Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Potential Malware Issue

Started by ldeecke , Jan 12 2011 04:49 PM

  • Please log in to reply

#1
ldeecke
Posted 12 January 2011 - 04:49 PM

ldeecke

    Member

  • Member
  • PipPip
  • 21 posts
Hello again,

nine months ago I received some great help in these forums, thanks again for that.
I return with a different issue, that might be due to Malware. Since one week, tasks are running slow, video files stutter etc.
I've obviously been running MBAM and S S&D, however, no infection was found by them. Considering this, I am not sure whether these problems are due to soft- or hardware.

Here goes the OTL.txt:

(Best regards,
Lucas)

---------------------------

OTL.txt

OTL logfile created on: 12.01.2011 23:32:20 - Run 3
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Dokumente und Einstellungen\Lucas Deecke\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1.022,00 Mb Total Physical Memory | 581,00 Mb Available Physical Memory | 57,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 67,28 Gb Total Space | 34,21 Gb Free Space | 50,84% Space Free | Partition Type: NTFS
Drive D: | 3,66 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 698,64 Gb Total Space | 538,80 Gb Free Space | 77,12% Space Free | Partition Type: NTFS

Computer Name: LDEECKE | User Name: Lucas Deecke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.01.12 23:31:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lucas Deecke\Desktop\OTL.exe
PRC - [2010.09.12 22:46:14 | 004,653,568 | ---- | M] (Proxy Switcher) -- C:\Programme\Proxy Switcher Standard\ProxySwitcher.exe
PRC - [2010.09.07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.05.14 11:44:46 | 000,248,552 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.04.12 09:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Programme\PowerISO\PWRISOVM.EXE
PRC - [2009.05.29 12:41:26 | 000,144,712 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009.03.29 10:30:38 | 002,058,240 | ---- | M] () -- C:\Programme\FeedReader30\feedreader.exe
PRC - [2007.08.09 08:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2007.06.13 14:21:45 | 001,036,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.08.18 09:33:26 | 001,933,312 | ---- | M] () -- C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe
PRC - [2005.06.27 18:30:06 | 000,360,448 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Programme\Samsung\MagicKBD\MagicKBD.exe
PRC - [2005.05.28 07:35:56 | 000,036,864 | R--- | M] () -- C:\Programme\Samsung\Samsung Network Manager\SNMWLANService.exe
PRC - [2005.01.28 15:35:58 | 000,434,176 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\SetPoint\SetPoint.exe
PRC - [2004.12.10 13:45:26 | 000,049,152 | ---- | M] (Logitech Inc.) -- C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
PRC - [2004.07.27 12:48:04 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2002.09.20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (SafeList) ==========

MOD - [2011.01.12 23:31:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lucas Deecke\Desktop\OTL.exe
MOD - [2006.08.25 16:46:44 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2005.01.28 15:34:04 | 000,057,344 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\SetPoint\lgscroll.dll
MOD - [2005.01.28 15:31:34 | 000,045,056 | ---- | M] () -- C:\Programme\Logitech\SetPoint\gamehook.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.09.07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.09.02 20:07:24 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2009.05.29 12:41:26 | 000,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2007.10.25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007.08.09 08:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006.10.29 14:53:32 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2005.05.28 07:35:56 | 000,036,864 | R--- | M] () [Auto | Running] -- C:\Programme\samsung\Samsung Network Manager\SNMWLANService.exe -- (SNM WLAN Service)
SRV - [2005.04.04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2002.12.17 16:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002.12.17 16:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
SRV - [2002.09.20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\LUCASD~1\Desktop\WLANEX~1\PCANDIS5.SYS -- (PCANDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [File_System | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\Lbd.sys -- (Lbd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\GTNDIS5.SYS -- (GTNDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\BCM42RLY.SYS -- (BCM42RLY)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\a4djusb.sys -- (a4djusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\a4djavs.sys -- (a4djavs)
DRV - [2010.11.21 14:36:42 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.09.07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 15:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 15:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.09.02 20:07:24 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
DRV - [2010.08.03 15:25:28 | 000,026,112 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tapoas.sys -- (tapoas)
DRV - [2010.04.12 09:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010.02.11 13:01:43 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.11.28 14:34:56 | 000,035,840 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf_devolo.sys -- (NPF_devolo) NetGroup Packet Filter Driver (devolo)
DRV - [2007.12.05 06:26:40 | 002,782,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.06.18 15:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007.02.08 13:51:16 | 002,209,408 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2006.11.20 19:15:35 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2006.11.20 19:15:35 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2006.05.17 10:03:24 | 000,044,544 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005.07.13 10:58:18 | 000,463,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005.06.08 15:58:10 | 000,017,792 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WOWFilter.sys -- (wowfilter)
DRV - [2005.04.18 21:21:08 | 000,027,136 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\risdptsk.sys -- (risdptsk)
DRV - [2005.03.04 04:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005.02.02 03:58:58 | 000,191,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004.12.10 13:48:46 | 000,024,704 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKe)
DRV - [2004.12.10 13:48:40 | 000,068,992 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2004.12.10 13:48:18 | 000,036,480 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
DRV - [2004.12.10 13:47:58 | 000,013,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2004.12.06 14:51:10 | 000,051,328 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\rimsptsk.sys -- (rimsptsk)
DRV - [2004.12.05 20:57:14 | 000,307,456 | ---- | M] (REDC) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\rixdptsk.sys -- (rismxdp)
DRV - [2004.11.23 21:29:40 | 000,325,344 | ---- | M] (Audiotrack) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Maya44.sys -- (MAYA44)
DRV - [2004.11.23 21:27:16 | 000,023,360 | ---- | M] (usb-audio.de) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pgusbmm3.sys -- (pgusbmme)
DRV - [2004.08.04 13:00:00 | 000,012,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2004.08.04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)
DRV - [2004.05.18 06:43:58 | 000,043,512 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\RITCPT.SYS -- (RITCPT)
DRV - [2004.05.18 06:43:54 | 000,005,088 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\FBAPI.sys -- (FBAPI)
DRV - [2002.07.17 09:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)
DRV - [2000.08.23 17:19:38 | 000,004,300 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\MEMIO.SYS -- (DOSMEMIO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 172.16.254.13:3128

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.38
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.73
FF - prefs.js..network.proxy.ftp: "200.78.117.242"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "200.78.117.242"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "200.78.117.242"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.socks: "200.78.117.242"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "200.78.117.242"
FF - prefs.js..network.proxy.ssl_port: 3128


FF - HKLM\software\mozilla\K-Meleon\Extensions\\Plugins: C:\Programme\K-Meleon\Plugins [2011.01.12 20:12:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\K-Meleon\Extensions\\Components: C:\Programme\K-Meleon\Components [2010.09.25 13:28:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Programme\Mozilla Sunbird\components [2010.10.12 09:17:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Programme\Mozilla Sunbird\plugins [2009.01.28 19:04:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2010.08.17 16:26:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins [2009.11.29 16:01:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\thunderbird\extensions\\[email protected]: C:\Programme\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2010.10.12 09:51:07 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Extensions
[2010.01.29 19:34:01 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.10.12 09:51:07 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2010.10.10 15:12:06 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Extensions\net.openvpn.client
[2011.01.11 18:49:23 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Firefox\Profiles\uji55t96.default\extensions
[2010.01.28 14:56:59 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Firefox\Profiles\uji55t96.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2010.04.14 18:31:01 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Firefox\Profiles\uji55t96.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2010.08.19 17:03:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Firefox\Profiles\uji55t96.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.11.30 13:46:14 | 000,000,000 | ---D | M] (PDF Download) -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Firefox\Profiles\uji55t96.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2010.08.31 19:09:03 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Firefox\Profiles\uji55t96.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2010.07.01 13:54:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Firefox\Profiles\uji55t96.default\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2010.08.19 17:03:19 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Firefox\Profiles\uji55t96.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.09.16 18:47:18 | 000,000,000 | ---D | M] ("BitDefender QuickScan") -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Firefox\Profiles\uji55t96.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010.04.14 18:30:58 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Firefox\Profiles\uji55t96.default\extensions\[email protected]
[2009.03.30 18:38:54 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Firefox\Profiles\uji55t96.default\extensions\[email protected]
[2007.07.25 14:22:12 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Sunbird\Profiles\a161j38o.default\extensions
[2008.08.20 12:07:23 | 000,001,660 | ---- | M] () -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Firefox\Profiles\uji55t96.default\searchplugins\leo-deu-eng.xml
[2008.08.19 17:16:10 | 000,001,141 | ---- | M] () -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Firefox\Profiles\uji55t96.default\searchplugins\wikipedia-de.xml
[2008.09.09 23:00:59 | 000,001,334 | ---- | M] () -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Mozilla\Firefox\Profiles\uji55t96.default\searchplugins\wiktionary-de.xml
[2010.09.25 13:27:53 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2004.08.04 15:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Programme\Mozilla Firefox\plugins\msvcp60.dll
[2006.10.26 22:13:26 | 000,049,152 | ---- | M] (BitTorrent, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npbittorrent.dll
[2005.12.22 19:14:00 | 000,245,830 | ---- | M] (C Systems - Creative Software Solutions since 1996) -- C:\Programme\Mozilla Firefox\plugins\npUMediaPlayer.dll
[2007.03.10 00:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Mozilla Firefox\plugins\npyaxmpb.dll

O1 HOSTS File: ([2011.01.12 22:53:27 | 000,427,930 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 14760 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {B42824CE-A805-3B37-BF74-C19B93CF24C7} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O4 - HKLM..\Run: [AtiPTA] C:\WINDOWS\System32\atiptaxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BatteryManager] C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe ()
O4 - HKLM..\Run: [Logitech Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
O4 - HKLM..\Run: [MagicKeyboard] C:\Programme\Samsung\MagicKBD\PreMKbd.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Programme\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [RestoreIT!] C:\Programme\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE (FarStone Tech. Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [PSwitch] C:\Programme\Proxy Switcher Standard\ProxySwitcher.exe (Proxy Switcher)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\Lucas Deecke\Startmenü\Programme\Autostart\Adobe Gamma.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &download by arles download manager - C:\Dokumente und Einstellungen\Lucas Deecke\Lokale Einstellungen\Anwendungsdaten\Ariel Download Manager\ADM.htm ()
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\Partypoker\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\Partypoker\PartyPoker\RunApp.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programme\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} http://pdl.stream.ao.../ampx_en_dl.cab (IWinAmpActiveX Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.254.13 134.2.200.1 134.2.200.2
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\atiextevent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Lucas Deecke\Desktop\Eigene Dateien\Fotos\kunst\ernstmax.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Lucas Deecke\Desktop\Eigene Dateien\Fotos\kunst\ernstmax.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.08.30 09:33:11 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{ce39a4b4-ab5f-11df-b3d8-0000f07f2e4d}\Shell\AutoRun\command - "" = F:\Menu.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.01.12 20:23:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.01.12 20:20:11 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Lucas Deecke\Recent
[2011.01.12 20:14:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Spybot - Search & Destroy
[2011.01.11 18:54:08 | 000,000,000 | ---D | C] -- C:\Downloads
[2011.01.11 18:25:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2011.01.11 18:21:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\JDownloader
[2011.01.11 18:20:56 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader
[2011.01.10 16:54:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lucas Deecke\Startmenü\Programme\Microsoft Bootvis
[2011.01.10 16:54:33 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Bootvis
[2011.01.10 16:30:34 | 000,025,992 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2011.01.10 14:51:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Smart Defrag
[2011.01.10 14:51:29 | 000,000,000 | ---D | C] -- C:\Programme\IObit
[2011.01.09 20:08:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lucas Deecke\Startmenü\Programme\Haali Media Splitter
[2011.01.09 20:08:02 | 000,000,000 | ---D | C] -- C:\Programme\Haali
[2011.01.09 20:07:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CoreCodec
[2011.01.09 20:07:34 | 000,000,000 | ---D | C] -- C:\Programme\CoreCodec
[2010.09.18 20:08:40 | 000,315,392 | ---- | C] ( ) -- C:\WINDOWS\System32\sbcrreag.dll

========== Files - Modified Within 30 Days ==========

[2011.01.12 23:31:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lucas Deecke\Desktop\OTL.exe
[2011.01.12 22:53:27 | 000,427,930 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.01.12 20:27:03 | 000,001,543 | ---- | M] () -- C:\WINDOWS\System32\Lucas Deecke_KBD.ini
[2011.01.12 20:26:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.12 20:26:36 | 1071,894,528 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.11 22:15:19 | 000,000,878 | ---- | M] () -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\coreavc.ini
[2011.01.10 17:15:04 | 000,477,042 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.01.10 17:15:04 | 000,459,010 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.01.10 17:15:04 | 000,092,560 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.01.10 17:15:04 | 000,079,182 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.01.10 16:30:34 | 000,025,992 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\pgdfgsvc.exe
[2011.01.10 14:51:40 | 000,000,382 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2011.01.10 13:42:14 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.01.09 20:25:21 | 000,216,576 | ---- | M] () -- C:\Dokumente und Einstellungen\Lucas Deecke\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.09 20:00:04 | 000,000,470 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011.01.08 18:59:21 | 000,395,640 | ---- | M] (BitTorrent, Inc.) -- C:\Dokumente und Einstellungen\Lucas Deecke\Desktop\utorrent.exe
[2011.01.08 13:17:07 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2011.01.10 14:51:40 | 000,000,382 | ---- | C] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2011.01.10 14:10:34 | 000,000,878 | ---- | C] () -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\coreavc.ini
[2010.10.06 11:48:24 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\PCProxyOff.ini
[2010.04.19 22:31:59 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.04.19 22:31:59 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.02.26 16:56:51 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.01.14 22:36:24 | 000,000,211 | ---- | C] () -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\AVSMediaPlayer.m3u
[2008.03.03 09:39:28 | 000,000,145 | ---- | C] () -- C:\Dokumente und Einstellungen\Lucas Deecke\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008.03.03 09:21:39 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2008.03.03 09:21:16 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2008.03.03 09:20:00 | 000,000,957 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2008.03.03 09:05:23 | 000,003,192 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hpzinstall.log
[2007.12.10 19:20:06 | 000,001,359 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2007.06.06 23:49:09 | 000,000,050 | ---- | C] () -- C:\WINDOWS\StreamRipper32.INI
[2007.06.06 23:41:33 | 000,000,357 | ---- | C] () -- C:\WINDOWS\sripper.ini
[2007.05.08 13:51:31 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\dvmsg.dll
[2007.04.20 23:48:44 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007.04.20 08:31:20 | 000,691,696 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007.04.19 11:03:56 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2007.04.19 11:03:56 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2007.02.08 14:31:20 | 000,001,413 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2007.02.08 14:26:33 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IsUser11b.dll
[2006.11.26 23:35:13 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI
[2006.11.20 19:15:35 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2006.11.20 19:15:35 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2006.10.25 22:44:18 | 000,216,576 | ---- | C] () -- C:\Dokumente und Einstellungen\Lucas Deecke\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.10.25 22:02:11 | 000,001,543 | ---- | C] () -- C:\WINDOWS\System32\Lucas Deecke_KBD.ini
[2006.05.11 10:26:37 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.03.31 22:00:35 | 000,000,011 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.ini
[2005.09.03 14:38:37 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005.08.30 18:19:29 | 000,000,638 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005.08.30 10:25:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005.08.30 09:44:34 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\MagicKBD.INI
[2005.08.30 09:44:32 | 000,003,425 | ---- | C] () -- C:\WINDOWS\System32\KBDR.INI
[2005.08.30 09:44:32 | 000,002,700 | ---- | C] () -- C:\WINDOWS\System32\KBDO.INI
[2005.08.30 09:44:32 | 000,002,596 | ---- | C] () -- C:\WINDOWS\System32\KBDD.INI
[2005.08.30 09:44:32 | 000,002,554 | ---- | C] () -- C:\WINDOWS\System32\KBDC.INI
[2005.08.30 09:44:32 | 000,002,461 | ---- | C] () -- C:\WINDOWS\System32\KBDB.INI
[2005.08.30 09:44:32 | 000,002,237 | ---- | C] () -- C:\WINDOWS\System32\KBDQ.INI
[2005.08.30 09:44:32 | 000,001,886 | ---- | C] () -- C:\WINDOWS\System32\KBDP.INI
[2005.08.30 09:44:32 | 000,001,820 | ---- | C] () -- C:\WINDOWS\System32\KBDN.INI
[2005.08.30 09:44:32 | 000,001,811 | ---- | C] () -- C:\WINDOWS\System32\KBDE.INI
[2005.08.30 09:44:32 | 000,001,690 | ---- | C] () -- C:\WINDOWS\System32\KBDA.INI
[2005.08.30 09:44:32 | 000,001,522 | ---- | C] () -- C:\WINDOWS\System32\KBDS.INI
[2005.08.30 09:44:32 | 000,001,332 | ---- | C] () -- C:\WINDOWS\System32\KBDF.INI
[2005.08.30 09:44:31 | 000,001,690 | ---- | C] () -- C:\WINDOWS\System32\KBDG.INI
[2005.08.30 09:44:26 | 000,043,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\RITCPT.SYS
[2005.08.30 09:44:16 | 000,005,088 | ---- | C] () -- C:\WINDOWS\System32\drivers\FBAPI.sys
[2005.08.30 09:43:12 | 000,004,300 | ---- | C] () -- C:\WINDOWS\System32\MEMIO.SYS
[2005.07.08 18:21:48 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\AVS3_Resource.dll
[2005.06.08 15:58:10 | 000,017,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWFilter.sys
[2005.06.08 15:58:08 | 000,035,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys
[2005.06.08 15:58:08 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2005.04.11 09:12:52 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ImageIODll.dll
[2005.04.11 09:12:50 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ImageAlbumSave.dll
[2005.02.26 12:33:04 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\AVSAudioWideStereoDMO.dll
[2001.07.07 03:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

========== LOP Check ==========

[2009.04.09 13:02:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ableton
[2010.04.19 22:30:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[2010.04.19 22:18:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Autorun Eater
[2010.11.21 14:36:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2010.01.05 15:26:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ESET
[2007.07.27 21:51:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HSETU
[2007.04.08 19:39:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Marginal Team
[2008.12.24 20:21:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Native Instruments
[2008.06.28 15:50:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2005.08.30 10:14:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung Electronics
[2008.11.15 10:15:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sony
[2006.12.04 16:05:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online DSL-Manager
[2009.12.23 11:49:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2007.11.01 15:44:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010.10.10 16:44:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WNR
[2009.03.22 00:44:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2009.07.08 11:13:56 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{2ED18044-7049-4E7A-A58D-4017348FCDB7}
[2008.12.24 20:24:37 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{3689B77C-90FA-4663-91AB-5AB34383CD81}
[2009.09.20 09:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009.04.07 10:49:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009.07.08 11:12:53 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{902029B2-957E-4066-85FA-30DA31731718}
[2009.04.09 13:50:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Ableton
[2009.03.25 15:07:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Acreon
[2006.11.06 18:13:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\BitTorrent
[2008.04.06 14:21:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\DAEMON Tools
[2010.11.21 14:41:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\DAEMON Tools Lite
[2009.09.29 14:46:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\dBpoweramp
[2010.10.10 16:51:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Feedreader
[2006.11.09 17:35:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\FlashFXP
[2010.03.03 17:36:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\GrabPro
[2010.10.21 15:53:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\gtk-2.0
[2010.08.22 12:54:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\IObit
[2010.10.09 17:56:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\iPodder
[2007.04.08 17:57:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\IrfanView
[2010.09.25 13:28:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\K-Meleon
[2006.11.20 00:36:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\MSNInstaller
[2009.02.09 06:44:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\OpenOffice.org
[2010.10.10 15:12:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\OpenVPN Technologies
[2010.03.30 15:16:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Opera
[2010.04.20 11:31:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Orbit
[2007.03.31 13:45:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Publish Providers
[2010.04.13 17:44:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\QuickScan
[2005.08.30 10:14:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Samsung Electronics
[2008.06.28 16:17:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Sony
[2007.03.31 13:28:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Sony Setup
[2008.04.06 15:43:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Sports Interactive
[2008.07.06 17:42:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Steinberg
[2010.10.21 16:02:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Sylpheed
[2008.06.20 22:45:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\temp
[2010.01.29 19:33:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Thunderbird
[2008.05.22 21:10:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\Tonium
[2007.11.01 15:41:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\TuneUp Software
[2011.01.12 19:47:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\uTorrent
[2010.10.10 16:44:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lucas Deecke\Anwendungsdaten\WNR
[2011.01.09 20:00:04 | 000,000,470 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.01.10 14:51:40 | 000,000,382 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 131 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
@Alternate Data Stream - 115 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2

< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP