| |
| |||||||
Log-Analyse und Auswertung: Bka virus eingefangen... otl logfile mit otlpnet erstelltWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
12.06.2011, 16:38
| #1 |
 |  Bka virus eingefangen... otl logfile mit otlpnet erstellt Hallo, ich habe mir den bka virus eingefangen und kann nun nichtmehr auf mein system zugreifen... ich habe es schon mit den rescue systemen von avira und kaspersky versucht aber da war leider nichts zu machen. ich kann momentan über knoppix oder otlpnet per cd auf mein system zugreifen allerdings kann ich dort dann auch nicht viel machen weil ich dem linux nicht mächtig bin  ich habe natürlich dann gleich otl nach anleitung scannen lassen und wende mich nun hoffnungsvoll mit meinem logfile an euch, in der hoffnung dass ich mein system nicht neu aufsetzen muss...  Code:
ATTFilter OTL logfile created on: 6/12/2011 6:08:50 PM - Run
OTLPE by OldTimer - Version 3.1.46.0 Folder = X:\Programs\OTLPE
64bit-Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149.05 Gb Total Space | 5.40 Gb Free Space | 3.62% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 5.88 Gb Free Space | 3.95% Space Free | Partition Type: NTFS
Drive E: | 136.35 Gb Total Space | 1.70 Gb Free Space | 1.25% Space Free | Partition Type: NTFS
Drive F: | 149.04 Gb Total Space | 3.52 Gb Free Space | 2.36% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/02/04 07:10:20 | 000,341,296 | ---- | M] (Nitro PDF Software) [Auto] -- C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe -- (NitroReaderDriverReadSpool)
SRV:64bit: - [2010/10/17 18:43:02 | 000,099,048 | ---- | M] (SANDBOXIE L.T.D) [Auto] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2010/10/14 11:16:56 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/05/06 05:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 03:08:40 | 000,094,208 | ---- | M] () [Auto] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV:64bit: - [2007/08/03 15:24:54 | 000,125,496 | ---- | M] () [Auto] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2011/06/03 12:21:28 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/05/17 19:45:57 | 003,275,864 | ---- | M] () [Auto] -- C:\Program Files (x86)\Common Files\Akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011/04/15 05:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/02/06 11:36:19 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/11/24 16:33:26 | 000,921,600 | ---- | M] () [Auto] -- C:\ProgramData\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 08:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/21 09:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/13 11:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/06 19:57:18 | 000,072,248 | ---- | M] () [Auto] -- C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe -- (WBVGAservice)
SRV - [2008/11/11 04:38:06 | 000,620,544 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/08/13 23:59:52 | 000,100,920 | ---- | M] () [Auto] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2008/03/31 05:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007/01/04 14:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/03/14 11:52:46 | 000,046,112 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2010/10/17 18:42:58 | 000,145,512 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2010/07/09 08:19:04 | 000,021,480 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto] -- C:\Windows\System32\drivers\cpuz134_x64.sys -- (cpuz134)
DRV:64bit: - [2010/04/16 02:33:36 | 000,050,176 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/03/30 21:58:04 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/18 05:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010/03/18 05:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/12/07 14:38:23 | 000,074,880 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009/11/11 16:15:44 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/10/01 13:04:54 | 001,307,648 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CM10664.sys -- (USBMULCD)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WpdUsb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/05 09:27:12 | 001,449,984 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/04/11 01:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2009/04/11 01:03:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/04/01 20:46:40 | 000,016,440 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2008/11/03 03:03:27 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2008/09/15 02:57:32 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2008/09/15 02:57:18 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2008/09/15 02:57:18 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2008/09/15 02:57:18 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2008/08/28 06:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008/08/21 02:39:13 | 000,017,464 | ---- | M] () [Kernel | Auto] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV:64bit: - [2008/08/21 00:18:39 | 001,836,800 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2008/05/02 01:59:47 | 000,166,912 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/02/15 21:27:18 | 000,062,976 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2008/01/24 01:24:23 | 000,060,928 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2007/10/17 00:54:20 | 000,015,872 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System] -- C:\Windows\System32\drivers\EIO64.sys -- (EIO64)
DRV:64bit: - [2007/08/08 04:31:16 | 000,034,336 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- C:\Windows\System32\drivers\scramby_out.sys -- (scramby_out)
DRV:64bit: - [2007/07/27 22:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2007/07/26 23:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2007/07/24 14:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV:64bit: - [2007/04/16 15:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV:64bit: - [2007/02/13 13:41:26 | 000,029,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- C:\Windows\System32\drivers\scramby.sys -- (scramby)
DRV:64bit: - [2006/10/27 09:01:07 | 000,013,680 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2006/10/03 21:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\Windows\System32\drivers\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Bulli_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Bulli_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Bulli_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 6B 59 9A 78 F2 CB 01 [binary data]
IE - HKU\Bulli_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Bulli_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
[2009/11/10 16:11:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bulli\AppData\Roaming\Mozilla\Extensions
[2011/06/03 13:44:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bulli\AppData\Roaming\Mozilla\Firefox\Profiles\voqaui9c.default\extensions
[2010/11/04 15:54:02 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Bulli\AppData\Roaming\Mozilla\Firefox\Profiles\voqaui9c.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/01/25 09:14:41 | 000,000,655 | ---- | M] () -- C:\Users\Bulli\AppData\Roaming\Mozilla\Firefox\Profiles\voqaui9c.default\searchplugins\guildwiki-de.xml
[2011/03/24 05:50:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/06/18 10:51:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/11 06:45:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/21 14:33:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/22 12:43:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/18 12:38:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\BULLI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VOQAUI9C.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
() (No name found) -- C:\USERS\BULLI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VOQAUI9C.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BULLI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VOQAUI9C.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
[2009/11/15 16:47:45 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/04/29 05:34:56 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/02/02 16:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/01/01 04:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml
[2010/01/01 04:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/01/01 04:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/01/01 04:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/01/01 04:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O3 - HKU\Bulli_ON_C\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Cm106Sound] C:\Windows\Syswow64\cm106.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDevAgt] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ADSMTray] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ChkMail] C:\Program Files\ChkMail\ChkMail\ChkMail.exe (ChkMail)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [iTunesHelper] File not found
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PowerForPhone] C:\Program Files (x86)\P4P\P4P.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Turbo Gear] C:\Program Files\ASUS\Turbo Gear\TurboGear.exe ()
O4 - HKLM..\Run: [Turbo Gear Help] C:\Program Files\ASUS\Turbo Gear\GearHelp.exe ()
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe ()
O4 - HKU\Bulli_ON_C..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\Bulli_ON_C..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\Bulli_ON_C..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\Bulli_ON_C..\Run: [UIWatcher] File not found
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\Bulli_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Bulli_ON_C Winlogon: Shell - (C:\Users\Bulli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZGM9Q2KD\readme[1].exe) - C:\Users\Bulli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZGM9Q2KD\readme[1].exe (iu)
O24 - Desktop WallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg
O24 - Desktop BackupWallPaper: C:\Windows\ASUS\wallpapers\ASUS.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/10/14 10:41:22 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{144bec39-de93-11de-bb91-002243cc3463}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{4fa1649b-8842-11df-af6b-002243cc3463}\Shell\AutoRun\command - "" = J:\pakhet.exe
O33 - MountPoints2\{4fa1649b-8842-11df-af6b-002243cc3463}\Shell\open\Command - "" = J:\pakhet.exe
O33 - MountPoints2\{d8a11cf0-0e8f-11e0-abae-002243cc3463}\Shell\AutoRun\command - "" = J:\Menu.exe
O33 - MountPoints2\{e9ecba20-cfa5-11de-a863-002243cc3463}\Shell - "" = AutoRun
O33 - MountPoints2\{e9ecba20-cfa5-11de-a863-002243cc3463}\Shell\AutoRun\command - "" = I:\Trials_2_Second_Edition_Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/06/10 16:50:24 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/05/28 20:36:52 | 000,000,000 | ---D | C] -- C:\Users\Bulli\AppData\Roaming\go
[2011/05/28 20:36:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO
[2011/05/23 14:06:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011/05/23 14:05:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/05/23 14:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011/05/16 09:10:57 | 000,000,000 | --SD | C] -- C:\Users\Bulli\Documents\Eigene Datenquellen
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/06/12 09:09:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/11 20:15:45 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/06/11 20:15:13 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2011/06/11 20:14:59 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/11 20:14:53 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/06/11 20:14:45 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/11 20:14:45 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/11 08:21:42 | 005,291,448 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/06/10 17:16:04 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/10 16:55:27 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011/06/10 16:55:27 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/10 16:55:27 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011/06/10 16:55:27 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/06/10 16:50:24 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/06/10 16:47:06 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/06/09 15:49:01 | 000,071,168 | ---- | M] () -- C:\Users\Bulli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/06 13:44:40 | 000,000,680 | ---- | M] () -- C:\Users\Bulli\AppData\Local\d3d9caps.dat
[2011/05/28 20:36:52 | 000,001,562 | ---- | M] () -- C:\Users\Bulli\Desktop\Spielen (EasyBits GO).lnk
[2011/05/23 14:05:44 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/05/23 14:05:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/05/28 20:36:52 | 000,001,592 | ---- | C] () -- C:\Users\Bulli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spielen (EasyBits GO).lnk
[2011/05/28 20:36:52 | 000,001,562 | ---- | C] () -- C:\Users\Bulli\Desktop\Spielen (EasyBits GO).lnk
[2011/05/23 14:05:44 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/12/24 12:01:39 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2010/12/17 08:41:07 | 000,002,508 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2010/09/30 18:27:52 | 000,000,680 | ---- | C] () -- C:\Users\Bulli\AppData\Local\d3d9caps.dat
[2010/09/07 16:54:08 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009/12/04 15:11:40 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/04 15:11:18 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/12/04 15:11:03 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/12/01 12:50:19 | 000,004,096 | -H-- | C] () -- C:\Users\Bulli\AppData\Local\keyfile3.drm
[2009/11/28 19:05:36 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009/11/14 12:30:02 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix106.dll
[2009/11/14 12:29:54 | 000,000,700 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2009/11/14 12:29:05 | 000,002,391 | ---- | C] () -- C:\Windows\Cm106.ini.cfg
[2009/11/14 12:29:05 | 000,000,132 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2009/11/13 13:08:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/11/13 12:56:40 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/11/13 11:27:37 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/11/10 16:25:56 | 000,071,168 | ---- | C] () -- C:\Users\Bulli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/10 16:21:36 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2009/09/17 00:05:24 | 000,000,024 | ---- | C] () -- C:\Windows\SysWow64\ChkMail.ini
[2009/09/16 23:57:06 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog.exe
[2009/09/16 23:51:56 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2009/09/16 23:51:56 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2009/09/16 22:38:46 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/09/16 22:37:00 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/04/08 13:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/12/19 02:42:28 | 000,000,518 | ---- | C] () -- C:\Windows\cm106.ini
[2008/11/07 21:08:20 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008/08/04 14:29:59 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2008/05/22 11:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2008/04/29 22:22:42 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 11:02:31 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2000/08/02 14:47:20 | 000,026,112 | ---- | C] () -- C:\Windows\RunUnDrv.exe
========== LOP Check ==========
[2011/04/12 15:07:32 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\.minecraft
[2010/09/07 17:45:23 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\10 Finger BreakOut
[2010/10/14 12:47:39 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Autodesk
[2011/04/05 10:27:13 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Camfrog
[2010/01/05 18:54:22 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2009/11/12 14:04:30 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\DAEMON Tools
[2009/11/11 16:43:24 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\DAEMON Tools Lite
[2011/05/13 09:25:54 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Downloaded Installations
[2010/11/04 15:54:01 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/01/11 10:42:22 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\FreeMoviesToDVD
[2011/06/10 16:48:34 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\go
[2009/11/18 15:12:23 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\InterVideo
[2010/04/04 16:48:06 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Leadertech
[2011/01/14 21:23:57 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Local
[2010/09/07 16:58:12 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\MAGIX
[2011/05/13 09:27:36 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Nitro PDF
[2009/11/10 14:39:50 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Nokia
[2010/10/14 09:07:17 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Nseries
[2009/11/10 16:08:21 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\PC Suite
[2011/04/30 13:25:11 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Power Sound Editor Free
[2010/03/15 12:47:44 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\ScreenSeven
[2009/11/10 16:21:39 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Shark007
[2011/05/03 19:07:50 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\SteelBytes
[2010/04/13 13:25:21 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\Super-Cow
[2011/05/04 14:28:02 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\TeamViewer
[2010/01/31 14:56:03 | 000,000,000 | ---D | M] -- C:\Users\Bulli\AppData\Roaming\TS3Client
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/01/22 19:43:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Ashampoo
[2010/02/27 12:40:20 | 000,000,000 | ---D | M] -- C:\ProgramData\ASUS
[2011/04/09 09:51:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Autodesk
[2010/07/09 07:02:54 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2009/11/11 16:15:07 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2011/06/10 17:28:34 | 000,000,000 | ---D | M] -- C:\ProgramData\Easybits GO
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2010/05/13 10:29:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Insight Software
[2010/05/13 10:29:50 | 000,000,000 | ---D | M] -- C:\ProgramData\Insight Software Solutions
[2010/02/22 14:03:29 | 000,000,000 | ---D | M] -- C:\ProgramData\InterVideo
[2011/04/09 10:20:24 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2011/05/13 09:26:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Nitro PDF
[2009/11/10 16:08:09 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2011/04/03 10:30:36 | 000,000,000 | ---D | M] -- C:\ProgramData\RapidSolution
[2011/02/06 12:37:45 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1986-12.com.adobe
[2009/11/10 16:21:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Shark007
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2011/04/26 09:28:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Temp
[2006/11/02 11:42:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2010/04/04 20:47:04 | 000,000,000 | ---D | M] -- C:\ProgramData\TrackMania
[2010/12/10 13:08:35 | 000,000,000 | ---D | M] -- C:\ProgramData\TVersity
[2009/11/30 13:01:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Ubisoft
[2010/05/23 10:10:18 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/06/11 20:15:45 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2009/12/09 07:50:53 | 000,000,000 | ---D | M](C:\Users\Bulli\Documents\??? ????) -- C:\Users\Bulli\Documents\Мои игры
[2009/12/09 07:50:53 | 000,000,000 | ---D | C](C:\Users\Bulli\Documents\??? ????) -- C:\Users\Bulli\Documents\Мои игры
========== Alternate Data Streams ==========
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:E8BE05FA
< End of report >
Gruß, Bulli |
| Themen zu Bka virus eingefangen... otl logfile mit otlpnet erstellt |
| akamai, alternate, antivir, avira, bho, bka virus, bonjour, c:\windows\system32\rundll32.exe, defender, desktop, error, firefox, format, gfnexsrv.exe, home, kaspersky, langs, launch, logfile, mozilla, neu aufsetzen, oldtimer, plug-in, realtek, reatogo, registry, rundll, scan, sched.exe, searchplugins, security, server, shark, shell32.dll, software, spielen, sptd.sys, start menu, system, syswow64, virus, vista, wallpapers |
Baum-Darstellung