champagnero | 07.09.2012 18:28 | Okay beim fixen ist folgendes passiert. Rechner ist sofort runtergefahren und zur eingabeaufforderung gekommen. Also bevor ich mich bei windows anmelde.
Logfiles sind keine entstanden, die entstandenen Ordner sind leer. Ich glaube ich habe einen Fehler gemacht:headbang: Ich habe heute Antivir komplett durchlaufen lassen, sowie meinen PC mit Tuneuputilities11 gesäubert. Vermutlich hätte ich das nicht tun sollen gell?
Naja Mist meine Schuld.
Ich habe jetzt einfach nocheinmal ein Logfile mit OTL erstellt Code:
OTL logfile created on: 07.09.2012 18:59:13 - Run 2
OTL by OldTimer - Version 3.2.61.1 Folder = C:\Users\Mali\Desktop
Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,50 Gb Total Physical Memory | 1,56 Gb Available Physical Memory | 62,47% Memory free
5,00 Gb Paging File | 3,98 Gb Available in Paging File | 79,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 115,83 Gb Total Space | 54,76 Gb Free Space | 47,27% Space Free | Partition Type: NTFS
Drive D: | 112,46 Gb Total Space | 109,50 Gb Free Space | 97,37% Space Free | Partition Type: NTFS
Drive E: | 4,58 Gb Total Space | 1,48 Gb Free Space | 32,39% Space Free | Partition Type: FAT32
Computer Name: MALI-PC | User Name: Mali | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.09.07 18:11:47 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\Mali\Desktop\OTL.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.06.22 11:38:46 | 000,575,448 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2012.02.14 10:18:55 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.01.04 01:06:00 | 001,605,632 | ---- | M] (Don HO don.h@free.fr) -- D:\Programme_D\Notepad++\notepad++.exe
PRC - [2011.12.15 16:00:00 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.12.15 15:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.12.15 15:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.12.15 15:59:37 | 000,306,128 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avcenter.exe
PRC - [2011.12.15 15:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.12.13 10:34:54 | 000,671,552 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
PRC - [2011.12.13 10:32:32 | 001,527,104 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
PRC - [2011.06.24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 23:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2008.09.05 02:01:00 | 001,794,048 | R--- | M] (AVM Berlin) -- C:\Programme\avmwlanstick\WLanGUI.exe
PRC - [2008.09.05 02:01:00 | 000,364,544 | R--- | M] (AVM Berlin) -- C:\Programme\avmwlanstick\WLanNetService.exe
PRC - [2000.01.01 02:00:00 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Programme\LSI SoftModem\agrsmsvc.exe
========== Modules (No Company Name) ==========
MOD - [2012.02.14 10:18:53 | 001,911,768 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.01.09 20:44:20 | 000,166,912 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2012.01.08 15:41:12 | 000,093,696 | ---- | M] () -- D:\Programme_D\FileZilla FTP Client\fzshellext.dll
MOD - [2011.09.21 22:46:28 | 001,673,728 | ---- | M] () -- D:\Programme_D\Notepad++\plugins\NppFTP.dll
MOD - [2011.07.18 23:04:08 | 000,296,448 | ---- | M] () -- D:\Programme_D\Notepad++\NppShell_04.dll
========== Services (SafeList) ==========
SRV - [2012.08.31 10:24:43 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.28 14:04:35 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.06.22 11:38:46 | 000,575,448 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2011.12.15 15:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.12.15 15:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.12.13 10:32:32 | 001,527,104 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.12.13 10:29:16 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2008.09.05 02:01:00 | 000,364,544 | R--- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2000.01.01 02:00:00 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Programme\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- F:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - [2012.06.22 11:39:14 | 000,070,768 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCTBD.sys -- (PCTBD)
DRV - [2012.05.09 00:04:13 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.09 00:04:13 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.02.20 22:43:10 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.09.16 17:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.08.17 09:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.07.28 18:37:10 | 000,045,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2011.06.06 17:03:54 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.11.20 23:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 23:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 23:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - [2010.11.20 23:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV - [2010.11.20 23:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
DRV - [2010.11.20 23:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 23:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 23:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2010.11.20 23:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
DRV - [2010.11.20 23:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 23:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.08.13 16:07:12 | 001,163,328 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009.07.14 00:54:15 | 001,311,232 | ---- | M] (NXP Semiconductors) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32)
DRV - [2009.07.14 00:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 00:02:53 | 000,044,032 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fetnd6.sys -- (FETNDIS)
DRV - [2008.09.05 02:01:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2008.09.05 02:01:00 | 000,004,352 | R--- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject)
DRV - [2008.02.29 11:13:48 | 000,028,944 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2004.10.01 14:58:10 | 001,272,000 | ---- | M] (C-Media Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cmudax.sys -- (cmudax)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=110819&babsrc=HP_ss&mntrId=449e02b9000000000000001f3f032455
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4A E0 F3 B7 5F 26 CD 01 [binary data]
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=110819&babsrc=SP_ss&mntrId=449e02b9000000000000001f3f032455
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.bild.de/"
FF - prefs.js..extensions.enabledAddons: pixelzoomer@matthiasschuetz.com:1.3
FF - prefs.js..extensions.enabledAddons: plugin@seitwert.de:1.0.7
FF - prefs.js..extensions.enabledAddons: seo4firefox@seobook.com:3.6.5
FF - prefs.js..extensions.enabledAddons: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.98.16
FF - prefs.js..extensions.enabledAddons: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.9.5.1
FF - prefs.js..extensions.enabledAddons: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.8.1
FF - prefs.js..extensions.enabledAddons: {75CEEE46-9B64-46f8-94BF-54012DE155F0}:0.4.10
FF - prefs.js..extensions.enabledAddons: {d57c9ff1-6389-48fc-b770-f78bd89b6e8a}:1.41
FF - prefs.js..extensions.enabledAddons: {e3f6c2cc-d8db-498c-af6c-499fb211db97}:1.12.9.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {e3f6c2cc-d8db-498c-af6c-499fb211db97}:1.10.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1
FF - prefs.js..extensions.enabledItems: {d57c9ff1-6389-48fc-b770-f78bd89b6e8a}:1.36
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.5.5.1
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.89
FF - prefs.js..extensions.enabledItems: plugin@seitwert.de:1.0.4
FF - prefs.js..keyword.URL: "hxxp://search.babylon.com/?affID=110819&babsrc=KW_ss&mntrId=449e02b9000000000000001f3f032455&q="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 57192
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mali\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mali\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.03.23 13:07:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files\PC Tools\PC Tools Security\BDT\Firefox\ [2012.09.06 16:40:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.14 10:18:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.03.23 13:07:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.14 10:18:55 | 000,000,000 | ---D | M]
[2012.02.17 18:28:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mali\AppData\Roaming\mozilla\Extensions
[2012.09.01 20:16:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mali\AppData\Roaming\mozilla\Firefox\Profiles\vw30zjhv.default\extensions
[2012.08.30 10:43:25 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Mali\AppData\Roaming\mozilla\Firefox\Profiles\vw30zjhv.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2012.02.17 20:05:09 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\Mali\AppData\Roaming\mozilla\Firefox\Profiles\vw30zjhv.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2012.08.03 09:06:09 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Mali\AppData\Roaming\mozilla\Firefox\Profiles\vw30zjhv.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2012.08.28 14:02:59 | 000,000,000 | ---D | M] (Page Speed) -- C:\Users\Mali\AppData\Roaming\mozilla\Firefox\Profiles\vw30zjhv.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
[2012.09.01 20:16:12 | 001,625,368 | ---- | M] () (No name found) -- C:\Users\Mali\AppData\Roaming\mozilla\firefox\profiles\vw30zjhv.default\extensions\firebug@software.joehewitt.com.xpi
[2012.08.07 15:40:03 | 000,072,936 | ---- | M] () (No name found) -- C:\Users\Mali\AppData\Roaming\mozilla\firefox\profiles\vw30zjhv.default\extensions\pixelzoomer@matthiasschuetz.com.xpi
[2012.05.16 00:34:56 | 000,065,304 | ---- | M] () (No name found) -- C:\Users\Mali\AppData\Roaming\mozilla\firefox\profiles\vw30zjhv.default\extensions\plugin@seitwert.de.xpi
[2012.08.09 10:01:29 | 000,087,184 | ---- | M] () (No name found) -- C:\Users\Mali\AppData\Roaming\mozilla\firefox\profiles\vw30zjhv.default\extensions\seo4firefox@seobook.com.xpi
[2011.08.25 01:41:32 | 000,028,993 | ---- | M] () (No name found) -- C:\Users\Mali\AppData\Roaming\mozilla\firefox\profiles\vw30zjhv.default\extensions\{75CEEE46-9B64-46f8-94BF-54012DE155F0}.xpi
[2012.07.25 19:59:30 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Mali\AppData\Roaming\mozilla\firefox\profiles\vw30zjhv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.06.08 15:30:22 | 000,068,257 | ---- | M] () (No name found) -- C:\Users\Mali\AppData\Roaming\mozilla\firefox\profiles\vw30zjhv.default\extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}.xpi
[2012.01.29 22:24:16 | 000,002,519 | ---- | M] () -- C:\Users\Mali\AppData\Roaming\mozilla\firefox\profiles\vw30zjhv.default\searchplugins\Search_Results.xml
[2012.04.24 23:16:04 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.08.31 10:24:43 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.02.16 13:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.05.05 18:35:18 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.08.31 10:24:42 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.16 13:02:53 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.16 13:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.16 13:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.16 13:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mali\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mali\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Mali\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mali\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
O1 HOSTS File: ([2012.09.07 13:51:04 | 000,001,387 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 secure.tune-up.com
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{61D53828-0388-4BFB-BDF0-89E437E5EF86}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A33E87E4-1CBC-46BA-A398-409C915C47C1}: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27 - HKLM IFEO\chrome.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\setup.exe: Debugger - C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ea124859-5bfa-11e1-8a53-001f3f032455}\Shell - "" = AutoRun
O33 - MountPoints2\{ea124859-5bfa-11e1-8a53-001f3f032455}\Shell\AutoRun\command - "" = G:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.09.07 18:17:25 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.09.07 18:14:27 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Users\Mali\Desktop\OTL.exe
[2012.09.07 14:23:25 | 000,000,000 | ---D | C] -- C:\Users\Mali\Desktop\TuneUp.Utilities.2011.v10.0.4310.27.Keymaker.Only-CORE
[2012.09.07 12:20:30 | 000,000,000 | ---D | C] -- C:\Users\Mali\Desktop\PDFs
[2012.09.06 16:40:26 | 000,070,768 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTBD.sys
[2012.09.06 16:40:25 | 002,267,096 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2012.09.06 16:40:25 | 001,689,560 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2012.09.06 16:40:25 | 000,149,464 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2012.09.06 16:38:38 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools
[2012.09.06 16:35:44 | 000,203,120 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTSD.sys
[2012.09.06 16:35:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2012.09.06 16:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2012.09.06 16:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012.09.06 16:33:21 | 000,000,000 | ---D | C] -- C:\Users\Mali\AppData\Roaming\TestApp
[2012.09.06 16:20:18 | 000,000,000 | ---D | C] -- C:\Users\Mali\Desktop\Kaspersky Rescue2Usb
[2012.09.01 20:45:08 | 000,000,000 | ---D | C] -- C:\BEWERBUNGEN
[2012.08.28 15:15:21 | 000,000,000 | ---D | C] -- C:\Users\Mali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.08.28 15:12:47 | 000,000,000 | ---D | C] -- C:\Users\Mali\AppData\Roaming\Opera
[2012.08.28 15:12:47 | 000,000,000 | ---D | C] -- C:\Users\Mali\AppData\Local\Opera
[2012.08.28 15:12:38 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012.08.28 14:37:54 | 000,000,000 | ---D | C] -- C:\Users\Mali\Downloads\Documents\Visual Studio 2008
[2012.08.21 21:52:37 | 000,000,000 | ---D | C] -- C:\Finanzen-Ordner
[2012.08.21 18:40:42 | 000,000,000 | ---D | C] -- C:\Users\Mali\AppData\Roaming\PDAppFlex
[2012.08.21 18:37:11 | 000,000,000 | ---D | C] -- C:\Users\Mali\Downloads\Documents\Adobe Scripts
[2012.08.21 18:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2012.08.21 17:33:42 | 000,000,000 | ---D | C] -- C:\Users\Mali\Desktop\Adobe Illustrator CS6
[2012.08.21 17:32:16 | 000,000,000 | ---D | C] -- C:\Users\Mali\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.08.21 17:32:11 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Download Assistant
[2012.08.21 17:10:44 | 000,000,000 | ---D | C] -- C:\ProgramData\CorelDRAW Graphics Suite X6.1
[2012.08.21 16:48:13 | 000,000,000 | ---D | C] -- C:\Users\Mali\Downloads\Documents\Meine Paletten
[2012.08.21 16:47:21 | 000,000,000 | ---D | C] -- C:\Users\Mali\AppData\Roaming\Corel
[2012.08.21 16:47:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2012.08.21 16:42:50 | 000,000,000 | ---D | C] -- C:\Users\Mali\Downloads\Documents\Corel
[2012.08.21 16:42:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\Visual Studio 2008Templates
[2012.08.21 16:42:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\Visual Studio 2008
[2012.08.21 16:42:36 | 000,000,000 | ---D | C] -- C:\Users\Mali\AppData\Local\Microsoft Help
[2012.08.21 16:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2012.08.21 16:41:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2012.08.21 16:40:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2012.08.21 16:39:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2012.08.21 16:33:11 | 000,000,000 | ---D | C] -- C:\ProgramData\CorelDRAW Graphics Suite X6
[2012.08.21 16:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrovision
[2012.08.21 16:08:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Macromedia
[2012.08.21 16:08:43 | 000,000,000 | ---D | C] -- C:\Program Files\Macromedia
[2012.08.16 01:33:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.08.16 01:33:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.08.16 01:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.08.16 01:32:39 | 000,772,592 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012.08.16 01:32:39 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.08.15 09:27:17 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.08.15 09:27:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.08.15 09:27:16 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.08.15 09:27:15 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.08.15 09:27:14 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.08.15 09:27:14 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.08.15 09:27:13 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.08.15 09:08:39 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012.08.15 09:08:37 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.08.15 09:08:35 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012.08.11 20:20:21 | 000,000,000 | ---D | C] -- C:\Users\Mali\Desktop\Bilder
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.09.07 18:58:54 | 000,022,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.07 18:58:54 | 000,022,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.07 18:51:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.07 18:51:13 | 2012,913,664 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.07 18:37:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.07 18:11:47 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\Mali\Desktop\OTL.exe
[2012.09.07 15:44:50 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.07 15:44:50 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.07 15:44:50 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-565900265-4055734772-1650192657-1000UA.job
[2012.09.07 15:44:50 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-565900265-4055734772-1650192657-1000Core.job
[2012.09.07 13:51:04 | 000,001,387 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.09.07 13:12:50 | 000,353,251 | ---- | M] () -- C:\Users\Mali\Desktop\businessfrau_finanzdachs.jpg
[2012.09.07 13:08:16 | 000,055,080 | ---- | M] () -- C:\Users\Mali\Desktop\frau1.jpg
[2012.09.06 22:48:37 | 000,001,176 | ---- | M] () -- C:\Users\Mali\Desktop\Continue Download Accelerator Installation.lnk
[2012.09.06 21:33:35 | 000,696,620 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.06 21:33:35 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.06 21:33:35 | 000,147,916 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.06 21:33:35 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.06 16:36:16 | 001,124,875 | ---- | M] () -- C:\Windows\System32\drivers\Cat.DB
[2012.09.06 16:33:28 | 000,000,378 | ---- | M] () -- C:\Users\Mali\Desktop\sdsetup_aff.exe.lnk
[2012.09.06 16:16:12 | 000,387,584 | ---- | M] () -- C:\Users\Mali\Desktop\rescue2usb.exe
[2012.09.06 14:53:16 | 004,503,728 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.09.06 00:57:32 | 000,003,110 | ---- | M] () -- C:\Users\Mali\Desktop\Menuversuch.png
[2012.09.06 00:57:32 | 000,000,132 | ---- | M] () -- C:\Users\Mali\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.09.02 21:21:04 | 000,001,456 | ---- | M] () -- C:\Users\Mali\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2012.09.02 21:08:56 | 000,052,185 | ---- | M] () -- C:\Users\Mali\Desktop\Businesfrau.jpg
[2012.08.31 00:30:12 | 000,000,132 | ---- | M] () -- C:\Users\Mali\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012.08.28 14:04:34 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.08.28 14:04:34 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.08.24 21:37:33 | 000,014,181 | ---- | M] () -- C:\Users\Mali\Desktop\Türbeschläge.ods
[2012.08.22 09:29:19 | 007,283,736 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.08.21 00:53:32 | 000,064,688 | ---- | M] () -- C:\tagesgeldkonto-250.jpg
[2012.08.16 01:32:19 | 000,772,592 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012.08.16 01:32:19 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.08.16 01:32:19 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.08.13 21:34:18 | 000,000,197 | ---- | M] () -- C:\.htaccess
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.09.07 13:10:38 | 000,353,251 | ---- | C] () -- C:\Users\Mali\Desktop\businessfrau_finanzdachs.jpg
[2012.09.07 13:08:05 | 000,055,080 | ---- | C] () -- C:\Users\Mali\Desktop\frau1.jpg
[2012.09.07 12:53:55 | 000,052,185 | ---- | C] () -- C:\Users\Mali\Desktop\Businesfrau.jpg
[2012.09.06 22:48:37 | 000,001,176 | ---- | C] () -- C:\Users\Mali\Desktop\Continue Download Accelerator Installation.lnk
[2012.09.06 16:40:26 | 000,767,960 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2012.09.06 16:40:25 | 000,003,488 | ---- | C] () -- C:\Windows\UDB.zip
[2012.09.06 16:40:25 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2012.09.06 16:40:25 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2012.09.06 16:40:25 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2012.09.06 16:35:52 | 001,124,875 | ---- | C] () -- C:\Windows\System32\drivers\Cat.DB
[2012.09.06 16:33:28 | 000,000,378 | ---- | C] () -- C:\Users\Mali\Desktop\sdsetup_aff.exe.lnk
[2012.09.06 16:16:30 | 000,387,584 | ---- | C] () -- C:\Users\Mali\Desktop\rescue2usb.exe
[2012.09.06 14:40:56 | 004,503,728 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad
[2012.09.06 00:57:30 | 000,003,110 | ---- | C] () -- C:\Users\Mali\Desktop\Menuversuch.png
[2012.08.28 15:14:16 | 000,000,904 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-565900265-4055734772-1650192657-1000UA.job
[2012.08.28 15:14:15 | 000,000,852 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-565900265-4055734772-1650192657-1000Core.job
[2012.08.28 15:12:40 | 000,001,787 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012.08.24 21:37:31 | 000,014,181 | ---- | C] () -- C:\Users\Mali\Desktop\Türbeschläge.ods
[2012.08.21 18:33:57 | 000,001,608 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6.lnk
[2012.08.21 18:33:23 | 000,001,127 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
[2012.08.21 18:32:17 | 000,001,311 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2012.08.21 18:32:12 | 000,001,477 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2012.08.21 18:31:43 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012.08.21 17:32:11 | 000,001,013 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2012.08.21 16:59:30 | 000,322,017 | ---- | C] () -- C:\Users\Mali\Desktop\content.ai
[2012.08.21 00:54:00 | 000,064,688 | ---- | C] () -- C:\tagesgeldkonto-250.jpg
[2012.08.12 21:29:42 | 000,000,197 | ---- | C] () -- C:\.htaccess
[2012.05.31 14:51:42 | 000,007,649 | ---- | C] () -- C:\Users\Mali\AppData\Local\Resmon.ResmonCfg
[2012.03.23 13:10:13 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp
[2012.03.23 13:01:05 | 000,245,266 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012.03.23 13:01:05 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012.03.19 21:59:26 | 000,001,456 | ---- | C] () -- C:\Users\Mali\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2012.02.29 12:56:59 | 000,000,132 | ---- | C] () -- C:\Users\Mali\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.02.22 12:03:55 | 000,000,132 | ---- | C] () -- C:\Users\Mali\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012.02.19 21:22:04 | 000,000,169 | ---- | C] () -- C:\Windows\RtlRack.ini
[2012.02.19 21:11:57 | 000,237,568 | ---- | C] () -- C:\Windows\System32\cmirmdrv.exe
[2012.02.19 21:11:57 | 000,028,672 | ---- | C] () -- C:\Windows\System32\cmirmdrv.dll
[2012.02.19 21:11:57 | 000,001,176 | ---- | C] () -- C:\Windows\ImpTable.bin
[2012.02.19 21:02:57 | 000,000,164 | ---- | C] () -- C:\Windows\avrack.ini
[2012.02.19 21:02:54 | 000,156,672 | ---- | C] () -- C:\Windows\System32\RtlCPAPI.dll
[2012.02.19 21:02:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ChCfg.exe
[2012.02.17 15:56:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.02.17 15:56:12 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.11.21 02:30:51 | 000,696,620 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010.11.21 02:30:51 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010.11.21 02:30:51 | 000,147,916 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010.11.21 02:30:51 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.11.20 23:29:34 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2010.11.20 23:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report > Eine Extras.txt wurde nicht erstellt.
Was kann ich jetzt tun?
Beste Grüße |