| PinkPalace | 19.12.2011 22:40 |
okay habe ich gemachtOTL Logfile:
OTL Logfile: Code:
OTL logfile created on: 19.12.2011 22:20:21 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Sunnyx3\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,87 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 75,46% Memory free
3,72 Gb Paging File | 3,32 Gb Available in Paging File | 89,29% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 217,77 Gb Free Space | 93,51% Space Free | Partition Type: NTFS
Computer Name: | User Name: | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.12.19 21:56:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\OTL.exe
PRC - [2011.10.19 16:56:15 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.19 16:55:48 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.06 11:55:28 | 000,937,920 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2010.10.27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.10.13 16:21:08 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Messenger\SweetIM.exe
PRC - [2010.08.25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Programme\Nero\Update\NASvc.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.10.09 20:11:19 | 000,389,120 | R--- | M] () -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerScheduleService.exe
PRC - [2009.08.01 04:06:24 | 000,155,648 | R--- | M] () -- C:\Programme\Gemeinsame Dateien\AVerMedia\AVerQuick\AVerHIDReceiver.exe
PRC - [2009.06.19 18:31:38 | 000,651,264 | R--- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Programme\Gemeinsame Dateien\AVerMedia\AVerQuick\AVerQuick.exe
PRC - [2009.04.08 20:49:30 | 000,344,064 | R--- | M] (AVerMedia) -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerRemote.exe
PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.07.11 16:09:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
PRC - [2007.04.21 09:37:02 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
PRC - [2006.09.19 09:07:28 | 000,827,392 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2005.02.25 16:54:48 | 000,131,072 | ---- | M] (Alcor Micro, Corp.) -- C:\Programme\Multimedia Card Reader\shwicon2k.exe
========== Modules (No Company Name) ==========
MOD - [2011.10.19 16:56:03 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011.06.06 11:55:32 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2009.10.09 20:11:19 | 000,389,120 | R--- | M] () -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerScheduleService.exe
MOD - [2009.08.01 04:06:24 | 000,155,648 | R--- | M] () -- C:\Programme\Gemeinsame Dateien\AVerMedia\AVerQuick\AVerHIDReceiver.exe
MOD - [2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.07.11 16:09:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe
MOD - [2007.04.21 09:37:02 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
MOD - [2006.09.19 09:07:28 | 000,827,392 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.17 11:04:36 | 000,247,872 | ---- | M] () [Auto | Stopped] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- ( Service)
SRV - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.10.09 20:11:19 | 000,389,120 | R--- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe -- (DfSdkS)
SRV - [2009.04.08 20:49:30 | 000,344,064 | R--- | M] (AVerMedia) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2008.11.11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Programme\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
========== Driver Services (SafeList) ==========
DRV - [2011.12.08 20:28:13 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.19 16:56:15 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.19 16:56:15 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.05.13 06:47:46 | 000,076,800 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV84.sys -- (SSHDRV84)
DRV - [2010.11.09 21:00:08 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2010.11.09 10:51:29 | 004,449,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.10.19 04:26:06 | 000,474,880 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVerAF35.sys -- (AVerAF35)
DRV - [2008.10.28 11:27:28 | 000,022,144 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ArcVad.sys -- (arcvad_ds2dhw)
DRV - [2008.04.25 05:06:44 | 000,014,336 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2008.04.14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2007.03.27 18:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2007.02.02 21:03:24 | 001,975,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006.08.15 06:09:48 | 000,083,200 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006.07.01 23:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.12.01 11:49:22 | 000,023,600 | ---- | M] (Licensed for Gebhard Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drhard.sys -- (drhard)
DRV - [2004.12.08 19:16:30 | 000,038,468 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt)
DRV - [2004.08.13 19:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.live.com/sphome.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.live.com/sphome.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=15421
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "IMVU Inc Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de.ask.com/?l=dis&o=15421"
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Programme\FunWebProducts\Installr\2.bin\NPFunWeb.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.12.07 15:19:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.11.11 07:39:03 | 000,000,000 | ---D | M]
[2010.11.07 17:17:57 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Extensions
[2011.12.19 13:47:55 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Firefox\Profiles\0she221w.default\extensions
[2011.12.19 13:36:30 | 000,002,253 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Firefox\Profiles\0she221w.default\searchplugins\askcom.xml
[2010.11.21 17:06:58 | 000,001,819 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Firefox\Profiles\0she221w.default\searchplugins\bing.xml
[2011.09.27 13:13:36 | 000,000,919 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Firefox\Profiles\0she221w.default\searchplugins\conduit.xml
[2011.12.19 13:36:27 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Firefox\Profiles\0she221w.default\searchplugins\icqplugin-1.xml
[2011.12.17 19:20:12 | 000,001,056 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Firefox\Profiles\0she221w.default\searchplugins\icqplugin.xml
[2010.11.11 18:19:49 | 000,003,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Firefox\Profiles\0she221w.default\searchplugins\sweetim.xml
[2011.11.08 10:58:07 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.11.11 22:57:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.06.25 16:59:40 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.06.25 16:59:40 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.06.25 16:59:40 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.06.25 16:59:40 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.06.25 16:59:40 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2008.04.14 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolbar) - {00000000-0000-0000-0000-000000000000} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [Nokia FastStart] "C:\Programme\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart File not found
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [Sunkist2k] C:\Programme\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKCU..\Run: [ICQ] ~"C:\Programme\ICQ7.0\ICQ.exe" silent loginmode=4 File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AVer HID Receiver.lnk = C:\Programme\Gemeinsame Dateien\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AVerQuick.lnk = C:\Programme\Gemeinsame Dateien\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Dokumente und Einstellungen\Sunnyx3\Startmenü\Programme\IMVU\Run IMVU.lnk File not found
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3731E7F-5994-44CD-AD33-03DA025C1AED}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - hxxp://theme.webme.com/designs/flash/images/rightlabel.jpg
O24 - Desktop Components:1 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.07 13:36:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.12.19 21:56:22 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\OTL.exe
[2011.12.19 15:08:14 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2011.12.19 15:06:53 | 002,322,184 | ---- | C] (ESET) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\esetsmartinstaller_enu.exe
[2011.12.19 12:45:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Nero
[2011.12.19 12:43:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nero
[2011.12.19 12:43:04 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Nero
[2011.12.19 12:42:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Nero
[2011.12.19 12:42:55 | 000,000,000 | ---D | C] -- C:\Programme\Nero
[2011.12.19 12:38:16 | 000,000,000 | ---D | C] -- C:\Programme\Ask.com
[2011.12.18 22:31:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Malwarebytes
[2011.12.18 22:31:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.12.18 22:31:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011.12.18 22:31:00 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.12.18 22:31:00 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.12.18 22:28:25 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\mbam-setup-1.51.2.1300.exe
[2011.12.17 19:33:24 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Sunnyx3\Recent
[2011.12.17 19:26:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Google
[2011.12.17 19:22:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner
[2011.12.17 19:22:01 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.12.17 19:21:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome
[2011.12.17 19:21:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Google
[2011.12.17 19:20:57 | 000,000,000 | ---D | C] -- C:\Programme\Google
[2011.12.17 19:20:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Google
[2011.12.17 19:20:17 | 003,552,208 | ---- | C] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\ccsetup313.exe
[2011.12.17 13:24:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\Verschiedene ORDNER
[2011.11.26 08:54:15 | 001,413,866 | ---- | C] (My Company) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\BEI_ANRUF_BOHLEN_reloaded.exe
[2011.01.22 19:41:06 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2011.01.22 19:41:06 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2007.03.12 11:41:52 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2005.11.23 12:55:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.12.19 22:31:00 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.19 22:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.12.19 21:56:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\OTL.exe
[2011.12.19 19:32:29 | 000,013,696 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.19 19:32:29 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.19 19:32:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.19 16:23:35 | 000,053,534 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\1pIHr.jpg
[2011.12.19 15:06:54 | 002,322,184 | ---- | M] (ESET) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\esetsmartinstaller_enu.exe
[2011.12.19 13:30:31 | 000,002,441 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nero BurnLite 10.lnk
[2011.12.19 13:26:45 | 000,025,088 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.18 23:04:43 | 002,359,350 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\sreenshot von anti malware.bmp
[2011.12.18 22:31:05 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.12.18 22:28:35 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\mbam-setup-1.51.2.1300.exe
[2011.12.18 17:09:03 | 000,001,801 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\Avira Free Antivirus Profil Suche nach Rootkits und aktiver Malware.LNK
[2011.12.17 19:22:02 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2011.12.17 19:21:59 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2011.12.17 19:20:18 | 003,552,208 | ---- | M] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\ccsetup313.exe
[2011.12.15 16:23:56 | 000,099,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.08 20:28:13 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011.11.26 08:54:16 | 001,413,866 | ---- | M] (My Company) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\BEI_ANRUF_BOHLEN_reloaded.exe
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.12.19 16:23:35 | 000,053,534 | ---- | C] () -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\1pIHr.jpg
[2011.12.19 12:43:22 | 000,002,441 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nero BurnLite 10.lnk
[2011.12.19 12:38:20 | 000,000,230 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011.12.18 23:04:43 | 002,359,350 | ---- | C] () -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\sreenshot von anti malware.bmp
[2011.12.18 22:31:05 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.12.18 17:09:02 | 000,001,801 | ---- | C] () -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\Avira Free Antivirus Profil Suche nach Rootkits und aktiver Malware.LNK
[2011.12.17 19:22:02 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2011.12.17 19:21:59 | 000,001,777 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2011.12.17 19:21:25 | 000,001,092 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.17 19:21:25 | 000,001,088 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.13 06:47:46 | 000,076,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV84.sys
[2011.05.13 06:46:34 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\jesterss.dll
[2011.01.22 19:41:20 | 000,270,336 | ---- | C] () -- C:\WINDOWS\tsnpstd3.exe
[2011.01.17 15:03:07 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011.01.17 14:58:54 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\AVerIO.dll
[2011.01.17 14:58:54 | 000,003,456 | R--- | C] () -- C:\WINDOWS\System32\AVerIO.sys
[2011.01.17 14:58:01 | 000,598,016 | R--- | C] () -- C:\WINDOWS\System32\sptlib21.dll
[2011.01.17 14:58:01 | 000,307,200 | R--- | C] () -- C:\WINDOWS\System32\sptlib01.dll
[2011.01.17 14:58:01 | 000,294,912 | R--- | C] () -- C:\WINDOWS\System32\sptlib11.dll
[2011.01.17 14:58:01 | 000,290,816 | R--- | C] () -- C:\WINDOWS\System32\sptlib22.dll
[2011.01.17 14:58:01 | 000,249,856 | R--- | C] () -- C:\WINDOWS\System32\sptlib03.dll
[2011.01.17 14:58:01 | 000,225,280 | R--- | C] () -- C:\WINDOWS\System32\sptlib02.dll
[2011.01.17 14:58:01 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\sptlib12.dll
[2011.01.12 17:46:30 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2011.01.05 21:27:41 | 000,025,088 | ---- | C] () -- C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.04 18:54:12 | 000,020,480 | ---- | C] () -- C:\WINDOWS\FixCamera.exe
[2010.12.13 21:30:39 | 000,072,112 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.11.14 19:21:55 | 000,023,837 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010.11.10 12:39:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2010.11.08 19:01:18 | 000,000,816 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2010.11.08 14:31:36 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.11.07 17:17:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.11.07 13:47:58 | 000,024,227 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2010.11.07 13:47:31 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010.11.07 13:47:21 | 000,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010.11.07 13:38:55 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.11.07 13:33:40 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.11.07 13:27:36 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.11.07 13:26:20 | 000,099,048 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.04.14 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.04.14 13:00:00 | 000,449,236 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2008.04.14 13:00:00 | 000,432,928 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.04.14 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.04.14 13:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2008.04.14 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.04.14 13:00:00 | 000,080,544 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2008.04.14 13:00:00 | 000,067,884 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.04.14 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.04.14 13:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2008.04.14 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.04.14 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.04.14 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.04.14 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2007.02.03 03:40:10 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2007.01.31 00:21:34 | 000,128,813 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006.09.19 09:07:28 | 000,827,392 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2004.02.27 16:36:18 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2002.05.28 18:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002.05.28 18:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
========== LOP Check ==========
[2011.01.17 15:03:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVerTV
[2010.11.07 18:22:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Driver Mender
[2011.11.05 07:25:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2010.12.13 20:09:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
[2010.11.19 09:14:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SweetIM
[2011.11.05 07:25:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\XML
[2011.12.19 22:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
========== Purity Check ==========
========== Custom Scans ==========
< OTL logfile created on: 19.12.2011 21:59:55 - Run 2 >
< OTL by OldTimer - Version 3.2.31.0 Folder = C:\Dokumente und Einstellungen\Sunnyx3\Desktop >
< Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation >
< Internet Explorer (Version = 6.0.2900.5512) >
< Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy >
< >
< 1,87 Gb Total Physical Memory | 1,42 Gb Available Physical Memory | 75,78% Memory free >
< 3,72 Gb Paging File | 3,33 Gb Available in Paging File | 89,41% Paging File free >
< Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] >
< >
< %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme >
< Drive C: | 232,88 Gb Total Space | 217,77 Gb Free Space | 93,51% Space Free | Partition Type: NTFS >
< >
< Computer Name: | User Name: | Logged in as Administrator. >
< Boot Mode: Normal | Scan Mode: Current user >
< Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days >
< >
< ========== Processes (SafeList) ========== >
Invalid Switch: color]
< >
< PRC - [2011.12.19 21:56:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\OTL.exe >
< PRC - [2011.10.19 16:56:15 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe >
< PRC - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe >
< PRC - [2011.10.19 16:55:48 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe >
< PRC - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe >
< PRC - [2011.06.06 11:55:28 | 000,937,920 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe >
< PRC - [2010.10.27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe >
< PRC - [2010.10.13 16:21:08 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Messenger\SweetIM.exe >
< PRC - [2010.08.25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ArcCon.ac >
< PRC - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Programme\Nero\Update\NASvc.exe >
< PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe >
< PRC - [2009.10.09 20:11:19 | 000,389,120 | R--- | M] () -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerScheduleService.exe >
< PRC - [2009.08.01 04:06:24 | 000,155,648 | R--- | M] () -- C:\Programme\Gemeinsame Dateien\AVerMedia\AVerQuick\AVerHIDReceiver.exe >
< PRC - [2009.06.19 18:31:38 | 000,651,264 | R--- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Programme\Gemeinsame Dateien\AVerMedia\AVerQuick\AVerQuick.exe >
< PRC - [2009.04.08 20:49:30 | 000,344,064 | R--- | M] (AVerMedia) -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerRemote.exe >
< PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Programme\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe >
< PRC - [2008.04.14 13:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe >
< PRC - [2007.07.11 16:09:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe >
< PRC - [2007.04.21 09:37:02 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe >
< PRC - [2006.09.19 09:07:28 | 000,827,392 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe >
< PRC - [2005.02.25 16:54:48 | 000,131,072 | ---- | M] (Alcor Micro, Corp.) -- C:\Programme\Multimedia Card Reader\shwicon2k.exe >
< >
< >
< ========== Modules (No Company Name) ========== >
Invalid Switch: color]
< >
< MOD - [2011.10.19 16:56:03 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll >
< MOD - [2011.06.06 11:55:32 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU >
< MOD - [2009.10.09 20:11:19 | 000,389,120 | R--- | M] () -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerScheduleService.exe >
< MOD - [2009.08.01 04:06:24 | 000,155,648 | R--- | M] () -- C:\Programme\Gemeinsame Dateien\AVerMedia\AVerQuick\AVerHIDReceiver.exe >
< MOD - [2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll >
< MOD - [2007.07.11 16:09:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\FixCamera.exe >
< MOD - [2007.04.21 09:37:02 | 000,270,336 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe >
< MOD - [2006.09.19 09:07:28 | 000,827,392 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe >
< >
< >
< ========== Win32 Services (SafeList) ========== >
Invalid Switch: color]
< >
< SRV - File not found [Disabled | Stopped] -- -- (HidServ) >
< SRV - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) >
< SRV - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) >
< SRV - [2011.08.17 11:04:36 | 000,247,872 | ---- | M] () [Auto | Stopped] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- ( Service) >
< SRV - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Nero\Update\NASvc.exe -- (NAUpdate) >
< SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) >
< SRV - [2009.10.09 20:11:19 | 000,389,120 | R--- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService) >
< SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe -- (DfSdkS) >
< SRV - [2009.04.08 20:49:30 | 000,344,064 | R--- | M] (AVerMedia) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\AVerMedia\Service\AVerRemote.exe -- (AVerRemote) >
< SRV - [2008.11.11 09:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) >
< SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Programme\Hama\Hama Webcam Suite\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) >
< >
< >
< ========== Driver Services (SafeList) ========== >
Invalid Switch: color]
< >
< DRV - [2011.12.08 20:28:13 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) >
< DRV - [2011.10.19 16:56:15 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) >
< DRV - [2011.10.19 16:56:15 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) >
< DRV - [2011.05.13 06:47:46 | 000,076,800 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV84.sys -- (SSHDRV84) >
< DRV - [2010.11.09 21:00:08 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService) >
< DRV - [2010.11.09 10:51:29 | 004,449,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) >
< DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) >
< DRV - [2009.10.19 04:26:06 | 000,474,880 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AVerAF35.sys -- (AVerAF35) >
< DRV - [2008.10.28 11:27:28 | 000,022,144 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ArcVad.sys -- (arcvad_ds2dhw) >
< DRV - [2008.04.25 05:06:44 | 000,014,336 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) >
< DRV - [2008.04.14 00:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE) >
< DRV - [2007.03.27 18:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) >
< DRV - [2007.02.02 21:03:24 | 001,975,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) >
< DRV - [2006.11.10 15:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) >
< DRV - [2006.08.15 06:09:48 | 000,083,200 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) >
< DRV - [2006.07.01 23:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) >
< DRV - [2005.12.01 11:49:22 | 000,023,600 | ---- | M] (Licensed for Gebhard Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drhard.sys -- (drhard) >
< DRV - [2004.12.08 19:16:30 | 000,038,468 | ---- | M] (Alcor Micro Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Sunkfilt.sys -- (SunkFilt) >
< DRV - [2004.08.13 19:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) >
< >
< >
< ========== Standard Registry (SafeList) ========== >
Invalid Switch: color]
< >
< >
< ========== Internet Explorer ========== >
Invalid Switch: color]
< >
< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm >
< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com >
Invalid Switch: home.sweetim.com
< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.live.com/sphome.aspx >
Invalid Switch: sphome.aspx
< >
< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.live.com/sphome.aspx >
Invalid Switch: sphome.aspx
< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.live.com >
Invalid Switch: search.live.com
< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=15421 >
Invalid Switch: ?l=dis&o=15421
< IE - HKCU\..\URLSearchHook: - No CLSID value found >
< IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com) >
< IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.) >
< IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) >
< IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 >
< >
< ========== FireFox ========== >
Invalid Switch: color]
< >
< FF - prefs.js..browser.search.defaultengine: "Ask.com" >
< FF - prefs.js..browser.search.defaultenginename: "Ask.com" >
< FF - prefs.js..browser.search.defaultthis.engineName: "IMVU Inc Customized Web Search" >
< FF - prefs.js..browser.search.defaulturl: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q=" >
< FF - prefs.js..browser.search.order.1: "Ask.com" >
< FF - prefs.js..browser.search.selectedEngine: "Google" >
< FF - prefs.js..browser.search.useDBForOrder: true >
< FF - prefs.js..browser.startup.homepage: "hxxp://de.ask.com/?l=dis&o=15421" >
< FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" >
< >
< FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () >
Invalid Switch: FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
< FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: C:\Programme\FunWebProducts\Installr\2.bin\NPFunWeb.dll File not found >
Invalid Switch: Plugin: C:\Programme\FunWebProducts\Installr\2.bin\NPFunWeb.dll File not found
< FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) >
Invalid Switch: WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
< FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) >
Invalid Switch: Google Update;version=3: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
< FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) >
Invalid Switch: Google Update;version=9: C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
< FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) >
< FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) >
Invalid Switch: UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
< >
< FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.12.07 15:19:19 | 000,000,000 | ---D | M] >
< FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.11.11 07:39:03 | 000,000,000 | ---D | M] >
< >
< [2010.11.07 17:17:57 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Extensions >
< [2011.12.19 13:47:55 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Firefox\Profiles\0she221w.default\extensions >
< [2011.12.19 13:36:30 | 000,002,253 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Firefox\Profiles\0she221w.default\searchplugins\askcom.xml >
< [2010.11.21 17:06:58 | 000,001,819 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Firefox\Profiles\0she221w.default\searchplugins\bing.xml >
< [2011.09.27 13:13:36 | 000,000,919 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Firefox\Profiles\0she221w.default\searchplugins\conduit.xml >
< [2011.12.19 13:36:27 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Firefox\Profiles\0she221w.default\searchplugins\icqplugin-1.xml >
< [2011.12.17 19:20:12 | 000,001,056 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Firefox\Profiles\0she221w.default\searchplugins\icqplugin.xml >
< [2010.11.11 18:19:49 | 000,003,915 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Mozilla\Firefox\Profiles\0she221w.default\searchplugins\sweetim.xml >
< [2011.11.08 10:58:07 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions >
< [2010.11.11 22:57:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION >
< [2011.06.25 16:59:40 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml >
< [2011.06.25 16:59:40 | 000,002,344 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml >
< [2011.06.25 16:59:40 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml >
< [2011.06.25 16:59:40 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml >
< [2011.06.25 16:59:40 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml >
< >
< ========== Chrome ========== >
Invalid Switch: color]
< >
< CHR - default_search_provider: Google (Enabled) >
< CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} >
< CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} >
< CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ >
< CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ >
< CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ >
< >
< O1 HOSTS File: ([2008.04.14 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts >
< O1 - Hosts: 127.0.0.1 localhost >
< O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) >
< O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) >
< O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. >
< O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) >
< O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) >
< O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.) >
< O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com) >
< O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) >
< O3 - HKLM\..\Toolbar: (ICQToolbar) - {00000000-0000-0000-0000-000000000000} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) >
< O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.) >
< O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.) >
< O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask.com) >
< O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) >
< O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\prxtbsof0.dll (Conduit Ltd.) >
< O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) >
< O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) >
< O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) >
< O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) >
< O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) >
< O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation) >
< O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe () >
< O4 - HKLM..\Run: [Nokia FastStart] "C:\Programme\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart File not found >
< O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe () >
< O4 - HKLM..\Run: [Sunkist2k] C:\Programme\Multimedia Card Reader\shwicon2k.exe (Alcor Micro, Corp.) >
< O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) >
< O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe () >
< O4 - HKCU..\Run: [ICQ] ~"C:\Programme\ICQ7.0\ICQ.exe" silent loginmode=4 File not found >
< O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AVer HID Receiver.lnk = C:\Programme\Gemeinsame Dateien\AVerMedia\AVerQuick\AVerHIDReceiver.exe () >
< O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AVerQuick.lnk = C:\Programme\Gemeinsame Dateien\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) >
< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 >
< O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 >
< O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.) >
< O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.) >
< O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) >
< O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) >
< O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Dokumente und Einstellungen\Sunnyx3\Startmenü\Programme\IMVU\Run IMVU.lnk File not found >
< O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) >
Invalid Switch: swflash.cab (Shockwave Flash Object)
< O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 >
< O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B3731E7F-5994-44CD-AD33-03DA025C1AED}: DhcpNameServer = 192.168.2.1 >
< O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) >
< O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) >
< O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) >
< O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) >
< O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation) >
< O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) >
< O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) >
< O24 - Desktop Components:0 () - hxxp://theme.webme.com/designs/flash/images/rightlabel.jpg >
Invalid Switch: rightlabel.jpg
< O24 - Desktop Components:1 (Die derzeitige Homepage) - About:Home >
< O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp >
< O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp >
< O32 - HKLM CDRom: AutoRun - 1 >
< O32 - AutoRun File - [2010.11.07 13:36:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] >
< O34 - HKLM BootExecute: (autocheck autochk *) >
< O35 - HKLM\..comfile [open] -- "%1" %* >
< O35 - HKLM\..exefile [open] -- "%1" %* >
< O37 - HKLM\...com [@ = comfile] -- "%1" %* >
< O37 - HKLM\...exe [@ = exefile] -- "%1" %* >
< >
< ========== Files/Folders - Created Within 30 Days ========== >
Invalid Switch: color]
< >
< [2011.12.19 21:56:22 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\OTL.exe >
< [2011.12.19 15:08:14 | 000,000,000 | ---D | C] -- C:\Programme\ESET >
< [2011.12.19 15:06:53 | 002,322,184 | ---- | C] (ESET) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\esetsmartinstaller_enu.exe >
< [2011.12.19 12:45:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Nero >
< [2011.12.19 12:43:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nero >
< [2011.12.19 12:43:04 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Nero >
< [2011.12.19 12:42:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Nero >
< [2011.12.19 12:42:55 | 000,000,000 | ---D | C] -- C:\Programme\Nero >
< [2011.12.19 12:38:16 | 000,000,000 | ---D | C] -- C:\Programme\Ask.com >
< [2011.12.19 12:34:36 | 032,747,816 | ---- | C] (Nero AG) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\Nero_BurnLite-10.0.10600.exe >
< [2011.12.18 22:31:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sunnyx3\Anwendungsdaten\Malwarebytes >
< [2011.12.18 22:31:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware >
< [2011.12.18 22:31:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes >
< [2011.12.18 22:31:00 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys >
< [2011.12.18 22:31:00 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware >
< [2011.12.18 22:28:25 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\mbam-setup-1.51.2.1300.exe >
< [2011.12.17 19:33:24 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Sunnyx3\Recent >
< [2011.12.17 19:26:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Google >
< [2011.12.17 19:22:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner >
< [2011.12.17 19:22:01 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner >
< [2011.12.17 19:21:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome >
< [2011.12.17 19:21:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Google >
< [2011.12.17 19:20:57 | 000,000,000 | ---D | C] -- C:\Programme\Google >
< [2011.12.17 19:20:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\Google >
< [2011.12.17 19:20:17 | 003,552,208 | ---- | C] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\ccsetup313.exe >
< [2011.12.17 13:24:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\Verschiedene ORDNER >
< [2011.11.26 08:54:15 | 001,413,866 | ---- | C] (My Company) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\BEI_ANRUF_BOHLEN_reloaded.exe >
< [2011.01.22 19:41:06 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll >
< [2011.01.22 19:41:06 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll >
< [2007.03.12 11:41:52 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll >
< [2005.11.23 12:55:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll >
< [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] >
< [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] >
< >
< ========== Files - Modified Within 30 Days ========== >
Invalid Switch: color]
< >
< [2011.12.19 22:01:00 | 000,000,230 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job >
< [2011.12.19 21:56:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\OTL.exe >
< [2011.12.19 21:31:15 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job >
< [2011.12.19 19:32:29 | 000,013,696 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl >
< [2011.12.19 19:32:29 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job >
< [2011.12.19 19:32:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat >
< [2011.12.19 16:23:35 | 000,053,534 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\1pIHr.jpg >
< [2011.12.19 15:06:54 | 002,322,184 | ---- | M] (ESET) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\esetsmartinstaller_enu.exe >
< [2011.12.19 13:30:31 | 000,002,441 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nero BurnLite 10.lnk >
< [2011.12.19 13:26:45 | 000,025,088 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini >
< [2011.12.19 12:34:47 | 032,747,816 | ---- | M] (Nero AG) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\Nero_BurnLite-10.0.10600.exe >
< [2011.12.18 23:04:43 | 002,359,350 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\sreenshot von anti malware.bmp >
< [2011.12.18 22:31:05 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk >
< [2011.12.18 22:28:35 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\mbam-setup-1.51.2.1300.exe >
< [2011.12.18 17:09:03 | 000,001,801 | ---- | M] () -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\Avira Free Antivirus Profil Suche nach Rootkits und aktiver Malware.LNK >
< [2011.12.17 19:22:02 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk >
< [2011.12.17 19:21:59 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk >
< [2011.12.17 19:20:18 | 003,552,208 | ---- | M] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\ccsetup313.exe >
< [2011.12.15 16:23:56 | 000,099,048 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT >
< [2011.12.08 20:28:13 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys >
< [2011.11.26 08:54:16 | 001,413,866 | ---- | M] (My Company) -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\BEI_ANRUF_BOHLEN_reloaded.exe >
< [2011.11.23 15:40:13 | 001,859,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys >
< [2011.11.23 15:40:13 | 001,859,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys >
< [6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] >
< [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] >
< >
< ========== Files Created - No Company Name ========== >
Invalid Switch: color]
< >
< [2011.12.19 16:23:35 | 000,053,534 | ---- | C] () -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\1pIHr.jpg >
< [2011.12.19 12:43:22 | 000,002,441 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Nero BurnLite 10.lnk >
< [2011.12.19 12:38:20 | 000,000,230 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job >
< [2011.12.18 23:04:43 | 002,359,350 | ---- | C] () -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\sreenshot von anti malware.bmp >
< [2011.12.18 22:31:05 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk >
< [2011.12.18 17:09:02 | 000,001,801 | ---- | C] () -- C:\Dokumente und Einstellungen\Sunnyx3\Desktop\Avira Free Antivirus Profil Suche nach Rootkits und aktiver Malware.LNK >
< [2011.12.17 19:22:02 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk >
< [2011.12.17 19:21:59 | 000,001,777 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk >
< [2011.12.17 19:21:25 | 000,001,092 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job >
< [2011.12.17 19:21:25 | 000,001,088 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job >
< [2011.05.13 06:47:46 | 000,076,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV84.sys >
< [2011.05.13 06:46:34 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\jesterss.dll >
< [2011.01.22 19:41:20 | 000,270,336 | ---- | C] () -- C:\WINDOWS\tsnpstd3.exe >
< [2011.01.17 15:03:07 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll >
< [2011.01.17 14:58:54 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\AVerIO.dll >
< [2011.01.17 14:58:54 | 000,003,456 | R--- | C] () -- C:\WINDOWS\System32\AVerIO.sys >
< [2011.01.17 14:58:01 | 000,598,016 | R--- | C] () -- C:\WINDOWS\System32\sptlib21.dll >
< [2011.01.17 14:58:01 | 000,307,200 | R--- | C] () -- C:\WINDOWS\System32\sptlib01.dll >
< [2011.01.17 14:58:01 | 000,294,912 | R--- | C] () -- C:\WINDOWS\System32\sptlib11.dll >
< [2011.01.17 14:58:01 | 000,290,816 | R--- | C] () -- C:\WINDOWS\System32\sptlib22.dll >
< [2011.01.17 14:58:01 | 000,249,856 | R--- | C] () -- C:\WINDOWS\System32\sptlib03.dll >
< [2011.01.17 14:58:01 | 000,225,280 | R--- | C] () -- C:\WINDOWS\System32\sptlib02.dll >
< [2011.01.17 14:58:01 | 000,135,168 | R--- | C] () -- C:\WINDOWS\System32\sptlib12.dll >
< [2011.01.12 17:46:30 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat >
< [2011.01.05 21:27:41 | 000,025,088 | ---- | C] () -- C:\Dokumente und Einstellungen\Sunnyx3\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini >
< [2011.01.04 18:54:12 | 000,020,480 | ---- | C] () -- C:\WINDOWS\FixCamera.exe >
< [2010.12.13 21:30:39 | 000,072,112 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat >
< [2010.11.14 19:21:55 | 000,023,837 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini >
< [2010.11.10 12:39:34 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe >
< [2010.11.08 19:01:18 | 000,000,816 | ---- | C] () -- C:\WINDOWS\ATICIM.INI >
< [2010.11.08 14:31:36 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat >
< [2010.11.07 17:17:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat >
< [2010.11.07 13:47:58 | 000,024,227 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini >
< [2010.11.07 13:47:31 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys >
< [2010.11.07 13:47:21 | 000,012,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS >
< [2010.11.07 13:38:55 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat >
< [2010.11.07 13:33:40 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat >
< [2010.11.07 13:27:36 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI >
< [2010.11.07 13:26:20 | 000,099,048 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT >
< [2008.04.14 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat >
< [2008.04.14 13:00:00 | 000,449,236 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat >
< [2008.04.14 13:00:00 | 000,432,928 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat >
< [2008.04.14 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat >
< [2008.04.14 13:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat >
< [2008.04.14 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat >
< [2008.04.14 13:00:00 | 000,080,544 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat >
< [2008.04.14 13:00:00 | 000,067,884 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat >
< [2008.04.14 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin >
< [2008.04.14 13:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat >
< [2008.04.14 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat >
< [2008.04.14 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat >
< [2008.04.14 13:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin >
< [2008.04.14 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat >
< [2007.02.03 03:40:10 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat >
< [2007.01.31 00:21:34 | 000,128,813 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat >
< [2006.09.19 09:07:28 | 000,827,392 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe >
< [2004.02.27 16:36:18 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini >
< [2002.05.28 18:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin >
< [2002.05.28 18:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat >
< >
< < End of report >
--- --- ---
--- --- ---
>
< End of report > |
