Code:
OTL logfile created on: 8/26/2013 7:09:32 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
767.00 Mb Total Physical Memory | 503.00 Mb Available Physical Memory | 66.00% Memory free
707.00 Mb Paging File | 573.00 Mb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232.88 Gb Total Space | 136.59 Gb Free Space | 58.65% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand] -- -- (Rapwdvcb)
SRV - [2013/08/17 14:56:05 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/07/18 10:49:42 | 000,022,216 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/04/04 08:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 08:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2011/07/20 00:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011/06/17 13:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/06/14 11:01:03 | 000,068,096 | ---- | M] () [On_Demand] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2010/02/02 06:35:30 | 000,065,856 | ---- | M] (Nalpeiron Ltd.) [Auto] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2009/08/28 13:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/02/06 11:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2006/10/26 09:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/08/03 11:34:43 | 002,119,360 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_0.EXE -- (LiveUpdate)
SRV - [2006/08/03 11:34:43 | 000,100,032 | ---- | M] (Symantec Corporation) [Auto] -- C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler)
SRV - [2006/02/17 09:26:32 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005/11/13 19:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (STCFUx32)
DRV - File not found [Kernel | On_Demand] -- -- (psdvdisk)
DRV - File not found [Kernel | On_Demand] -- -- (psdfilter)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (catchme)
DRV - [2013/08/02 19:28:49 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/08/02 19:28:49 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/08/02 19:28:49 | 000,175,176 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 04:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 04:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 04:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 04:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2013/05/09 04:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/04/04 08:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/12/17 04:49:38 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2006/11/10 09:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/05 21:00:00 | 000,014,976 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avmunet.sys -- (AVMUNET)
DRV - [2006/06/29 03:53:00 | 000,244,864 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006/06/28 12:38:56 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2006/06/18 17:38:18 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006/06/05 15:09:26 | 004,284,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/10/28 05:38:18 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - [2005/10/04 09:38:24 | 000,280,064 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZD1211U.sys -- (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - [2005/06/08 12:44:20 | 000,020,608 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BRGSp50.sys -- (BRGSp50)
DRV - [2004/11/18 07:49:14 | 000,045,534 | ---- | M] (EUTRON) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\eusk3usb.sys -- (eusk3usb)
DRV - [2004/11/18 07:49:14 | 000,024,786 | ---- | M] (EUTRON) [Kernel | System] -- C:\WINDOWS\system32\drivers\eusk2par.sys -- (eusk2par)
DRV - [2004/10/25 07:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2004/08/10 15:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/10 15:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/01/31 15:14:32 | 000,420,000 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2003/12/18 13:53:06 | 000,047,616 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\Haspnt.sys -- (Haspnt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\1234_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://global.acer.com
IE - HKU\1234_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\789_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://global.acer.com
IE - HKU\789_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://global.acer.com
IE - HKU\dilon_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\dilon_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3279411&octid=CT3279411&SearchSource=61&CUI=UN95704704273471277&UM=2&UP=SP624583BB-E9C4-482B-BD60-AD6A3BF282B6
IE - HKU\dilon_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\dilon_ON_C\..\URLSearchHook: {465fcfbb-47a4-4866-a5d5-d12f9a77da00} - Reg Error: Key error. File not found
IE - HKU\dilon_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\dilon_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\dilon_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;192.168.178.1;*.local
IE - HKU\dln_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://global.acer.com
IE - HKU\dln_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\enes_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\enes_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\Eness_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\Eness_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\Eness_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\Eness_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Gast_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://global.acer.com
IE - HKU\Gast_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\hilal_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.live.com
IE - HKU\hilal_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2625848
IE - HKU\hilal_ON_C\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\hilal_ON_C\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - Reg Error: Key error. File not found
IE - HKU\hilal_ON_C\..\URLSearchHook: {64577f6f-8a9d-413a-b4c8-d080d6aeaf88} - Reg Error: Key error. File not found
IE - HKU\hilal_ON_C\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - Reg Error: Key error. File not found
IE - HKU\hilal_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKU\hilal_ON_C\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - Reg Error: Key error. File not found
IE - HKU\hilal_ON_C\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - HKU\hilal_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=1443cdb2-5d07-4eff-b8ea-917a9b462dab&searchtype=ds&q={searchTerms}&installDate=07/07/2013
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=1443cdb2-5d07-4eff-b8ea-917a9b462dab&searchtype=ds&q={searchTerms}&installDate=07/07/2013
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=1443cdb2-5d07-4eff-b8ea-917a9b462dab&searchtype=ds&q={searchTerms}&installDate=07/07/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=1443cdb2-5d07-4eff-b8ea-917a9b462dab&searchtype=ds&q={searchTerms}&installDate=07/07/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=1443cdb2-5d07-4eff-b8ea-917a9b462dab&searchtype=ds&q={searchTerms}&installDate=07/07/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=1443cdb2-5d07-4eff-b8ea-917a9b462dab&searchtype=ds&q={searchTerms}&installDate=07/07/2013
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: File not found
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohTVPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohWebPlayer: C:\Programme\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll (Veoh)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\AVAST Software\Avast\WebRep\FF [2013/08/02 19:27:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013/08/26 01:52:26 | 000,000,000 | ---D | M]
[2005/12/31 20:32:59 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\1234\Anwendungsdaten\mozilla\Extensions
[2013/08/17 14:55:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\Extensions
[2013/08/17 14:55:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions(2)
[2013/08/17 14:55:43 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions(2)\{972ce4c6-7e08-4474-a285-3208198ce6fd}(2)
[2013/08/17 14:55:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013/08/17 14:56:07 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) --
[2011/03/29 13:14:27 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2013/08/26 02:01:33 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programme\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Toolbar\01.01.2607.0\en-us\msntb.dll (Microsoft Corporation)
O3 - HKU\1234_ON_C\..\Toolbar\WebBrowser: (no name) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No CLSID value found.
O3 - HKU\1234_ON_C\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O3 - HKU\1234_ON_C\..\Toolbar\WebBrowser: (no name) - {64577F6F-8A9D-413A-B4C8-D080D6AEAF88} - No CLSID value found.
O3 - HKU\1234_ON_C\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\789_ON_C\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O3 - HKU\789_ON_C\..\Toolbar\WebBrowser: (no name) - {64577F6F-8A9D-413A-B4C8-D080D6AEAF88} - No CLSID value found.
O3 - HKU\789_ON_C\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\dilon_ON_C\..\Toolbar\ShellBrowser: (no name) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - No CLSID value found.
O3 - HKU\dilon_ON_C\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\dilon_ON_C\..\Toolbar\WebBrowser: (no name) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No CLSID value found.
O3 - HKU\dilon_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\dilon_ON_C\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O3 - HKU\dilon_ON_C\..\Toolbar\WebBrowser: (no name) - {64577F6F-8A9D-413A-B4C8-D080D6AEAF88} - No CLSID value found.
O3 - HKU\dilon_ON_C\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKU\dilon_ON_C\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\dilon_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\dilon_ON_C\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\enes_ON_C\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\enes_ON_C\..\Toolbar\WebBrowser: (no name) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No CLSID value found.
O3 - HKU\enes_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\enes_ON_C\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O3 - HKU\enes_ON_C\..\Toolbar\WebBrowser: (no name) - {64577F6F-8A9D-413A-B4C8-D080D6AEAF88} - No CLSID value found.
O3 - HKU\enes_ON_C\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\enes_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\Gast_ON_C\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O3 - HKU\Gast_ON_C\..\Toolbar\WebBrowser: (no name) - {64577F6F-8A9D-413A-B4C8-D080D6AEAF88} - No CLSID value found.
O3 - HKU\Gast_ON_C\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\hilal_ON_C\..\Toolbar\ShellBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\hilal_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\hilal_ON_C\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O3 - HKU\hilal_ON_C\..\Toolbar\WebBrowser: (no name) - {64577F6F-8A9D-413A-B4C8-D080D6AEAF88} - No CLSID value found.
O3 - HKU\hilal_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Programme\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [gemstrmw] C:\WINDOWS\System32\gemstrmw.exe (Gemplus)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LaunchApp] C:\WINDOWS\Alaunch.exe (Acer Inc.)
O4 - HKLM..\Run: [MSC] C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [ntiMUI] C:\Programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe (sonix)
O4 - HKU\dilon_ON_C..\Run: [ConduitFloatingPlugin_ggamifejnddpoocdmadhjdbgaijnphdi] File not found
O4 - HKU\dilon_ON_C..\Run: [Direct Card Updater] File not found
O4 - HKU\dilon_ON_C..\Run: [MsnMsgr] File not found
O4 - HKU\dilon_ON_C..\Run: [RDReminder] File not found
O4 - HKU\dilon_ON_C..\Run: [SearchProtect] File not found
O4 - HKU\dilon_ON_C..\Run: [tiwcky] File not found
O4 - HKU\dilon_ON_C..\Run: [VeohPlugin] File not found
O4 - HKU\dilon_ON_C..\Run: [weather9-service] File not found
O4 - HKU\enes_ON_C..\Run: [{0EFD0A40-97EF-E221-AB23-E01F7574D85B}] File not found
O4 - HKU\enes_ON_C..\Run: [msnmsgr] File not found
O4 - HKU\hilal_ON_C..\Run: [msnmsgr] File not found
O4 - HKU\hilal_ON_C..\Run: [SearchProtect] File not found
O4 - HKU\dilon_ON_C..\RunOnce: [FlashPlayerUpdate] File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\dilon\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\enes\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\1234_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\789_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\dilon_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\dln_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\enes_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Eness_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Eness_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Gast_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\hilal_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Programme\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Amazon (amazon.de) - {603D3CE5-33BC-4d51-A31E-613A2B826E21} - C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\IEButtons\toolbutton2.js ()
O9 - Extra Button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: easy Shopping - {804420A5-7F05-4ee9-92F2-D2B644AD9102} - C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\IEButtons\toolbutton3.js ()
O9 - Extra Button: eBay (ebay.de) - {C376BD23-6DC3-4e10-9ED0-AB8C0444E45C} - C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\IEButtons\toolbutton1.js ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} hxxp://download.sopcast.cn/download/SOPCORE.CAB (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/11 15:40:56 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/08/25 18:32:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/08/21 02:07:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office Live Add-in
[2013/08/21 01:10:35 | 000,238,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2013/08/21 00:46:32 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client
[2013/08/20 18:39:57 | 000,000,000 | -HSD | C] -- C:\WINDOWS\system32\config\systemprofile\Cookies
[2013/08/17 18:35:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\Malwarebytes
[2013/08/17 18:35:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013/08/17 18:35:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2013/08/17 18:34:54 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/08/17 18:34:54 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2013/08/17 14:55:41 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2013/08/08 02:56:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/08/07 14:11:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\Google
[2013/08/07 11:08:04 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\LocalService\Cookies
[2013/08/07 09:38:12 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013/08/07 08:17:05 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/08/07 08:12:17 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/08/07 08:12:17 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/08/07 08:12:17 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/08/07 08:12:17 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/08/07 08:08:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/08/07 08:08:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Eness\Eigene Dateien\Eigene Videos
[2013/08/07 08:08:00 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Videos
[2013/08/07 08:07:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/08/06 11:08:23 | 000,000,000 | ---D | C] -- C:\FRST
[2013/08/02 19:30:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome
[2013/08/02 19:28:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Eness\Lokale Einstellungen\Anwendungsdaten\Google
[2013/08/02 19:28:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus
[2013/08/02 19:28:36 | 000,369,584 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/08/02 19:28:36 | 000,029,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/08/02 19:28:34 | 000,049,760 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/08/02 19:28:33 | 000,056,080 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/08/02 19:28:32 | 000,770,344 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/08/02 19:28:29 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/08/02 19:28:28 | 000,229,648 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013/08/02 19:27:21 | 000,041,664 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/08/02 19:26:38 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2013/08/02 19:25:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2013/08/02 07:27:35 | 000,000,000 | ---D | C] -- C:\Programme\Image Converter
[2011/06/20 13:26:16 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2std.dll
[2011/06/20 13:26:16 | 000,045,056 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll
[2009/10/15 12:31:17 | 001,925,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Dokumente und Einstellungen\dilon\install_flash_player.exe
[2009/10/15 00:33:35 | 000,016,384 | ---- | C] ( ) -- C:\WINDOWS\System32\ClearEvent.exe
[2009/10/15 00:32:03 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/08/26 11:06:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/08/26 10:50:39 | 000,000,386 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/08/26 04:57:56 | 000,562,746 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013/08/26 04:57:56 | 000,531,742 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/08/26 04:57:56 | 000,121,188 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013/08/26 04:57:56 | 000,100,526 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/08/26 04:53:49 | 000,000,354 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/08/26 04:53:14 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/26 04:52:50 | 804,835,328 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/26 02:01:33 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2013/08/26 01:38:32 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/25 14:49:53 | 000,000,006 | ---- | M] () -- C:\Dokumente und Einstellungen\Eness\Eigene Dateien\settings
[2013/08/24 10:42:30 | 000,000,538 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for dilon.job
[2013/08/21 02:07:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office Live Add-in
[2013/08/21 01:51:24 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/08/21 00:47:58 | 000,001,912 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2013/08/21 00:47:34 | 000,001,682 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Security Essentials.lnk
[2013/08/17 18:35:05 | 000,000,760 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/17 18:35:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013/08/08 03:12:52 | 000,000,699 | ---- | M] () -- C:\Dokumente und Einstellungen\Eness\Desktop\Verknüpfung mit adwcleaner.lnk
[2013/08/08 03:12:39 | 000,000,658 | ---- | M] () -- C:\Dokumente und Einstellungen\Eness\Desktop\Verknüpfung mit JRT.lnk
[2013/08/07 08:17:10 | 000,000,337 | RHS- | M] () -- C:\boot.ini
[2013/08/07 08:11:09 | 000,000,689 | ---- | M] () -- C:\Dokumente und Einstellungen\Eness\Desktop\Verknüpfung mit ComboFix.lnk
[2013/08/02 19:30:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome
[2013/08/02 19:28:49 | 000,770,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/08/02 19:28:49 | 000,369,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/08/02 19:28:49 | 000,175,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/08/02 19:28:49 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/08/02 19:28:49 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/08/02 19:28:49 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013/08/02 19:28:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\avast! Free Antivirus
[2013/08/02 19:28:29 | 000,003,058 | ---- | M] () -- C:\WINDOWS\System32\config.nt
[2013/08/02 13:28:01 | 000,006,519 | ---- | M] () -- C:\Dokumente und Einstellungen\Eness\Eigene Dateien\Studentenjob.pdf
[2013/08/02 11:32:26 | 000,041,769 | ---- | M] () -- C:\Dokumente und Einstellungen\Eness\Eigene Dateien\Lebenslauf.pdf
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/08/21 00:57:32 | 000,000,386 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2013/08/21 00:47:58 | 000,001,912 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2013/08/21 00:47:34 | 000,001,682 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Security Essentials.lnk
[2013/08/17 18:35:05 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/08 03:12:52 | 000,000,699 | ---- | C] () -- C:\Dokumente und Einstellungen\Eness\Desktop\Verknüpfung mit adwcleaner.lnk
[2013/08/08 03:12:39 | 000,000,658 | ---- | C] () -- C:\Dokumente und Einstellungen\Eness\Desktop\Verknüpfung mit JRT.lnk
[2013/08/07 08:17:10 | 000,000,221 | ---- | C] () -- C:\Boot.bak
[2013/08/07 08:17:06 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2013/08/07 08:12:17 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/08/07 08:12:17 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/08/07 08:12:17 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/08/07 08:12:17 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/08/07 08:12:17 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/08/07 08:11:09 | 000,000,689 | ---- | C] () -- C:\Dokumente und Einstellungen\Eness\Desktop\Verknüpfung mit ComboFix.lnk
[2013/08/02 19:30:41 | 000,001,799 | ---- | C] () -- C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/08/02 19:28:51 | 000,001,088 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/02 19:28:51 | 000,001,084 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/02 19:28:49 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/08/02 19:28:49 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/08/02 19:28:49 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013/08/02 19:28:31 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/08/02 19:28:31 | 000,000,354 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/08/02 19:28:30 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/08/02 11:45:25 | 000,006,519 | ---- | C] () -- C:\Dokumente und Einstellungen\Eness\Eigene Dateien\Studentenjob.pdf
[2013/04/15 16:38:40 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013/04/15 16:38:40 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013/04/15 16:38:40 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013/02/07 23:03:08 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/10/22 17:27:07 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\1234\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2012/10/01 18:41:34 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2012/10/01 16:06:40 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Eness\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2012/09/29 13:41:01 | 000,186,154 | ---- | C] () -- C:\Dokumente und Einstellungen\dilon\Lokale Einstellungen\Anwendungsdaten\tiwcky_nav.dat
[2012/09/29 13:41:01 | 000,003,193 | ---- | C] () -- C:\Dokumente und Einstellungen\dilon\Lokale Einstellungen\Anwendungsdaten\tiwcky.dat
[2012/09/29 13:41:01 | 000,002,219 | ---- | C] () -- C:\Dokumente und Einstellungen\dilon\Lokale Einstellungen\Anwendungsdaten\tiwcky_navps.dat
[2012/07/29 01:19:30 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\Gast\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2012/07/13 11:50:21 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\dln\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2012/07/12 17:06:57 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2012/02/15 03:28:00 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/06 15:29:17 | 000,000,783 | ---- | C] () -- C:\WINDOWS\NTIWVEDT.INI
[2011/09/04 10:53:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Jcmkr32.INI
[2011/06/20 13:26:19 | 008,816,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys
[2011/06/20 13:26:19 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini
[2011/06/20 13:26:16 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnp2std.exe
[2010/09/05 11:06:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PhEdit.INI
[2010/09/05 10:20:37 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010/09/05 10:20:37 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010/09/05 10:20:37 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010/09/05 10:20:37 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010/09/05 10:20:37 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010/09/05 10:20:37 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010/09/05 10:20:37 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010/09/05 10:20:37 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010/09/05 10:20:37 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010/09/05 10:20:37 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2010/09/05 10:20:37 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010/09/05 10:20:37 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010/09/05 10:20:37 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010/09/05 10:20:37 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010/09/05 10:20:37 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010/09/05 10:20:37 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2010/09/05 10:20:37 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2010/09/05 10:20:37 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010/09/05 10:20:37 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/06/09 11:07:39 | 000,005,097 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ojobkspa.ako
[2010/06/08 13:07:32 | 000,000,188 | ---- | C] () -- C:\WINDOWS\System32\eDataSecurity.dat
[2010/05/24 08:25:11 | 000,081,268 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/01/27 14:42:05 | 000,158,748 | ---- | C] () -- C:\WINDOWS\hpoins15.dat.temp
[2010/01/27 14:42:05 | 000,001,039 | ---- | C] () -- C:\WINDOWS\hpomdl15.dat.temp
[2010/01/12 15:25:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2010/01/05 15:15:26 | 000,000,238 | ---- | C] () -- C:\WINDOWS\Caligari.ini
[2009/12/11 19:28:14 | 000,000,696 | ---- | C] () -- C:\Dokumente und Einstellungen\dilon\haspemul.reg
[2009/12/11 19:11:58 | 000,420,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\hardlock.sys
[2009/12/11 19:10:38 | 000,000,383 | ---- | C] () -- C:\WINDOWS\System32\haspdos.sys
[2009/12/11 19:10:37 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\hdduinst.exe
[2009/12/11 19:10:36 | 000,164,864 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE
[2009/12/11 19:10:36 | 000,006,836 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI
[2009/12/11 12:45:18 | 000,000,238 | ---- | C] () -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\varicad-work.ini
[2009/11/15 08:52:02 | 000,158,312 | ---- | C] () -- C:\WINDOWS\hpoins15.dat
[2009/11/15 08:52:02 | 000,001,039 | ---- | C] () -- C:\WINDOWS\hpomdl15.dat
[2009/11/03 16:28:18 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\enes\PUTTY.RND
[2009/10/21 08:04:30 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/10/18 15:10:05 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2009/10/15 15:23:38 | 000,002,370 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009/10/15 13:34:32 | 000,096,256 | ---- | C] () -- C:\Dokumente und Einstellungen\dilon\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/15 12:29:56 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/15 09:46:48 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\enes\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/10/15 09:38:48 | 000,092,672 | ---- | C] () -- C:\Dokumente und Einstellungen\hilal\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/15 09:33:38 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\hilal\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/10/15 00:44:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/10/15 00:34:04 | 000,114,688 | ---- | C] () -- C:\WINDOWS\PowerOption.exe
[2009/10/15 00:34:04 | 000,000,294 | ---- | C] () -- C:\WINDOWS\PowerOption.ini
[2009/10/15 00:27:07 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\dilon\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/09/16 12:27:58 | 000,508,224 | ---- | C] () -- C:\WINDOWS\System32\ICCProfiles.dll
[2006/10/16 01:58:14 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\aspolyzt.dll
[2006/08/11 15:44:20 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/08/11 15:44:12 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/11 15:42:58 | 000,000,046 | ---- | C] () -- C:\WINDOWS\commercial.ini
[2006/08/11 15:42:28 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MWLPS.dll
[2006/08/11 15:41:18 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/08/11 15:40:34 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2006/08/11 15:40:34 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2006/08/11 15:40:34 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2006/08/11 15:40:34 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2006/08/11 15:31:46 | 000,562,746 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006/08/11 15:31:46 | 000,531,742 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/08/11 15:31:46 | 000,121,188 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006/08/11 15:31:46 | 000,100,526 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/08/11 15:31:32 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006/08/11 15:28:30 | 000,370,488 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/08/11 15:17:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/08/11 15:15:28 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/07/11 17:19:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/07/11 17:19:00 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2006/07/11 17:19:00 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/07/11 17:19:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2006/07/11 17:19:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/07/11 17:19:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/07/11 17:19:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/07/11 17:19:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2006/07/11 17:19:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2006/07/11 17:19:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/06/29 06:44:32 | 001,826,304 | ---- | C] () -- C:\WINDOWS\System32\asconv3d.dll
[2006/05/29 09:05:58 | 000,303,104 | ---- | C] () -- C:\WINDOWS\CreateLnk.exe
[2006/03/23 03:24:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\as_tree2.dll
[2005/12/31 19:04:53 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\789\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2005/11/16 16:11:52 | 000,024,576 | RH-- | C] () -- C:\WINDOWS\System32\Kill1211.exe
[2005/10/30 21:17:38 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/10/26 01:25:28 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/10/12 11:43:40 | 000,000,095 | ---- | C] () -- C:\WINDOWS\alaunch.ini
[2005/08/05 08:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/14 19:48:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2005/07/12 08:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2005/07/06 05:59:58 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\asdrawli.dll
[2005/07/04 08:17:30 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\ASDRAWMA.DLL
[2005/04/04 02:44:04 | 000,000,258 | ---- | C] () -- C:\WINDOWS\Clearlnk.ini
[2004/12/16 21:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2004/08/17 10:34:52 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\AS_SORT.DLL
[2004/08/10 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 15:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004/08/10 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 15:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004/08/10 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 15:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 15:00:00 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 15:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/03/23 10:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2003/08/07 03:51:32 | 000,024,576 | -H-- | C] () -- C:\WINDOWS\System32\reboot.exe
[2003/08/06 13:32:24 | 000,024,576 | -H-- | C] () -- C:\WINDOWS\System32\KCMDNIns.exe
[2003/05/22 05:31:44 | 000,033,792 | ---- | C] () -- C:\WINDOWS\System32\ASDRAW32.DLL
[2003/03/14 06:24:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe
[2002/07/12 09:29:28 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\AS_MDB32.DLL
[2002/05/23 11:34:46 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2001/12/26 09:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 16:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/08/25 12:04:08 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/25 12:02:42 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/30 09:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 15:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
[2001/06/06 04:59:04 | 000,209,612 | ---- | C] () -- C:\WINDOWS\System32\as_fconv.exe
========== LOP Check ==========
[2010/01/05 13:52:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\ASCON Installer
[2010/01/05 14:00:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\ASCON Programme
[2010/06/14 11:37:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\Downloaded Installations
[2011/05/25 11:32:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\DVDVideoSoft
[2011/05/25 11:33:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\DVDVideoSoftIEHelpers
[2013/08/17 19:23:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\File Scout
[2012/08/05 03:01:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\FRITZ!
[2009/10/18 15:30:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\ICQ
[2009/10/15 12:12:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\ICQ Toolbar
[2010/10/23 17:00:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\IEButtons
[2010/06/09 11:07:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\MOVAVI
[2009/10/20 10:54:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\MSNInstaller
[2010/06/14 11:40:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\Nitro PDF
[2005/12/31 19:06:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\OpenOffice.org
[2013/07/21 18:38:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\PerformerSoft
[2009/10/30 16:14:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\PPMate
[2009/10/30 16:33:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\PPStream
[2013/08/17 19:23:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\SearchProtect
[2013/07/21 18:38:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\StatusWinks
[2009/10/30 17:12:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\StreamTorrent
[2012/07/03 12:34:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\TuneUp Software
[2009/12/11 12:45:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\VariCAD
[2013/07/21 18:36:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\weather9
[2009/11/05 17:59:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enes\Anwendungsdaten\ICQ
[2010/07/24 13:12:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enes\Anwendungsdaten\Nitro PDF
[2011/03/29 13:23:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enes\Anwendungsdaten\OpenOffice.org
[2010/04/06 15:39:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enes\Anwendungsdaten\Paltalk
[2009/11/05 16:10:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enes\Anwendungsdaten\StreamTorrent
[2012/07/01 10:48:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\enes\Anwendungsdaten\TuneUp Software
[2012/10/01 18:45:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\OpenOffice.org
[2013/07/06 14:13:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\player
[2013/07/06 14:05:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\StreamTorrent
[2013/07/26 19:17:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\TFP
[2013/08/25 17:47:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\TS3Client
[2012/06/30 17:02:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\hilal\Anwendungsdaten\DVDVideoSoft
[2009/10/18 13:50:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\hilal\Anwendungsdaten\ICQ
[2012/06/30 17:05:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\hilal\Anwendungsdaten\TuneUp Software
[2009/10/21 11:36:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\hilal\Anwendungsdaten\Windows Live Writer
[2012/07/03 17:14:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software
[2013/08/02 19:26:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2012/06/30 17:05:00 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2011/05/15 15:50:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Driver Mender
[2011/02/04 07:33:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Driver Whiz
[2010/01/07 19:24:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\epp
[2013/02/16 06:08:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hotspot Shield
[2013/08/08 03:15:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2010/10/18 12:55:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IM
[2010/10/18 12:54:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IncrediMail
[2010/06/14 11:38:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nitro PDF
[2009/10/15 16:21:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NtiDvdCopy
[2010/09/05 10:21:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Panasonic
[2010/10/18 12:55:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PhotoMail
[2012/06/30 17:06:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2011/02/04 07:33:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UAB
[2009/12/11 12:45:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VariCAD
[2010/01/05 13:03:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2012/06/30 17:05:00 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2009/10/15 16:46:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2013/08/26 04:53:49 | 000,000,354 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 128 bytes -> C:\WINDOWS:nlsPreferences
< End of report >
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-08-2013
Ran by Eness (administrator) on 26-08-2013 19:45:04
Running from C:\Dokumente und Einstellungen\Eness\Eigene Dateien\Downloads
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) c:\Programme\Microsoft Security Client\MsMpEng.exe
(AVAST Software) C:\Programme\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\SCardSvr.exe
(ArcSoft Inc.) C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Symantec Corporation) C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehRecvr.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehSched.exe
(Sun Microsystems, Inc.) C:\Programme\Java\jre6\bin\jqs.exe
(Hewlett-Packard Company) c:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
(Nalpeiron Ltd.) C:\WINDOWS\system32\NLSSRV32.EXE
(Microsoft Corporation) C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Microsoft Corporation) C:\WINDOWS\eHome\ehmsas.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Apple Inc.) C:\Programme\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Programme\HP\HP Software Update\HPWuSchd2.exe
(ArcSoft Inc.) C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Microsoft Corporation) C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe
(Sun Microsystems, Inc.) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(sonix) C:\WINDOWS\tsnp2std.exe
(AVAST Software) C:\Programme\AVAST Software\Avast\avastUI.exe
(Microsoft Corporation) C:\Programme\Microsoft Security Client\msseces.exe
(McAfee, Inc.) C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe
(Apple Inc.) C:\Programme\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Farbar) C:\Dokumente und Einstellungen\Eness\Eigene Dateien\Downloads\FRST(6).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ehTray] - C:\WINDOWS\ehome\ehtray.exe [67584 2005-09-29] (Microsoft Corporation)
HKLM\...\Run: [LaunchApp] - Alaunch [x]
HKLM\...\Run: [RTHDCPL] - C:\Windows\RTHDCPL.EXE [16208384 2006-06-01] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SkyTel] - C:\Windows\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ntiMUI] - c:\Programme\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [45056 2005-05-11] ()
HKLM\...\Run: [IMJPMIG8.1] - C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [208952 2004-08-10] (Microsoft Corporation)
HKLM\...\Run: [IMEKRMIG6.1] - C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE [44032 2004-08-10] (Microsoft Corporation)
HKLM\...\Run: [MSPY2002] - C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [59392 2004-08-10] ()
HKLM\...\Run: [PHIME2002ASync] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-10] (Microsoft Corporation)
HKLM\...\Run: [PHIME2002A] - C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [455168 2004-08-10] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Programme\iTunes\iTunesHelper.exe [305440 2009-09-21] (Apple Inc.)
HKLM\...\Run: [HP Software Update] - C:\Programme\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM\...\Run: [gemstrmw] - C:\WINDOWS\system32\gemstrmw.exe [24576 2005-02-07] (Gemplus)
HKLM\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [421888 2010-03-17] (Apple Inc.)
HKLM\...\Run: [ArcSoft Connection Service] - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe [195072 2009-06-19] (ArcSoft Inc.)
HKLM\...\Run: [GrooveMonitor] - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [tsnp2std] - C:\WINDOWS\tsnp2std.exe [102400 2005-09-09] (sonix)
HKLM\...\Run: [avast] - C:\Programme\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [MSC] - c:\Programme\Microsoft Security Client\msseces.exe [995184 2013-07-18] (Microsoft Corporation)
HKU\dil\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [ 2010-03-17] (Apple Inc.)
HKU\dil\...\Run: [Roahewacaq] - "C:\Dokumente und Einstellungen\dil\Anwendungsdaten\Quzae\icwo.exe" [x]
HKU\dil\...\Run: [kvlknkcclqplwra] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\kvlknkcc.exe [x]
HKU\enes\...\Run: [msnmsgr] - "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background [x]
HKU\enes\...\Run: [{0EFD0A40-97EF-E221-AB23-E01F7574D85B}] - "C:\Dokumente und Einstellungen\enes\Anwendungsdaten\Luyzik\ehpuca.exe" [x]
HKU\enes\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [ 2010-03-17] (Apple Inc.)
HKU\Gast\...\Run: [QuickTime Task] - C:\Programme\QuickTime\qttask.exe [ 2010-03-17] (Apple Inc.)
HKU\hilal\...\Run: [msnmsgr] - "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background [x]
HKU\hilal\...\Run: [SearchProtect] - C:\Dokumente und Einstellungen\hilal\Anwendungsdaten\SearchProtect\bin\cltmng.exe [x]
Lsa: [Authentication Packages] msv1_0 nwprovau
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programme\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Toolbar\01.01.2607.0\en-us\msntb.dll (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} hxxp://download.sopcast.cn/download/SOPCORE.CAB
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ipp - No CLSID Value -
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\Mozilla\Firefox\Profiles\ofaig7ca.default
FF Homepage: hxxp://www.uhrzeit.org/atomuhr.php
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @java.com/JavaPlugin - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Programme\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/vbp;version=0.9.16 - C:\Programme\Veetle\VLCBroadcast\npvbp.dll No File
FF Plugin: @veoh.com/VeohTVPlugin - C:\Programme\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll No File
FF Plugin: @veoh.com/VeohWebPlayer - C:\Programme\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll (Veoh)
FF Extension: Default - C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Programme\Java\jre6\lib\deploy\jqs\ff
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] C:\Programme\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Programme\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Programme\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Programme\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (2007 Microsoft Office system) - C:\Programme\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Veoh Web Player Beta) - C:\Programme\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll (Veoh)
CHR Plugin: (iTunes Application Detector) - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Programme\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR HKLM\...\Chrome\Extension: [aohghmighlieiainnegkcijnfilokake] - C:\Dokumente und Einstellungen\dilon\Anwendungsdaten\StatusWinks\StatusWinks.crx
CHR HKLM\...\Chrome\Extension: [ggamifejnddpoocdmadhjdbgaijnphdi] - C:\Dokumente und Einstellungen\dilon\Lokale Einstellungen\Anwendungsdaten\CRE\ggamifejnddpoocdmadhjdbgaijnphdi.crx
========================== Services (Whitelisted) =================
R2 6to4; C:\Windows\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
R2 ACDaemon; C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2010-06-14] ()
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)
R2 Automatisches LiveUpdate - Scheduler; C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe [100032 2006-08-03] (Symantec Corporation)
R2 avast! Antivirus; C:\Programme\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [238888 2008-12-12] (Apple Inc.)
S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-03] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [116648 2013-08-03] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2013-08-03] (Google)
R3 hpqcxs08; C:\Programme\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-11] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Programme\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-11] (Hewlett-Packard Co.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation)
R3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [545568 2009-09-21] (Apple Inc.)
R2 LightScribeService; c:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [73728 2006-02-17] (Hewlett-Packard Company)
S3 LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2119360 2006-08-03] (Symantec Corporation)
R2 MBAMScheduler; C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe [237008 2011-06-17] (McAfee, Inc.)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 Microsoft Office Groove Audit Service; C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [117656 2013-08-17] (Mozilla Foundation)
R2 MsMpSvc; c:\Programme\Microsoft Security Client\MsMpEng.exe [22216 2013-07-18] (Microsoft Corporation)
R2 NWCWorkstation; C:\Windows\System32\nwwks.dll [65536 2008-04-14] (Microsoft Corporation)
R2 NwSapAgent; C:\Windows\System32\ipxsap.dll [66560 2004-08-10] (Microsoft Corporation)
S3 odserv; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] (Microsoft Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
R2 SeaPort; C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [240512 2009-05-19] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-10-24] (Microsoft Corporation)
R2 JavaQuickStarterService; "C:\Programme\Java\jre6\bin\jqs.exe" -service -config "C:\Programme\Java\jre6\lib\deploy\jqs\jqs.conf" [x]
==================== Drivers (Whitelisted) ====================
R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43520 2006-06-18] (Advanced Micro Devices)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\System32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-03] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-03] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-08-03] ()
S3 AVMUNET; C:\Windows\System32\DRIVERS\avmunet.sys [14976 2006-10-06] (AVM GmbH)
S3 BRGSp50; C:\Windows\System32\Drivers\BRGSp50.sys [20608 2005-06-08] (Printing Communications Assoc., Inc. (PCAUSA))
R1 eeCtrl; C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys [371248 2010-12-17] (Symantec Corporation)
R1 eusk2par; C:\WINDOWS\system32\Drivers\eusk2par.sys [24786 2004-11-18] (EUTRON)
S3 eusk3usb; C:\Windows\System32\Drivers\eusk3usb.sys [45534 2004-11-18] (EUTRON)
R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [420000 2004-01-31] ()
R2 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2003-12-18] (Aladdin Knowledge Systems)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2007-03-08] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2007-03-08] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2007-03-08] (HP)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 nm; C:\Windows\System32\DRIVERS\NMnt.sys [40320 2008-04-13] (Microsoft Corporation)
R0 nvatabus; C:\Windows\System32\drivers\nvatabus.sys [105088 2006-06-28] (NVIDIA Corporation)
R2 NwlnkIpx; C:\Windows\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\Windows\System32\DRIVERS\nwlnknb.sys [63232 2004-08-10] (Microsoft Corporation)
R2 NwlnkSpx; C:\Windows\System32\DRIVERS\nwlnkspx.sys [55936 2004-08-10] (Microsoft Corporation)
R3 NWRDR; C:\Windows\System32\DRIVERS\nwrdr.sys [163584 2008-04-13] (Microsoft Corporation)
U3 Rapwdvcb;
R1 Tcpip6; C:\Windows\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
R0 UBHelper; C:\Windows\System32\Drivers\UBHelper.sys [13952 2004-12-17] ()
R3 yukonwxp; C:\Windows\System32\DRIVERS\yk51x86.sys [244864 2006-06-29] (Marvell)
S3 ZD1211BU(ZyDAS); C:\Windows\System32\DRIVERS\zd1211Bu.sys [402432 2005-10-28] (ZyDAS Technology Corporation)
S3 ZD1211U(ZyDAS); C:\Windows\System32\DRIVERS\zd1211u.sys [280064 2005-10-04] (ZyDAS Technology Corporation)
S3 ZDPSp50; C:\Windows\System32\Drivers\ZDPSp50.sys [17664 2004-10-25] (Printing Communications Assoc., Inc. (PCAUSA))
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U2 CertPropSvc;
S4 IntelIde; No ImagePath
S3 psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys [x]
S3 psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys [x]
S3 STCFUx32; system32\DRIVERS\STCFUx32.SYS [x]
U2 wuaserv;
==================== NetSvcs (Whitelisted) ===================
NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
==================== One Month Created Files and Folders ========
2013-08-26 00:32 - 2013-08-26 00:32 - 00000000 ____D C:\_OTL
2013-08-25 07:32 - 2013-08-27 01:12 - 00127770 _____ C:\OTL.Txt
2013-08-22 19:18 - 2013-08-22 19:20 - 00000029 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Neu Textdokument (4).txt
2013-08-21 07:51 - 2013-08-21 07:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-21 07:51 - 2013-08-21 07:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-21 07:50 - 2013-08-21 07:50 - 00014794 _____ C:\WINDOWS\KB2863058.log
2013-08-21 07:50 - 2013-08-21 07:50 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-21 07:49 - 2013-08-21 07:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-21 07:13 - 2013-08-21 07:51 - 00021889 _____ C:\WINDOWS\KB2850869.log
2013-08-21 07:12 - 2013-08-21 07:51 - 00022717 _____ C:\WINDOWS\KB2859537.log
2013-08-21 07:10 - 2013-05-02 17:28 - 00238872 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2013-08-21 07:08 - 2013-08-21 07:39 - 00112148 _____ C:\WINDOWS\KB2862772-IE7.log
2013-08-21 06:57 - 2013-08-26 19:32 - 00000386 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-08-21 06:47 - 2013-08-21 06:47 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2013-08-21 06:46 - 2013-08-21 06:47 - 00000000 ____D C:\Programme\Microsoft Security Client
2013-08-18 03:58 - 2013-08-18 03:58 - 00002042 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Neu Textdokument (5.txt
2013-08-18 03:58 - 2013-08-18 03:58 - 00000000 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Neu Textdokument (3).txt
2013-08-18 01:20 - 2013-08-18 01:20 - 00000097 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Neu Textdokument (2).txt
2013-08-18 00:35 - 2013-08-18 00:35 - 00000760 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-18 00:35 - 2013-08-18 00:35 - 00000000 ____D C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\Malwarebytes
2013-08-18 00:34 - 2013-08-18 00:35 - 00000000 ____D C:\Programme\Malwarebytes' Anti-Malware
2013-08-18 00:34 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-08-17 20:55 - 2013-08-17 22:11 - 00000000 ____D C:\Programme\Mozilla Firefox
2013-08-17 00:09 - 2013-08-17 00:09 - 00000876 _____ C:\Dokumente und Einstellungen\Eness\Desktop\JRT.txt
2013-08-16 04:15 - 2013-08-16 04:16 - 00002359 _____ C:\AdwCleaner[R1].txt
2013-08-12 00:37 - 2013-08-12 00:37 - 00037958 _____ C:\Dokumente und Einstellungen\Eness\Desktop\SystemLook.txt
2013-08-08 09:15 - 2013-08-08 09:16 - 00104056 _____ C:\AdwCleaner[S1].txt
2013-08-08 09:12 - 2013-08-08 09:12 - 00000699 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Verknüpfung mit adwcleaner.lnk
2013-08-08 09:12 - 2013-08-08 09:12 - 00000658 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Verknüpfung mit JRT.lnk
2013-08-08 08:56 - 2013-08-08 08:56 - 00000000 ____D C:\WINDOWS\ERUNT
2013-08-07 20:11 - 2013-08-07 20:11 - 00000000 ____D C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\Google
2013-08-07 17:10 - 2013-08-08 09:27 - 00000096 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Neu Textdokument.txt
2013-08-07 17:04 - 2013-08-07 17:04 - 00027262 _____ C:\ComboFix.txt
2013-08-07 16:55 - 2013-08-07 16:55 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2013-08-07 16:55 - 2013-08-07 16:55 - 00000000 ____H C:\WINDOWS\system32\config\system.tmp.LOG
2013-08-07 16:55 - 2013-08-07 16:55 - 00000000 ____H C:\WINDOWS\system32\config\software.tmp.LOG
2013-08-07 16:55 - 2013-08-07 16:55 - 00000000 ____H C:\WINDOWS\system32\config\SAM.tmp.LOG
2013-08-07 16:55 - 2013-08-07 16:55 - 00000000 ____H C:\WINDOWS\system32\config\default.tmp.LOG
2013-08-07 15:38 - 2013-08-07 17:04 - 00000000 ____D C:\ComboFix
2013-08-07 14:17 - 2013-08-07 14:17 - 00000000 _RSHD C:\cmdcons
2013-08-07 14:17 - 2009-10-15 06:26 - 00000221 _____ C:\Boot.bak
2013-08-07 14:17 - 2004-08-03 23:00 - 00262448 __RSH C:\cmldr
2013-08-07 14:12 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2013-08-07 14:12 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2013-08-07 14:12 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2013-08-07 14:12 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2013-08-07 14:12 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2013-08-07 14:12 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2013-08-07 14:12 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
2013-08-07 14:12 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
2013-08-07 14:12 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
2013-08-07 14:11 - 2013-08-07 14:11 - 00000689 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Verknüpfung mit ComboFix.lnk
2013-08-07 14:08 - 2013-08-07 17:04 - 00000000 ____D C:\Qoobox
2013-08-07 14:07 - 2013-08-07 17:03 - 00000000 ____D C:\WINDOWS\erdnt
2013-08-07 02:01 - 2013-08-07 02:01 - 00090112 _____ C:\WINDOWS\Minidump\Mini080713-01.dmp
2013-08-06 21:08 - 2013-08-06 21:08 - 00090112 _____ C:\WINDOWS\Minidump\Mini080613-01.dmp
2013-08-06 17:08 - 2013-08-09 18:20 - 00000000 ____D C:\FRST
2013-08-05 20:28 - 2013-08-05 20:28 - 00090112 _____ C:\WINDOWS\Minidump\Mini080513-02.dmp
2013-08-05 02:38 - 2013-08-05 02:37 - 00090112 _____ C:\WINDOWS\Minidump\Mini080513-01.dmp
2013-08-03 01:28 - 2013-08-26 19:38 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-03 01:28 - 2013-08-26 19:28 - 00000354 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-08-03 01:28 - 2013-08-26 19:23 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-03 01:28 - 2013-08-03 01:28 - 00770344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-08-03 01:28 - 2013-08-03 01:28 - 00369584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-08-03 01:28 - 2013-08-03 01:28 - 00175176 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-08-03 01:28 - 2013-08-03 01:28 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys.sum
2013-08-03 01:28 - 2013-08-03 01:28 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2013-08-03 01:28 - 2013-08-03 01:28 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSnx.sys.sum
2013-08-03 01:28 - 2013-05-09 10:59 - 00066336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-08-03 01:28 - 2013-05-09 10:59 - 00056080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2013-08-03 01:28 - 2013-05-09 10:59 - 00049760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2013-08-03 01:28 - 2013-05-09 10:59 - 00049376 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-08-03 01:28 - 2013-05-09 10:59 - 00029816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-08-03 01:28 - 2013-05-09 10:58 - 00229648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-08-03 01:27 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-08-03 01:26 - 2013-08-03 01:26 - 00000000 ____D C:\Programme\AVAST Software
2013-08-03 01:21 - 2013-08-03 01:33 - 00000002 _____ C:\AvastSetup.log
2013-08-02 13:58 - 2013-08-02 13:58 - 00000876 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Johanniter.txt
2013-08-02 13:50 - 2013-08-02 13:50 - 00000874 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Malkow.txt
2013-08-02 13:27 - 2013-08-02 13:27 - 00000000 ____D C:\Programme\Image Converter
2013-08-02 12:56 - 2013-08-02 12:56 - 00003923 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Corning Cable System interessant.txt
2013-08-02 12:53 - 2013-08-02 12:53 - 00002079 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Sick Vertreibs....txt
2013-08-02 12:49 - 2013-08-02 12:51 - 00001681 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Inccas.txt
2013-07-28 00:48 - 2013-07-28 00:48 - 00000000 ___RD C:\Dokumente und Einstellungen\Eness\Startmenü\Programme\Verwaltung
2013-07-27 01:17 - 2013-07-27 01:17 - 00000000 ____D C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\TFP
2013-07-27 01:17 - 2012-05-11 15:47 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSCMCFR.DLL
2013-07-27 01:17 - 2012-05-11 15:47 - 00119568 _____ (Microsoft Corporation) C:\WINDOWS\system32\VB6FR.DLL
2013-07-27 01:17 - 2012-05-11 15:47 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\VB6STKIT.DLL
2013-07-27 01:17 - 2012-05-11 15:47 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CMDLGFR.DLL
==================== One Month Modified Files and Folders =======
2013-08-27 01:12 - 2013-08-25 07:32 - 00127770 _____ C:\OTL.Txt
2013-08-26 19:44 - 2006-08-11 21:44 - 01119650 _____ C:\WINDOWS\WindowsUpdate.log
2013-08-26 19:38 - 2013-08-03 01:28 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-26 19:32 - 2013-08-21 06:57 - 00000386 ____H C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job
2013-08-26 19:28 - 2013-08-03 01:28 - 00000354 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-08-26 19:23 - 2013-08-03 01:28 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-26 19:22 - 2006-08-11 22:14 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-08-26 19:22 - 2006-08-11 22:14 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-08-26 19:22 - 2006-08-11 21:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-08-26 19:22 - 2006-08-11 21:39 - 00000000 ____D C:\WINDOWS\Registration
2013-08-26 17:06 - 2012-10-01 22:06 - 00000190 ___SH C:\Dokumente und Einstellungen\Eness\ntuser.ini
2013-08-26 17:06 - 2006-08-11 21:44 - 00032362 _____ C:\WINDOWS\SchedLgU.Txt
2013-08-26 10:57 - 2006-08-11 21:31 - 01335980 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-26 08:09 - 2009-10-15 15:46 - 00000300 ___SH C:\Dokumente und Einstellungen\enes\ntuser.ini
2013-08-26 07:53 - 2012-10-01 22:45 - 00000000 ____D C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\Adobe
2013-08-26 07:53 - 2010-05-14 16:38 - 00000000 ____D C:\WINDOWS\system32\Adobe
2013-08-26 07:53 - 2006-08-11 21:16 - 00000000 ____D C:\WINDOWS\system32\Macromed
2013-08-26 07:52 - 2006-08-11 21:40 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Adobe
2013-08-26 00:32 - 2013-08-26 00:32 - 00000000 ____D C:\_OTL
2013-08-25 23:47 - 2012-10-03 01:05 - 00000000 ____D C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\TS3Client
2013-08-25 20:49 - 2013-02-02 16:52 - 00000006 _____ C:\Dokumente und Einstellungen\Eness\Eigene Dateien\settings
2013-08-24 16:42 - 2010-05-16 00:45 - 00000538 ____H C:\WINDOWS\Tasks\Norton Security Scan for dilon.job
2013-08-22 19:20 - 2013-08-22 19:18 - 00000029 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Neu Textdokument (4).txt
2013-08-21 08:10 - 2006-08-11 21:15 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-08-21 08:07 - 2006-01-01 01:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-08-21 08:00 - 2009-10-15 23:30 - 75778376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-08-21 07:56 - 2009-10-21 14:02 - 00000000 ____D C:\Programme\Microsoft Office
2013-08-21 07:51 - 2013-08-21 07:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2859537$
2013-08-21 07:51 - 2013-08-21 07:51 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2013-08-21 07:51 - 2013-08-21 07:13 - 00021889 _____ C:\WINDOWS\KB2850869.log
2013-08-21 07:51 - 2013-08-21 07:12 - 00022717 _____ C:\WINDOWS\KB2859537.log
2013-08-21 07:51 - 2006-08-11 21:44 - 01414484 _____ C:\WINDOWS\tsoc.log
2013-08-21 07:51 - 2006-08-11 21:44 - 01399511 _____ C:\WINDOWS\iis6.log
2013-08-21 07:51 - 2006-08-11 21:39 - 00320057 _____ C:\WINDOWS\MedCtrOC.log
2013-08-21 07:51 - 2006-08-11 21:36 - 03039836 _____ C:\WINDOWS\FaxSetup.log
2013-08-21 07:51 - 2006-08-11 21:36 - 01514119 _____ C:\WINDOWS\ocgen.log
2013-08-21 07:51 - 2006-08-11 21:36 - 00949868 _____ C:\WINDOWS\msmqinst.log
2013-08-21 07:51 - 2006-08-11 21:36 - 00879550 _____ C:\WINDOWS\comsetup.log
2013-08-21 07:51 - 2006-08-11 21:36 - 00549289 _____ C:\WINDOWS\netfxocm.log
2013-08-21 07:51 - 2006-08-11 21:36 - 00538340 _____ C:\WINDOWS\ntdtcsetup.log
2013-08-21 07:51 - 2006-08-11 21:36 - 00360855 _____ C:\WINDOWS\plusoc.log
2013-08-21 07:51 - 2006-08-11 21:36 - 00168431 _____ C:\WINDOWS\ehOCGen.log
2013-08-21 07:51 - 2006-08-11 21:36 - 00154032 _____ C:\WINDOWS\msgsocm.log
2013-08-21 07:51 - 2006-08-11 21:36 - 00151002 _____ C:\WINDOWS\tabletoc.log
2013-08-21 07:51 - 2006-08-11 21:36 - 00145456 _____ C:\WINDOWS\ocmsn.log
2013-08-21 07:51 - 2006-08-11 21:36 - 00001374 _____ C:\WINDOWS\imsins.log
2013-08-21 07:51 - 2006-08-11 21:36 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-08-21 07:51 - 2006-08-11 21:35 - 00361574 _____ C:\WINDOWS\updspapi.log
2013-08-21 07:50 - 2013-08-21 07:50 - 00014794 _____ C:\WINDOWS\KB2863058.log
2013-08-21 07:50 - 2013-08-21 07:50 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$
2013-08-21 07:50 - 2009-10-15 22:23 - 00050126 _____ C:\WINDOWS\system32\TZLog.log
2013-08-21 07:49 - 2013-08-21 07:49 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$
2013-08-21 07:39 - 2013-08-21 07:08 - 00112148 _____ C:\WINDOWS\KB2862772-IE7.log
2013-08-21 07:39 - 2010-01-18 20:16 - 00000000 ____D C:\WINDOWS\system32\de-de
2013-08-21 07:38 - 2010-01-18 20:17 - 00000000 ____D C:\WINDOWS\ie7updates
2013-08-21 06:47 - 2013-08-21 06:47 - 00001912 _____ C:\WINDOWS\epplauncher.mif
2013-08-21 06:47 - 2013-08-21 06:46 - 00000000 ____D C:\Programme\Microsoft Security Client
2013-08-21 06:46 - 2006-08-11 21:42 - 00000000 ___RD C:\Programme
2013-08-18 03:58 - 2013-08-18 03:58 - 00002042 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Neu Textdokument (5.txt
2013-08-18 03:58 - 2013-08-18 03:58 - 00000000 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Neu Textdokument (3).txt
2013-08-18 01:34 - 2011-03-19 21:10 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971029$
2013-08-18 01:20 - 2013-08-18 01:20 - 00000097 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Neu Textdokument (2).txt
2013-08-18 00:35 - 2013-08-18 00:35 - 00000760 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-18 00:35 - 2013-08-18 00:35 - 00000000 ____D C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\Malwarebytes
2013-08-18 00:35 - 2013-08-18 00:34 - 00000000 ____D C:\Programme\Malwarebytes' Anti-Malware
2013-08-17 22:26 - 2012-07-12 23:37 - 00000000 ____D C:\Programme\Mozilla Maintenance Service
2013-08-17 22:11 - 2013-08-17 20:55 - 00000000 ____D C:\Programme\Mozilla Firefox
2013-08-17 00:09 - 2013-08-17 00:09 - 00000876 _____ C:\Dokumente und Einstellungen\Eness\Desktop\JRT.txt
2013-08-16 04:16 - 2013-08-16 04:15 - 00002359 _____ C:\AdwCleaner[R1].txt
2013-08-12 10:08 - 2012-10-01 22:06 - 00000000 ____D C:\Dokumente und Einstellungen\Eness
2013-08-12 00:37 - 2013-08-12 00:37 - 00037958 _____ C:\Dokumente und Einstellungen\Eness\Desktop\SystemLook.txt
2013-08-09 18:20 - 2013-08-06 17:08 - 00000000 ____D C:\FRST
2013-08-08 09:27 - 2013-08-07 17:10 - 00000096 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Neu Textdokument.txt
2013-08-08 09:16 - 2013-08-08 09:15 - 00104056 _____ C:\AdwCleaner[S1].txt
2013-08-08 09:12 - 2013-08-08 09:12 - 00000699 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Verknüpfung mit adwcleaner.lnk
2013-08-08 09:12 - 2013-08-08 09:12 - 00000658 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Verknüpfung mit JRT.lnk
2013-08-08 08:56 - 2013-08-08 08:56 - 00000000 ____D C:\WINDOWS\ERUNT
2013-08-07 20:11 - 2013-08-07 20:11 - 00000000 ____D C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\Google
2013-08-07 17:08 - 2006-08-11 21:19 - 00000000 __SHD C:\Dokumente und Einstellungen\LocalService
2013-08-07 17:04 - 2013-08-07 17:04 - 00027262 _____ C:\ComboFix.txt
2013-08-07 17:04 - 2013-08-07 15:38 - 00000000 ____D C:\ComboFix
2013-08-07 17:04 - 2013-08-07 14:08 - 00000000 ____D C:\Qoobox
2013-08-07 17:03 - 2013-08-07 14:07 - 00000000 ____D C:\WINDOWS\erdnt
2013-08-07 16:59 - 2006-08-11 22:13 - 00000246 _____ C:\WINDOWS\system.ini
2013-08-07 16:56 - 2006-08-11 21:44 - 49807360 _____ C:\WINDOWS\system32\config\software.bak
2013-08-07 16:56 - 2006-08-11 21:44 - 10485760 _____ C:\WINDOWS\system32\config\system.bak
2013-08-07 16:56 - 2006-08-11 21:44 - 00421888 _____ C:\WINDOWS\system32\config\default.bak
2013-08-07 16:56 - 2006-08-11 21:44 - 00069632 _____ C:\WINDOWS\system32\config\SECURITY.bak
2013-08-07 16:56 - 2006-08-11 21:44 - 00040960 _____ C:\WINDOWS\system32\config\SAM.bak
2013-08-07 16:55 - 2013-08-07 16:55 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2013-08-07 16:55 - 2013-08-07 16:55 - 00000000 ____H C:\WINDOWS\system32\config\system.tmp.LOG
2013-08-07 16:55 - 2013-08-07 16:55 - 00000000 ____H C:\WINDOWS\system32\config\software.tmp.LOG
2013-08-07 16:55 - 2013-08-07 16:55 - 00000000 ____H C:\WINDOWS\system32\config\SAM.tmp.LOG
2013-08-07 16:55 - 2013-08-07 16:55 - 00000000 ____H C:\WINDOWS\system32\config\default.tmp.LOG
2013-08-07 14:17 - 2013-08-07 14:17 - 00000000 _RSHD C:\cmdcons
2013-08-07 14:17 - 2006-08-11 21:44 - 00000337 __RSH C:\boot.ini
2013-08-07 14:11 - 2013-08-07 14:11 - 00000689 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Verknüpfung mit ComboFix.lnk
2013-08-07 14:08 - 2006-08-11 21:19 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Dokumente
2013-08-07 02:01 - 2013-08-07 02:01 - 00090112 _____ C:\WINDOWS\Minidump\Mini080713-01.dmp
2013-08-07 02:01 - 2009-11-16 18:17 - 00000000 ____D C:\WINDOWS\Minidump
2013-08-06 21:08 - 2013-08-06 21:08 - 00090112 _____ C:\WINDOWS\Minidump\Mini080613-01.dmp
2013-08-06 20:21 - 2013-01-31 12:06 - 00000000 ____D C:\Dokumente und Einstellungen\Eness\Eigene Dateien\Industriemechaniker
2013-08-05 20:28 - 2013-08-05 20:28 - 00090112 _____ C:\WINDOWS\Minidump\Mini080513-02.dmp
2013-08-05 02:37 - 2013-08-05 02:38 - 00090112 _____ C:\WINDOWS\Minidump\Mini080513-01.dmp
2013-08-03 01:33 - 2013-08-03 01:21 - 00000002 _____ C:\AvastSetup.log
2013-08-03 01:31 - 2009-10-15 18:28 - 00000000 ____D C:\Programme\Google
2013-08-03 01:28 - 2013-08-03 01:28 - 00770344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-08-03 01:28 - 2013-08-03 01:28 - 00369584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-08-03 01:28 - 2013-08-03 01:28 - 00175176 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-08-03 01:28 - 2013-08-03 01:28 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys.sum
2013-08-03 01:28 - 2013-08-03 01:28 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2013-08-03 01:28 - 2013-08-03 01:28 - 00000175 _____ C:\WINDOWS\system32\Drivers\aswSnx.sys.sum
2013-08-03 01:28 - 2006-08-11 21:17 - 00003058 _____ C:\WINDOWS\system32\config.nt
2013-08-03 01:26 - 2013-08-03 01:26 - 00000000 ____D C:\Programme\AVAST Software
2013-08-02 19:40 - 2012-10-02 04:39 - 00000000 ____D C:\Dokumente und Einstellungen\Eness\Eigene Dateien\Meine Scans
2013-08-02 13:58 - 2013-08-02 13:58 - 00000876 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Johanniter.txt
2013-08-02 13:50 - 2013-08-02 13:50 - 00000874 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Malkow.txt
2013-08-02 13:35 - 2012-10-01 22:06 - 00000000 ___RD C:\Dokumente und Einstellungen\Eness\Startmenü\Programme
2013-08-02 13:27 - 2013-08-02 13:27 - 00000000 ____D C:\Programme\Image Converter
2013-08-02 12:56 - 2013-08-02 12:56 - 00003923 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Corning Cable System interessant.txt
2013-08-02 12:53 - 2013-08-02 12:53 - 00002079 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Sick Vertreibs....txt
2013-08-02 12:51 - 2013-08-02 12:49 - 00001681 _____ C:\Dokumente und Einstellungen\Eness\Desktop\Inccas.txt
2013-07-30 18:45 - 2011-06-20 19:27 - 00542767 _____ C:\WINDOWS\setupapi.log
2013-07-28 14:50 - 2009-10-15 18:28 - 00000000 ____D C:\Programme\Gemeinsame Dateien\DivX Shared
2013-07-28 14:50 - 2009-10-15 18:28 - 00000000 ____D C:\Programme\DivX
2013-07-28 00:48 - 2013-07-28 00:48 - 00000000 ___RD C:\Dokumente und Einstellungen\Eness\Startmenü\Programme\Verwaltung
2013-07-27 01:17 - 2013-07-27 01:17 - 00000000 ____D C:\Dokumente und Einstellungen\Eness\Anwendungsdaten\TFP
Files to move or delete:
====================
C:\DOKUME~1\Eness\LOKALE~1\Temp\install_flashplayer11x32_mssa_aaa_aih.exe
C:\DOKUME~1\Eness\LOKALE~1\Temp\install_flashplayer11x32_mssd_aaa_aih.exe
C:\DOKUME~1\Eness\LOKALE~1\Temp\install_flashplayer11x32_mssd_aaa_aih_1.exe
C:\DOKUME~1\Eness\LOKALE~1\Temp\uninst1.exe
C:\DOKUME~1\Eness\LOKALE~1\Temp\jrt\erunt\ERUNT.EXE
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2004-08-10 21:00] - [2008-04-14 04:22] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e
C:\Windows\System32\winlogon.exe
[2004-08-10 21:00] - [2008-04-14 04:23] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a
C:\Windows\System32\svchost.exe
[2004-08-10 21:00] - [2008-04-14 04:23] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366
C:\Windows\System32\services.exe
[2004-08-10 21:00] - [2009-02-09 13:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc
C:\Windows\System32\User32.dll
[2005-03-02 20:09] - [2008-04-14 04:22] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd
C:\Windows\System32\userinit.exe
[2004-08-10 21:00] - [2008-04-14 04:23] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106
C:\Windows\System32\Drivers\volsnap.sys
[2004-08-10 21:00] - [2008-04-14 03:52] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d
==================== End Of Log ============================ --- --- ---
--- --- --- |