so, MBAM-Scan fertig, nichts gefunden. Log: Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5376
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11
22.12.2010 17:50:01
mbam-log-2010-12-22 (17-50-01).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|H:\|I:\|)
Durchsuchte Objekte: 296851
Laufzeit: 1 Stunde(n), 31 Minute(n), 37 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden) Heißt das für mich, das keine Malware übertragen wurde?
Wenn ja, dann bin ich glücklich :Boogie:
Edit: Hab OTL vergessen, kommt:
OTL.txt: Code:
OTL logfile created on: 22.12.2010 17:55:52 - Run 3
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Dokumente und Einstellungen\Familie Schleiz\Eigene Dateien\Daniel
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.022,00 Mb Total Physical Memory | 251,00 Mb Available Physical Memory | 25,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 223,12 Gb Total Space | 127,85 Gb Free Space | 57,30% Space Free | Partition Type: NTFS
Drive D: | 9,76 Gb Total Space | 3,89 Gb Free Space | 39,88% Space Free | Partition Type: FAT32
Computer Name: SCHLEIZ | User Name: Familie Schleiz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\Familie Schleiz\Eigene Dateien\Daniel\OTL.exe (OldTimer Tools)
PRC - C:\Dokumente und Einstellungen\Familie Schleiz\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe ()
PRC - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe ()
PRC - C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\Familie Schleiz\Eigene Dateien\Daniel\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (Akamai) -- c:\Programme\Gemeinsame Dateien\Akamai\netsession_win_aeec0f0.dll ()
SRV - (avast! Web Scanner) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (ACDaemon) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft)
SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (ServiceLayer) -- C:\Programme\Gemeinsame Dateien\PCSuite\Services\ServiceLayer.exe (Nokia.)
SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe ()
SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe ()
SRV - (CyberLink Media Library Service) -- C:\Programme\Home Cinema\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe (Cyberlink)
SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (UleadBurningHelper) -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)
========== Driver Services (SafeList) ==========
DRV - (XDva352) -- C:\WINDOWS\System32\XDva352.sys File not found
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (SCREAMINGBDRIVER) -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (nmwcdsa) -- C:\WINDOWS\system32\drivers\nmwcdsa.sys (Nokia)
DRV - (nmwcdsacm) -- C:\WINDOWS\system32\drivers\nmwcdsacm.sys (Nokia)
DRV - (nmwcdsacj) -- C:\WINDOWS\system32\drivers\nmwcdsacj.sys (Nokia)
DRV - (nmwcdsac) -- C:\WINDOWS\system32\drivers\nmwcdsac.sys (Nokia)
DRV - (Cdralw2k) -- C:\WINDOWS\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (Cdr4_xp) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (se58obex) -- C:\WINDOWS\system32\drivers\se58obex.sys (MCCI)
DRV - (se58mgmt) Sony Ericsson Device 088 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\se58mgmt.sys (MCCI)
DRV - (se58mdm) -- C:\WINDOWS\system32\drivers\se58mdm.sys (MCCI)
DRV - (se58mdfl) -- C:\WINDOWS\system32\drivers\se58mdfl.sys (MCCI)
DRV - (se58bus) Sony Ericsson Device 088 driver (WDM) -- C:\WINDOWS\system32\drivers\se58bus.sys (MCCI)
DRV - (se58nd5) Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (NDIS) -- C:\WINDOWS\system32\drivers\se58nd5.sys (MCCI)
DRV - (se58unic) Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (WDM) -- C:\WINDOWS\system32\drivers\se58unic.sys (MCCI)
DRV - (xfilt) -- C:\WINDOWS\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc)
DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (3xHybrid) -- C:\WINDOWS\system32\drivers\3xHybrid.sys (Philips Semiconductors GmbH)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\alcxwdm.sys (Realtek Semiconductor Corp.)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (cdrbsvsd) -- C:\WINDOWS\System32\drivers\cdrbsvsd.sys (B.H.A Corporation)
DRV - (sonypvs1) -- C:\WINDOWS\system32\drivers\sonypvs1.sys (Sony Corporation)
DRV - (QV2KUX) -- C:\WINDOWS\system32\drivers\qv2kux.sys (Microsoft Corporation)
DRV - (EL90XBC) -- C:\WINDOWS\system32\drivers\el90xbc5.sys (3Com Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq-tools.de"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.53.0
[2010.05.25 07:45:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Familie Schleiz\Anwendungsdaten\Mozilla\Extensions
[2010.07.30 20:10:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Familie Schleiz\Anwendungsdaten\Mozilla\Firefox\Profiles\2aes3m9i.default\extensions
[2010.05.25 07:46:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Familie Schleiz\Anwendungsdaten\Mozilla\Firefox\Profiles\2aes3m9i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.25 07:46:55 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Familie Schleiz\Anwendungsdaten\Mozilla\Firefox\Profiles\2aes3m9i.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.07.30 20:11:00 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Dokumente und Einstellungen\Familie Schleiz\Anwendungsdaten\Mozilla\Firefox\Profiles\2aes3m9i.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.06.05 14:16:52 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Familie Schleiz\Anwendungsdaten\Mozilla\Firefox\Profiles\2aes3m9i.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.05.25 07:49:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Familie Schleiz\Anwendungsdaten\Mozilla\Firefox\Profiles\2aes3m9i.default\extensions\battlefieldheroespatcher@ea.com
O1 HOSTS File: ([2006.02.28 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5B291E6C-9A74-4034-971B-A4B007A0B315} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [DriverMax] File not found
O4 - HKCU..\Run: [DriverMax_RESTART] File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Dokumente und Einstellungen\Familie Schleiz\Eigene Dateien\Daniel\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Familie Schleiz\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: microsoft.com ([office] http in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([update] http in Vertrauenswürdige Sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab (Navigram Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} hxxp://games.bigfishgames.com/de_dinerdashfloontheg/online/ddfotg.1.0.0.33.cab (CPlayFirstddfotgControl Object)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.0.43.33 217.0.43.17
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\AutorunsDisabled: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:AutorunsDisabled () -
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Familie Schleiz\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Familie Schleiz\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.05.17 12:13:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.12.22 16:17:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.22 16:16:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.19 22:04:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Familie Schleiz\Anwendungsdaten\.minecraft
[2010.12.16 07:18:14 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2010.12.16 07:17:25 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010.12.11 13:39:16 | 000,117,248 | ---- | C] (EIDOS Technologies) -- C:\WINDOWS\System32\Edec.dll
[2010.12.11 13:39:16 | 000,098,816 | ---- | C] (Eidos plc) -- C:\WINDOWS\System32\Dec130.dll
[2010.12.11 13:39:16 | 000,089,600 | ---- | C] (EIDOS Technologies) -- C:\WINDOWS\System32\Winsdec.dll
[2010.12.11 13:39:16 | 000,080,896 | ---- | C] (EIDOS Technologies) -- C:\WINDOWS\System32\Winstr.dll
[2010.12.11 13:39:16 | 000,060,416 | ---- | C] (EIDOS Technologies) -- C:\WINDOWS\System32\Winplay.dll
[2010.12.07 21:52:26 | 000,000,000 | -HSD | C] -- C:\found.000
[2010.12.02 20:36:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Familie Schleiz\Anwendungsdaten\Boilsoft
[6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[27 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.12.22 15:53:28 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.22 15:52:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.12.22 15:52:51 | 1072,222,208 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.20 18:51:58 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Familie Schleiz\Desktop\Trackmania Nations Forever.lnk
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.12.20 17:33:12 | 000,000,901 | ---- | M] () -- C:\Dokumente und Einstellungen\Familie Schleiz\Desktop\Minecraft.lnk
[2010.12.16 13:43:18 | 000,299,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.12.16 12:36:45 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.12.14 18:07:15 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.12.11 10:19:54 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2010.11.30 19:40:50 | 000,104,448 | ---- | M] () -- C:\Dokumente und Einstellungen\Familie Schleiz\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[6 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[27 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.12.20 17:33:12 | 000,000,901 | ---- | C] () -- C:\Dokumente und Einstellungen\Familie Schleiz\Desktop\Minecraft.lnk
[2010.06.06 16:16:23 | 000,000,332 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.06.05 05:52:15 | 000,000,746 | ---- | C] () -- C:\WINDOWS\XaraX.INI
[2010.05.28 01:04:46 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2010.05.25 08:16:33 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.05.25 08:16:32 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Familie Schleiz\Anwendungsdaten\PnkBstrK.sys
[2010.05.21 13:51:55 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2010.05.16 16:54:56 | 000,697,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010.04.30 20:16:37 | 000,000,085 | ---- | C] () -- C:\Dokumente und Einstellungen\Familie Schleiz\Anwendungsdaten\toolbar_log.txt
[2010.03.03 15:19:59 | 000,000,048 | ---- | C] () -- C:\WINDOWS\scmate.ini
[2010.01.05 14:32:48 | 000,001,024 | ---- | C] () -- C:\WINDOWS\ppengine.ini
[2010.01.01 14:54:21 | 000,000,148 | ---- | C] () -- C:\WINDOWS\gek_reallife.ini
[2009.11.29 19:39:58 | 000,000,224 | ---- | C] () -- C:\Dokumente und Einstellungen\Familie Schleiz\Anwendungsdaten\wklnhst.dat
[2009.07.07 15:31:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhEdit.INI
[2009.02.23 15:16:04 | 000,001,353 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2008.11.08 18:33:34 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2008.11.08 18:33:33 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.08.16 11:42:38 | 000,001,239 | ---- | C] () -- C:\WINDOWS\System32\ASPRTMM5.DLL
[2008.07.29 19:23:06 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2008.07.29 11:27:46 | 000,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008.03.16 13:52:20 | 000,002,849 | ---- | C] () -- C:\WINDOWS\tm.ini
[2007.10.25 15:12:22 | 000,000,165 | ---- | C] () -- C:\WINDOWS\MARTIN.ini
[2007.06.07 09:28:40 | 002,067,140 | R--- | C] () -- C:\WINDOWS\System32\avcodec.dll
[2007.04.27 08:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2007.03.24 17:24:27 | 000,004,690 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007.03.17 10:55:45 | 000,000,201 | ---- | C] () -- C:\WINDOWS\BUHL.INI
[2007.03.11 10:08:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2007.01.27 17:19:38 | 000,010,569 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2007.01.08 15:44:35 | 000,002,557 | ---- | C] () -- C:\WINDOWS\u3dedit3.INI
[2007.01.08 15:44:34 | 000,000,152 | ---- | C] () -- C:\WINDOWS\ULead32.ini
[2007.01.08 15:27:04 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007.01.08 15:27:04 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007.01.08 15:27:04 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007.01.08 15:27:04 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007.01.08 15:27:04 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007.01.08 15:27:04 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006.12.30 19:20:39 | 000,000,086 | ---- | C] () -- C:\WINDOWS\WinFight.ini
[2006.12.28 12:53:16 | 000,000,017 | ---- | C] () -- C:\WINDOWS\Missing.ini
[2006.12.28 12:52:32 | 000,000,032 | ---- | C] () -- C:\WINDOWS\CD-Start.INI
[2006.11.19 12:26:57 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2006.10.18 21:58:27 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Familie Schleiz\Anwendungsdaten\mxfilerelatedcache.mxc2
[2006.10.18 19:16:07 | 000,104,448 | ---- | C] () -- C:\Dokumente und Einstellungen\Familie Schleiz\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.10.08 17:06:46 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2006.09.28 14:18:58 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
[2006.09.28 14:18:35 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
[2006.09.28 14:17:10 | 000,000,411 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2006.08.27 16:58:20 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006.08.27 16:53:51 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE R240R245EU.ini
[2006.08.01 11:03:27 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2006.08.01 10:46:25 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006.07.31 18:02:43 | 000,000,148 | ---- | C] () -- C:\Dokumente und Einstellungen\Familie Schleiz\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006.06.22 10:37:10 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.06.20 13:49:40 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.06.20 13:38:23 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2006.06.20 13:28:05 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006.06.20 13:11:49 | 000,000,855 | ---- | C] () -- C:\WINDOWS\WISO.INI
[2006.06.20 13:02:56 | 000,005,018 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006.06.20 13:02:56 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\12EB3F0295.sys
[2006.05.18 16:54:11 | 000,003,072 | R--- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2006.05.18 16:54:07 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2006.05.18 12:37:19 | 000,002,856 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2006.05.18 12:37:19 | 000,000,024 | ---- | C] () -- C:\WINDOWS\magix.ini
[2006.05.17 15:35:46 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006.05.17 14:47:56 | 000,157,184 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.05.17 13:07:06 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.05.17 12:37:24 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.05.17 12:24:17 | 000,000,863 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006.05.17 11:58:33 | 000,001,256 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004.09.28 22:54:30 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 500 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
< End of report > |