:59:43 | 000,002,179 | ---- | M] () -- C:\Users\Public\Documents\C64 Files.lnk [2010.04.27 13:25:05 | 000,079,676 | ---- | M] () -- C:\Users\Public\Documents\Fingerprint Backup.fpbak [2010.04.26 15:58:12 | 000,256,512 | ---- | M] () -- C:\Windows\PEV.exe [2010.04.26 09:25:22 | 009,179,345 | ---- | M] () -- C:\Users\roadrunner1405\Desktop\Elton John & Kiki Dee - Don't Go Breaking My Heart (Long Ultrasound Version).mp3 [2010.04.25 23:15:42 | 000,001,926 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.04.25 23:03:56 | 037,102,791 | ---- | M] () -- C:\Firefox 3.6.3 (de) - 2010-04-25.pcv [2010.04.25 10:38:15 | 009,627,278 | ---- | M] () -- C:\Users\roadrunner1405\Desktop\02.David Bisbal & K'naan - Waving Flag (Sud Africa 2010).mp3 [2010.04.24 00:01:15 | 002,950,726 | ---- | M] () -- C:\Users\roadrunner1405\Desktop\zinn.pdf [2010.04.23 16:59:54 | 001,044,480 | R--- | M] (eHelp Corporation.) -- C:\Windows\System32\roboex32.dll [2010.04.23 16:59:54 | 000,049,152 | R--- | M] (Blue Sky Software Corporation.) -- C:\Windows\System32\inetwh32.dll ========== Files Created - No Company Name ========== [2010.05.19 15:31:28 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2010.05.19 15:31:28 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2010.05.19 15:31:28 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2010.05.19 15:31:28 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe [2010.05.19 15:31:28 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2010.05.19 15:26:37 | 000,021,368 | ---- | C] () -- C:\Users\roadrunner1405\Desktop\cc_20100519_152631.reg [2010.05.19 14:55:13 | 003,691,277 | R--- | C] () -- C:\Users\roadrunner1405\Desktop\ComboFix.exe [2010.05.17 18:06:32 | 000,016,946 | ---- | C] () -- C:\Users\roadrunner1405\Desktop\996389782_2.jpg [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_unmip.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\phar_histprot.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_webproxy.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_video.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_tabloids.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_socialnetworks.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_searchengines.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_regionaltlds.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_pornography.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlineshop.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinepay.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_onlinedating.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_news.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_im.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_illegal.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_hate.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_games.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_gambling.dat [2010.05.13 10:22:10 | 000,000,000 | ---- | C] () -- C:\Windows\System32\pc_drugs.dat [2010.05.12 11:38:29 | 000,001,606 | ---- | C] () -- C:\Users\roadrunner1405\Desktop\Überweisungen.rtf [2010.05.11 13:22:04 | 735,221,760 | ---- | C] () -- C:\Users\roadrunner1405\Desktop\xcopy-cfever2.avi [2010.05.11 13:21:29 | 731,799,552 | ---- | C] () -- C:\Users\roadrunner1405\Desktop\0ptimus-nimido-xvid.avi [2010.05.10 20:33:58 | 000,171,136 | RHS- | C] () -- C:\loadmgr [2010.05.07 21:11:01 | 000,002,853 | ---- | C] () -- C:\ProgramData\hQrLb0N2.PIF [2010.05.07 20:56:00 | 000,003,584 | ---- | C] () -- C:\Users\roadrunner1405\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.05 10:44:16 | 000,000,112 | ---- | C] () -- C:\ProgramData\ge8aaiu.dat [2010.05.05 10:44:12 | 000,068,610 | ---- | C] () -- C:\ProgramData\hQrLb0N2.exe [2010.05.04 20:43:59 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\OV9655S.SET [2010.05.04 12:39:56 | 000,000,036 | ---- | C] () -- C:\Users\roadrunner1405\AppData\Local\housecall.guid.cache [2010.05.04 12:05:39 | 000,000,042 | ---- | C] () -- C:\Windows\System32\RegistryEasy.lie [2010.04.27 19:59:24 | 000,001,844 | ---- | C] () -- C:\Users\roadrunner1405\Desktop\UseNeXT.lnk [2010.04.27 16:00:06 | 000,002,644 | ---- | C] () -- C:\Users\roadrunner1405\Documents\C64 Files.lnk [2010.04.27 16:00:06 | 000,002,179 | ---- | C] () -- C:\Users\Public\Documents\C64 Files.lnk [2010.04.27 13:25:04 | 000,079,676 | ---- | C] () -- C:\Users\Public\Documents\Fingerprint Backup.fpbak [2010.04.26 22:06:45 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll [2010.04.26 22:06:45 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll [2010.04.26 22:06:45 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll [2010.04.26 22:06:45 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll [2010.04.26 09:31:00 | 009,179,345 | ---- | C] () -- C:\Users\roadrunner1405\Desktop\Elton John & Kiki Dee - Don't Go Breaking My Heart (Long Ultrasound Version).mp3 [2010.04.25 23:15:42 | 000,001,926 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.04.25 23:03:32 | 037,102,791 | ---- | C] () -- C:\Firefox 3.6.3 (de) - 2010-04-25.pcv [2010.04.25 12:22:22 | 000,167,936 | ---- | C] () -- C:\Windows\System32\CoreAACDecoder.ax [2010.04.25 10:39:39 | 009,627,278 | ---- | C] () -- C:\Users\roadrunner1405\Desktop\02.David Bisbal & K'naan - Waving Flag (Sud Africa 2010).mp3 [2010.04.24 00:00:56 | 002,950,726 | ---- | C] () -- C:\Users\roadrunner1405\Desktop\zinn.pdf [2010.03.29 22:58:31 | 000,005,152 | ---- | C] () -- C:\Windows\System32\drivers\io.sys [2010.03.29 22:58:16 | 000,046,592 | ---- | C] () -- C:\Windows\System32\io.dll [2010.03.29 22:58:16 | 000,046,592 | ---- | C] () -- C:\Windows\io.dll [2010.03.22 20:21:33 | 000,005,248 | ---- | C] () -- C:\Windows\System32\drivers\giveio.sys [2010.03.16 22:00:00 | 000,110,080 | ---- | C] () -- C:\Windows\System32\nLame.dll [2010.03.16 22:00:00 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll [2010.01.07 16:59:34 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2010.01.03 20:28:18 | 000,012,800 | ---- | C] () -- C:\Windows\System32\drivers\ntiopnp.sys [2010.01.03 20:28:18 | 000,011,392 | ---- | C] () -- C:\Windows\System32\drivers\ntiomin.sys [2009.12.24 01:57:48 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2009.11.25 22:03:24 | 000,000,121 | ---- | C] () -- C:\Windows\bdagent.INI [2009.11.15 21:59:42 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll [2009.10.25 19:53:40 | 000,009,728 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll [2009.10.18 11:27:51 | 000,000,141 | ---- | C] () -- C:\Windows\Altair.INI [2009.09.11 12:40:56 | 000,000,097 | ---- | C] () -- C:\Windows\WirelessFTP.INI [2009.09.09 12:47:20 | 000,000,184 | ---- | C] () -- C:\Windows\KTEL.INI [2009.09.05 15:06:38 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2009.09.05 15:06:38 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2009.08.25 15:58:27 | 001,736,704 | ---- | C] () -- C:\Windows\System32\Tsp1.dll [2009.08.25 15:56:55 | 000,106,496 | ---- | C] () -- C:\Windows\System32\bioapi100.dll [2009.08.25 15:56:54 | 000,143,360 | ---- | C] () -- C:\Windows\System32\bioapi_mds300.dll [2009.08.25 15:24:35 | 000,000,227 | ---- | C] () -- C:\Windows\hbcikrnl.ini [2009.08.25 14:04:37 | 000,000,069 | ---- | C] () -- C:\Windows\wininit.ini [2009.08.23 23:43:26 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.08.23 00:06:50 | 000,000,000 | ---- | C] () -- C:\Windows\tosOBEX.INI [2009.08.22 18:35:04 | 000,515,328 | ---- | C] () -- C:\Windows\System32\drivers\USBGENE1.sys [2009.08.22 18:35:04 | 000,232,704 | ---- | C] () -- C:\Windows\System32\drivers\USBGENE0.sys [2009.08.22 17:25:05 | 000,266,240 | ---- | C] () -- C:\Windows\System32\EMSC.dll [2009.08.16 11:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.05.29 16:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009.05.29 16:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2009.01.15 13:45:34 | 000,181,248 | ---- | C] () -- C:\Windows\System32\txmlutil.dll [2008.09.12 16:21:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest [2007.08.16 15:17:50 | 000,143,360 | ---- | C] () -- C:\Windows\System32\nsldap32v50.dll [2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2007.01.31 14:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll [2007.01.31 13:09:46 | 000,090,112 | ---- | C] () -- C:\Windows\System32\Internationalization_pt.dll [2007.01.31 13:09:26 | 000,077,824 | ---- | C] () -- C:\Windows\System32\Internationalization_zh-CHT.dll [2007.01.31 13:09:06 | 000,077,824 | ---- | C] () -- C:\Windows\System32\Internationalization_ko.dll [2007.01.31 13:08:46 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Internationalization_es.dll [2007.01.31 13:08:26 | 000,090,112 | ---- | C] () -- C:\Windows\System32\Internationalization_ru.dll [2007.01.31 13:08:06 | 000,081,920 | ---- | C] () -- C:\Windows\System32\Internationalization_ja.dll [2007.01.31 13:07:46 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Internationalization_it.dll [2007.01.31 13:07:26 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Internationalization_de.dll [2007.01.31 13:07:04 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Internationalization_fr.dll [2007.01.31 13:06:46 | 000,073,728 | ---- | C] () -- C:\Windows\System32\Internationalization_zh-CHS.dll [2007.01.30 17:43:20 | 000,237,568 | ---- | C] () -- C:\Windows\System32\AmRes_en.dll [2007.01.30 17:37:10 | 000,253,952 | ---- | C] () -- C:\Windows\System32\AmRes_de.dll [2007.01.30 17:37:08 | 000,253,952 | ---- | C] () -- C:\Windows\System32\AmRes_es.dll [2007.01.30 17:37:08 | 000,217,088 | ---- | C] () -- C:\Windows\System32\AmRes_zh-CHS.dll [2007.01.30 17:37:06 | 000,253,952 | ---- | C] () -- C:\Windows\System32\AmRes_it.dll [2007.01.30 17:37:06 | 000,253,952 | ---- | C] () -- C:\Windows\System32\AmRes_fr.dll [2007.01.30 17:37:04 | 000,266,240 | ---- | C] () -- C:\Windows\System32\AmRes_ru.dll [2007.01.30 17:37:04 | 000,233,472 | ---- | C] () -- C:\Windows\System32\AmRes_ja.dll [2007.01.30 17:37:02 | 000,241,664 | ---- | C] () -- C:\Windows\System32\AmRes_ko.dll [2007.01.30 17:37:02 | 000,212,992 | ---- | C] () -- C:\Windows\System32\AmRes_zh-CHT.dll [2007.01.30 17:37:00 | 000,237,568 | ---- | C] () -- C:\Windows\System32\AmRes_pt-BR.dll [2007.01.02 09:14:20 | 000,835,584 | ---- | C] () -- C:\Windows\System32\DemoLicense.dll [2006.12.05 13:05:04 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll [2005.12.21 16:57:04 | 000,024,576 | ---- | C] () -- C:\Windows\System32\nsldappr32v50.dll [2005.12.21 16:54:34 | 000,040,960 | ---- | C] () -- C:\Windows\System32\nsldapssl32v50.dll [2005.07.22 21:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll [2004.09.10 12:34:00 | 000,917,504 | ---- | C] () -- C:\Windows\System32\lmgr10.dll [2004.09.10 12:34:00 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ADsSecurity.dll ========== Alternate Data Streams ========== @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:CB0AACC9 < End of report > |
|
19.05.2010, 16:03
| #5 |
| | Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen hier die log Extras Code:
ATTFilter OTL Extras logfile created on: 19.05.2010 16:55:08 - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\roadrunner1405\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): c:\pagefile.sys 5000 5000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 9,88 Gb Free Space | 4,24% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ROADRUNNER-NB
Current User Name: roadrunner1405
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0138F525-6C8A-333F-A105-14AE030B9A54}" = Visual C++ 9.0 CRT (x86) WinSXS MSM
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1" = ICQ 7.1 Build #2096 Banner Remover 1.0
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID-Anmelde-Assistent
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series" = Canon MP540 series MP Drivers
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{121A64FD-6D62-40A1-BDE3-F9A590A2B96B}" = Intel(R) Mobile Utility (T)
"{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
"{196B7B22-A476-4906-B4D5-C587103A2A5A}" = SweetIM for Messenger 3.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{2e6dc16e-eeda-4278-aafa-021e7f925a16}" = Nero 9 Trial
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{30BBEF79-9C46-4063-93C0-2FD4FF862C24}" = W83L5X8
"{31E8F586-4EF7-4500-844D-BA8756474FF1}" = Windows Automated Installation Kit
"{329304C3-75E2-4648-BCF3-86CDAF08567F}" = Xirrus Wi-Fi Inspector
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{37C8899D-FD70-481F-94AA-1F1B08765E22}" = Acronis True Image Home
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3FB39BED-37C8-4E60-8E02-315B8C2B07E3}" = Genesys PC Camera Device
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{449A16C4-83B3-426C-AA4A-00A34E80C093}" = Smart Battery
"{4664D722-33D1-4B4A-A317-1E64178B7A97}" = BitDefender Internet Security 2010
"{52210D57-0B1F-4681-90DD-8659DF4BCC40}" = Moorhuhn Remake
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5FAFB6EB-B749-4D96-88CD-CBF7AD39A78C}" = C64 Forever
"{616A9B24-448B-4DF3-926A-C4141FCD692C}_is1" = Hijack Hunter 1.7
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{63988D27-DA4D-4C1E-99C6-50F1CF5D4A2A}" = Fingerprint Sensor Minimum Install
"{63B9224A-89C9-44E6-8252-5F2F73A71C54}" = StarMoney
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{6415406D-3026-4A32-91B9-422B87EEC446}_is1" = Versione 2.3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F7C27E1-63B5-4149-93B2-CDAEE27974A8}" = Wave Infrastructure Installer
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{725F7446-EAC3-4279-97EF-5A5F6A9F6BF8}" = STMicroelectronics TPM Software Package
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74292F90-895A-4FC6-A692-9641532B1B63}" = ArcSoft TotalMedia 3.5
"{74B58083-B5B9-46a5-847C-248F97FF2A56}" = Topfield Tools
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{77C1B8D7-1283-48A4-BD79-79FA37064A13}" = Lenovo Fingerprint Software
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7A27764B-5434-4DAA-BD43-3ACF4FFCD7FE}" = SweetIM Toolbar for Internet Explorer 3.8
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1" = Trojan Killer 2.0
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{879C52A2-FF9A-4CB5-BB74-B0DA994ABB2A}" = StarMoney
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_PROR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_PROR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_PROR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_PROR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{94DF3F23-B26F-42EF-8BC5-55EFE3F02D8F}" = Winbond TPM Device Driver
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A618BB0D-8B88-45FF-83CD-783B4AE59AA0}" = NTRU TCG Software Stack
"{A7EDFF3B-C518-4A66-A0DE-8D625481BE56}" = StarMoney 7.0
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Embassy Security Center
"{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}" = Silent Hunter 5
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B90E5EBE-DF18-44D5-9D18-689ADEE9DA6C}" = Intel(R) PROSet/Wireless WiFi-Software
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DDD0A758-F44C-47D3-8E88-692FFF775127}" = Intel(R) PRO Network Connections 12.3.31.0
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E6095BEA-8C97-4342-B771-13BB72AC1D88}" = biolsp patch
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go
"{FBEC50B7-537C-4A0E-8B0B-F7A8F8BF13CE}" = upekmsi
"{FEF06E73-A519-4510-8CF3-B66041B91D8A}" = EMSC
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Alive DVD Ripper_is1" = Alive DVD Ripper (version 3.2.6.2)
"a-squared Free_is1" = a-squared Free 4.5
"CCleaner" = CCleaner
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"CPUCooL" = CPUCooL (remove only)
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Easy WiFi Radar" = Easy WiFi Radar 1.0.5
"ENTERPRISE" = Microsoft Office Enterprise 2007
"H264WebCam 3.68_is1" = H264WebCam ver3.68
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HECI" = Intel(R) Management Engine Interface
"HijackThis" = HijackThis 2.0.2
"ICQToolbar" = ICQ Toolbar
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{131A2659-99A9-4A89-B012-22A898EAE9DA}" = EMBASSY Security Center Lite
"InstallShield_{329304C3-75E2-4648-BCF3-86CDAF08567F}" = Xirrus Wi-Fi Inspector
"InstallShield_{449A16C4-83B3-426C-AA4A-00A34E80C093}" = Smart Battery
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"JDownloader" = JDownloader
"MESOL" = Intel(R) Active Management Technology Device Software
"MozBackup" = MozBackup 1.4.9
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Thunderbird (3.0.5)" = Mozilla Thunderbird (3.0.5)
"phonostar3RadioPlayer_is1" = phonostar-Player Version 3.01.1
"ProInst" = Intel PROSet Wireless
"PROR" = Microsoft Office Professional 2007-Testversion
"PROSetDX" = Intel(R) PRO Network Connections 12.3.31.0
"ratDVD" = ratDVD 0.78.1444
"Registry Easy_is1" = Registry Easy v5.6
"TeamViewer 5" = TeamViewer 5
"The KMPlayer" = The KMPlayer (remove only)
"TopfHDRW" = TopfHDRead/Write V0.20
"Trojan Remover_is1" = Trojan Remover 6.8.1
"TuneUp Utilities" = TuneUp Utilities
"TVWiz" = Intel(R) TV Wizard
"UltraISO_is1" = UltraISO Premium V8.65
"Unlocker" = Unlocker 1.8.9
"Update Service" = Update Service
"UseNeXT_is1" = UseNeXT
"VLC media player" = VLC media player 1.0.0
"vLite_is1" = vLite
"Willem Eprom PCB50 Version 0.98D10_is1" = EPROM PCB50a(0.98D10)
"WinAce Archiver" = WinAce Archiver
"WinRAR archiver" = WinRAR
"X3TerranConflict_is1" = X3 Terran Conflict v1.0.1
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{F4BAE02E-749C-4A69-9794-FD7019FD8820}" = klickTel OEM Frühjahr 2009
"f018cf21c0452c64" = AVM FRITZ!Box USB-Fernanschluss
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
|
|
19.05.2010, 18:32
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen Malwarebytes vergessen?
__________________ --> Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen |
|
19.05.2010, 18:56
| #7 | ||
| | Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigenZitat:
Zitat:
|
|
19.05.2010, 18:59
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen Ich wollte aber einen Vollscan sehen...
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
19.05.2010, 19:05
| #9 |
| | Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen Oh mann, ich werd alt. Kommt gleich. |
|
19.05.2010, 21:24
| #10 | |
| | Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen So hier das log Zitat:
|
|
20.05.2010, 08:36
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..network.proxy.autoconfig_url: "http://nurago29.pop-hannover.net/gacela2/gacela2_pilot0903/autoproxyconfig.php?id=10901&type=FF&version=2.1.16"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.3&q="
[2010.05.10 14:05:30 | 000,000,112 | ---- | M] () -- C:\ProgramData\ge8aaiu.dat
[2010.05.07 21:11:01 | 000,002,853 | ---- | M] () -- C:\ProgramData\hQrLb0N2.PIF
[2010.05.07 21:03:39 | 000,068,610 | ---- | M] () -- C:\ProgramData\hQrLb0N2.exe
[2010.05.04 20:43:59 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\OV9655S.SET
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.05.2010, 09:29
| #12 | |
| | Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen Habs grad laufen lassen. Die eine Datei ließ sich nicht löschen. Hab es eben nochmal von Hand versucht. Ging nicht. Der sagt ich hätte nicht genügend Rechte. Er will Administrator-Rechte. Mein Benutzerkonto ist Administrator und die Kontensteuerung ist abgeschaltet. Zitat:
|
|
20.05.2010, 09:34
| #13 |
| | Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen Hab die Datei hQrLb0N2.exe mal mit Unlocker gelöscht. Starte nochmal neu obs dann weg ist. Die war schonmal da und wurde automatisch gestartet. Es wurde zwar nicht als Virus erkannt damals, aber sie tauchte immer wieder auf nach dem löschen. Momentan läd er sie zumindest nicht mehr im Autostart. |
|
20.05.2010, 10:22
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen Na, dann mach mal nen Durchgang mit CF bitte (neue cofi.exe runterladen!!): ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.05.2010, 12:44
| #15 |
| | Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen hier das log: Code:
ATTFilter ComboFix 10-05-17.05 - roadrunner1405 20.05.2010 11:50:07.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.49.1031.18.2006.713 [GMT 2:00]
ausgeführt von:: c:\users\roadrunner1405\Desktop\cofi.exe
.
Die folgenden Dateien wurden während des Laufs deaktiviert:
c:\program files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_60\leaktests.m32
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\htmlres115_de.dll
c:\windows\system32\htmlres115_en.dll
c:\windows\system32\htmlres115_es.dll
c:\windows\system32\htmlres115_fr.dll
c:\windows\system32\htmlres115_it.dll
c:\windows\system32\htmlres115_jp.dll
c:\windows\system32\htmlres115_nl.dll
c:\windows\system32\htmlres115_pl.dll
c:\windows\system32\htmlres115_pt.dll
c:\windows\system32\htmlres115_ru.dll
c:\windows\system32\htmlres115_sv.dll
c:\windows\system32\libOCAHelper-3-1.dll
c:\windows\system32\libOCAHelperw-3-1.dll
c:\windows\system32\libOCASecurityw-2-0.dll
c:\windows\system32\nsclient115.dll
c:\windows\system32\nsclient115w.dll
c:\windows\system32\stringres115_de.dll
c:\windows\system32\stringres115_en.dll
c:\windows\system32\stringres115_es.dll
c:\windows\system32\stringres115_fr.dll
c:\windows\system32\stringres115_it.dll
c:\windows\system32\stringres115_jp.dll
c:\windows\system32\stringres115_nl.dll
c:\windows\system32\stringres115_pl.dll
c:\windows\system32\stringres115_pt.dll
c:\windows\system32\stringres115_ru.dll
c:\windows\system32\stringres115_sv.dll
c:\program files\BitDefender\BitDefender 2010\Active Virus Control\midas32-v2_60\leaktests.m32 . . . . Nicht in der Lage zu löschen
.
((((((((((((((((((((((( Dateien erstellt von 2010-04-20 bis 2010-05-20 ))))))))))))))))))))))))))))))
.
2010-05-20 10:00 . 2010-05-20 11:18 -------- d-----w- c:\users\roadrunner1405\AppData\Local\temp
2010-05-20 10:00 . 2010-05-20 10:00 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-05-20 10:00 . 2010-05-20 10:00 -------- d-----w- c:\users\Gast\AppData\Local\temp
2010-05-20 10:00 . 2010-05-20 10:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-20 10:00 . 2010-05-20 10:00 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2010-05-20 08:20 . 2010-05-20 08:20 -------- d-----w- C:\_OTL
2010-05-19 17:38 . 2010-05-19 17:38 -------- d-----w- c:\users\roadrunner1405\AppData\Roaming\Malwarebytes
2010-05-19 17:38 . 2010-04-29 10:19 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-19 17:38 . 2010-05-19 17:38 -------- d-----w- c:\programdata\Malwarebytes
2010-05-19 17:38 . 2010-04-29 10:19 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-19 17:37 . 2010-05-19 17:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-19 14:17 . 2010-03-04 07:33 740864 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-19 13:22 . 2010-05-19 13:22 -------- d-----w- c:\program files\CCleaner
2010-05-19 12:24 . 2010-05-19 12:24 -------- d-----w- c:\programdata\F-Secure
2010-05-17 12:28 . 2010-05-17 12:28 -------- d-----w- c:\program files\SweetIM
2010-05-17 12:28 . 2010-05-17 12:28 -------- d-----w- c:\programdata\SweetIM
2010-05-15 15:03 . 2010-05-15 15:33 -------- d-----w- c:\program files\ICQ7.1
2010-05-10 19:17 . 2009-10-10 02:57 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2010-05-10 19:17 . 2009-10-10 02:31 84992 ----a-w- c:\windows\system32\drivers\sdbus.sys
2010-05-10 18:42 . 2009-12-11 07:44 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2010-05-10 18:42 . 2009-12-11 07:38 1037312 ----a-w- c:\windows\system32\lsasrv.dll
2010-05-10 18:42 . 2009-09-26 05:58 194488 ----a-w- c:\windows\system32\drivers\fvevol.sys
2010-05-07 19:15 . 2010-05-07 19:15 -------- d-----w- c:\program files\The KMPlayer
2010-05-07 19:02 . 2010-05-07 19:02 -------- d-----w- c:\users\roadrunner1405\AppData\Local\ratDVD
2010-05-07 19:02 . 2010-05-07 19:02 -------- d-----w- c:\program files\ratDVD
2010-05-07 13:32 . 2010-05-07 13:32 -------- d-----w- c:\users\roadrunner1405\AppData\Local\Diagnostics
2010-05-05 10:56 . 2010-05-05 10:56 -------- d-----w- c:\programdata\eBay
2010-05-05 10:56 . 2010-05-05 10:56 -------- d-----w- c:\program files\eBay
2010-05-04 10:12 . 2010-05-04 10:12 -------- d-----w- c:\users\roadrunner1405\AppData\Local\FixItCenter
2010-05-04 09:58 . 2010-05-04 09:58 -------- d-----w- c:\windows\CheckSur
2010-05-04 09:50 . 2010-05-04 09:50 -------- d-----w- c:\windows\MATS
2010-05-04 09:50 . 2010-05-04 09:50 -------- d-----w- c:\program files\Microsoft Fix it Center
2010-05-03 22:44 . 2010-05-04 10:06 -------- d-----w- c:\program files\Registry Easy
2010-05-03 17:18 . 2010-05-03 17:18 -------- d-----w- c:\program files\Trend Micro
2010-04-28 06:28 . 2010-04-28 08:34 -------- d-----w- c:\program files\a-squared Free
2010-04-27 13:59 . 2010-04-27 13:59 -------- d-----w- c:\programdata\Cloanto
2010-04-27 13:59 . 2010-04-27 13:59 -------- d-----w- c:\program files\Common Files\Cloanto
2010-04-27 13:59 . 2010-04-27 13:59 -------- d-----w- c:\program files\Cloanto
2010-04-27 10:25 . 2010-04-01 13:11 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-04-27 10:10 . 2010-04-01 13:17 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-04-27 10:09 . 2010-04-27 10:25 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-04-27 10:07 . 2010-04-27 10:07 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-04-27 09:45 . 2010-05-10 16:00 -------- d-----w- c:\program files\Unlocker
2010-04-26 20:35 . 2010-04-30 08:19 -------- d-----w- c:\program files\GridinSoft Trojan Killer
2010-04-26 20:13 . 2010-04-26 20:13 -------- d-----w- c:\program files\QSoft
2010-04-26 20:12 . 2010-04-26 20:12 -------- d-----w- c:\program files\NoVirusThanks
2010-04-26 20:06 . 2006-06-19 10:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2010-04-26 20:06 . 2006-05-25 12:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2010-04-26 20:06 . 2005-08-25 22:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2010-04-26 20:06 . 2003-02-02 17:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2010-04-26 20:06 . 2002-03-05 22:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2010-04-26 20:06 . 2010-04-26 21:12 -------- d-----w- c:\program files\Trojan Remover
2010-04-26 20:06 . 2010-04-26 20:06 -------- d-----w- c:\users\roadrunner1405\AppData\Roaming\Simply Super Software
2010-04-26 20:06 . 2010-04-26 20:06 -------- d-----w- c:\programdata\Simply Super Software
2010-04-26 09:00 . 2010-04-26 09:01 -------- d-----w- C:\ZL_DB_CCcam_SoftCam_Control
2010-04-25 21:15 . 2010-04-25 21:15 -------- d-----w- c:\users\roadrunner1405\AppData\Local\Mozilla
2010-04-25 10:22 . 2010-04-25 12:30 -------- d-----w- c:\program files\WindowsServices
2010-04-25 10:22 . 2010-04-25 10:22 -------- d-----w- c:\program files\TimHillOne
2010-04-24 11:05 . 2010-04-24 11:05 -------- d-----w- c:\program files\PGWARE
2010-04-23 14:59 . 2010-04-23 14:59 49152 ----a-r- c:\windows\system32\inetwh32.dll
2010-04-23 14:59 . 2010-04-23 14:59 1044480 ----a-r- c:\windows\system32\roboex32.dll
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-20 11:19 . 2009-08-23 17:48 -------- d-----w- c:\users\roadrunner1405\AppData\Roaming\Skype
2010-05-20 10:07 . 2010-03-23 19:33 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2010-05-20 09:46 . 2009-10-07 08:26 -------- d-----w- c:\users\roadrunner1405\AppData\Roaming\ICQ
2010-05-20 08:25 . 2009-08-23 17:50 -------- d-----w- c:\users\roadrunner1405\AppData\Roaming\skypePM
2010-05-20 08:22 . 2010-05-20 08:22 0 ----a-w- c:\windows\system32\drivers\OV9655S.SET
2010-05-20 08:20 . 2009-10-07 08:26 -------- d-----w- c:\program files\ICQ6Toolbar
2010-05-19 14:21 . 2009-08-27 09:04 -------- d-----w- c:\programdata\Microsoft Help
2010-05-19 14:20 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-05-19 09:00 . 2010-01-07 12:02 2300696 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-05-19 09:00 . 2010-05-19 09:00 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2010-05-18 20:08 . 2010-03-15 12:49 -------- d-----w- c:\users\roadrunner1405\AppData\Roaming\UseNeXT
2010-05-16 18:02 . 2009-10-08 20:42 -------- d-----w- c:\program files\Mozilla Thunderbird 3.0 Beta 3
2010-05-15 21:44 . 2010-03-10 10:02 -------- d-----w- c:\program files\JDownloader
2010-05-15 16:24 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Sidebar
2010-05-15 15:23 . 2009-10-07 08:26 -------- d-----w- c:\programdata\ICQ
2010-05-10 18:09 . 2009-08-23 17:45 -------- d-----r- c:\program files\Skype
2010-05-10 16:00 . 2009-08-22 15:25 -------- d-----w- c:\program files\Smart Battery
2010-05-10 16:00 . 2009-08-22 15:41 -------- d-----w- c:\program files\Lenovo Fingerprint Software
2010-05-10 12:56 . 2009-10-19 15:04 72784 ----a-w- c:\windows\system32\drivers\BdfNdisf6.sys
2010-05-07 19:13 . 2009-09-11 19:05 -------- d-----w- c:\users\roadrunner1405\AppData\Roaming\vlc
2010-04-28 06:45 . 2009-10-18 08:40 -------- d-----w- c:\program files\FileZilla FTP Client
2010-04-27 17:59 . 2010-03-15 12:43 -------- d-----w- c:\program files\UseNeXT
2010-04-27 10:14 . 2009-08-22 21:46 -------- d-----w- c:\program files\TuneUp Utilities 2009
2010-04-27 10:08 . 2009-08-22 21:46 -------- d-----w- c:\programdata\TuneUp Software
2010-04-02 08:46 . 2009-08-22 15:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-02 08:45 . 2009-10-24 14:45 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-04-02 08:42 . 2010-04-02 08:42 -------- d-----w- c:\program files\Xirrus
2010-04-01 14:13 . 2010-04-01 14:13 -------- d-----w- c:\program files\Common Files\Skype
2010-04-01 13:43 . 2009-07-24 10:26 291352 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2010-04-01 13:11 . 2009-08-22 21:48 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-03-29 21:06 . 2010-03-29 21:06 -------- d-----w- c:\program files\EPROM50
2010-03-29 20:58 . 2010-03-29 20:58 5152 ----a-w- c:\windows\system32\drivers\io.sys
2010-03-25 18:39 . 2010-03-25 18:38 -------- d-----w- c:\program files\ICQ-Banner-Remover
2010-03-25 09:27 . 2010-04-25 21:32 1107264 ----a-w- c:\users\roadrunner1405\AppData\Roaming\Mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
2010-03-24 18:17 . 2010-03-24 08:04 952768 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\30963\AdobeARM.exe
2010-03-24 18:17 . 2010-03-24 08:04 70584 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\30963\AdobeExtractFiles.dll
2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\30963\ReaderUpdater.exe
2010-03-24 18:17 . 2010-03-24 08:04 326056 ----a-w- c:\programdata\Adobe\Reader\9.3\ARM\30963\AcrobatUpdater.exe
2010-03-23 19:33 . 2009-10-22 16:20 739082 ----a-w- c:\windows\system32\perfh007.dat
2010-03-23 19:33 . 2009-10-22 16:20 153070 ----a-w- c:\windows\system32\perfc007.dat
2010-03-23 19:32 . 2010-03-23 19:32 -------- d-----w- c:\program files\CMAK
2010-03-23 09:54 . 2010-03-23 09:54 -------- d-----w- c:\program files\RMClock
2010-03-22 18:04 . 2010-03-22 18:04 -------- d-----w- c:\program files\CPUCooL
2010-03-18 15:58 . 2010-03-18 15:58 101248 ----a-w- c:\windows\system32\drivers\avmaura.sys
2010-03-18 12:22 . 2010-03-18 11:08 28672 ----a-w- c:\windows\system32\AF15BDAEX.dll
2010-03-18 12:22 . 2010-03-18 11:08 126 ----a-w- c:\windows\system32\AF15IRTBL.bin
2010-03-18 12:22 . 2010-03-18 11:08 483200 ----a-w- c:\windows\system32\drivers\AF15BDA.sys
2010-03-17 09:35 . 2010-04-25 21:32 309248 ----a-w- c:\users\roadrunner1405\AppData\Roaming\Mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\plugins\npietab2.dll
2010-03-15 13:04 . 2009-08-25 12:02 34 ----a-w- c:\programdata\StarMoney 7.0\profil\sfmsm.dll
2010-03-10 10:01 . 2010-03-10 10:01 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-08 21:33 . 2010-04-14 07:57 427520 ----a-w- c:\windows\system32\vbscript.dll
2010-02-28 19:23 . 2009-09-05 13:06 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-02-28 19:23 . 2009-09-05 13:06 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-02-28 18:30 . 2010-02-28 18:30 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-02-28 18:30 . 2010-02-06 17:47 1170240 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-02-27 12:07 . 2010-04-14 07:57 3899280 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-27 12:07 . 2010-04-14 07:57 3954568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-27 07:32 . 2010-04-14 07:57 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-27 07:32 . 2010-04-14 07:57 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-02-27 07:32 . 2010-04-14 07:57 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-23 07:56 . 2010-03-30 17:57 977920 ----a-w- c:\windows\system32\wininet.dll
2010-02-22 16:58 . 2010-03-11 14:09 1733152 ----a-w- c:\windows\system32\RtkPgExt.dll
2010-02-22 16:58 . 2010-03-11 14:09 57888 ----a-w- c:\windows\system32\RtkCoInst.dll
2010-02-22 16:58 . 2010-03-11 14:09 371232 ----a-w- c:\windows\system32\RtkApoApi.dll
2010-02-22 16:58 . 2010-03-11 14:09 2649120 ----a-w- c:\windows\system32\RtkAPO.dll
2010-02-22 16:23 . 2010-03-11 14:09 3022944 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2010-02-20 16:47 . 2010-01-07 12:02 1170240 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
|
|
| Themen zu Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen |
| bitdefender, defender, ebay, falsche, falsche links, firefox, google, jahre, komplett, links, malware, neue, neuen, probleme, programme, prüfen, schonmal, spyware, suche, tab, tab öffnen, tan, windows, windows 7, windows 7 ultimate, öffnen, öffnet |
