| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: 2 Probleme: Automatisches Öffnen des IEs und Weiterleitung bei GoogleWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
26.07.2011, 19:20
| #1 |
 |  2 Probleme: Automatisches Öffnen des IEs und Weiterleitung bei Google Hey, ich habe 2 Probleme 1.) Es öffnet sich alle paar Minuten automatisch der Internet Explorer und es wird eine Fehlermeldung angezeigt,dass er nicht geöffnet werden kann. 2.) Wenn ich manche Seiten auf der Suchergebnisseite bei Google anklicke lande ich auf einer Spamseite bzw. werde zu einer weitergeleitet |
|
27.07.2011, 08:43
| #2 | ||||
| /// Helfer-Team    | 2 Probleme: Automatisches Öffnen des IEs und Weiterleitung bei Google Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Zitat:
Für Vista und Win7: Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! Zitat:
läuft unter XP, Vista mit (32Bit) und Windows 7 (32Bit) Achtung!: WENN GMER NICHT AUSGEFÜHRT WERDEN KANN ODER PROBMLEME VERURSACHT, fahre mit dem nächsten Punkt fort!- Es ist NICHT sinnvoll einen zweiten Versuch zu starten! Um einen tieferen Einblick in dein System, um eine mögliche Infektion mit einem Rootkit/Info v.wikipedia.org) aufzuspüren, werden wir ein Tool - Gmer - einsetzen :
** keine Verbindung zu einem Netzwerk und Internet - WLAN nicht vergessen Wenn der Scan beendet ist, bitte alle Programme und Tools wieder aktivieren! Anleitung:-> GMER - Rootkit Scanner 2. Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org
3. Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
3. → Lade Dir HJTscanlist.zip herunter → entpacke die Datei auf deinem Desktop → Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren → per Doppelklick starten → Wähle dein Betriebsystem aus - bei Win7 wähle Vista → Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen → Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren → Bitte kopiere den Inhalt hier in Deinen Thread. ** Falls es klappt auf einmal nicht, kannst den Text in mehrere Teile teilen und so posten 4. Bitte Versteckte - und Systemdateien sichtbar machen den Link hier anklicken: System-Dateien und -Ordner unter XP und Vista sichtbar machen Am Ende unserer Arbeit, kannst wieder rückgängig machen! 5. Ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool Ccleaner herunter → Download installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein Zitat:
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw grußkira
__________________ |
|
27.07.2011, 16:10
| #3 |
| | 2 Probleme: Automatisches Öffnen des IEs und Weiterleitung bei Google DER OTL-Scan:
__________________OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.07.2011 16:56:33 - Run 1 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Rapho\Downloads Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1,99 Gb Total Physical Memory | 0,42 Gb Available Physical Memory | 21,33% Memory free 4,21 Gb Paging File | 1,40 Gb Available in Paging File | 33,18% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 143,95 Gb Total Space | 48,04 Gb Free Space | 33,37% Space Free | Partition Type: NTFS Computer Name: RAPHO-PC | User Name: Rapho | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Rapho\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\Tobit Radio.fx\Client\rfx-client.exe (Tobit.Software) PRC - C:\Programme\Tobit Radio.fx\Server\rfx-server.exe () PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Lenovo\System Update\SUService.exe (Lenovo Group Limited) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software) PRC - C:\Windows\System32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.) PRC - C:\Programme\Lenovo\Message Center Plus\MCPLaunch.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\Lenovo\NPDIRECT\tpfnf7sp.exe (Lenovo Group Limited) PRC - C:\Programme\M-Audio\Xponent\MAUSBXPInst.exe (Avid Technology, Inc.) PRC - C:\Programme\Lenovo\Client Security Solution\tvtpwm_tray.exe (Lenovo Group Limited) PRC - C:\Programme\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) PRC - C:\Programme\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe (Lenovo) PRC - C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo) PRC - C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo) PRC - C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo) PRC - C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo) PRC - C:\Programme\Lenovo\PM Driver\PMHandler.exe (Lenovo) PRC - C:\Programme\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited) PRC - C:\Programme\Lenovo\HOTKEY\FnF5svc.exe (Lenovo.) PRC - C:\Programme\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Programme\Lenovo\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\Lenovo\PM Driver\PMSveH.exe (Lenovo) PRC - C:\Programme\Pure Networks\Network Magic\nmsrvc.exe (Pure Networks, Inc.) PRC - C:\Programme\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.) PRC - C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe () PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Windows\System32\IPSSVC.EXE (Lenovo Group Limited) PRC - C:\Programme\Lenovo Multimedia Center\PowerDVD\PDVDServ.exe (Cyberlink Corp.) PRC - C:\Programme\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation) PRC - C:\Programme\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation) PRC - C:\Programme\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\Programme\Lenovo\HOTKEY\TpWAudAp.exe () ========== Modules (SafeList) ========== MOD - C:\Users\Rapho\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) MOD - C:\Programme\Mindjet\MindManager 9\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (Radio.fx) -- C:\Programme\Tobit Radio.fx\Server\rfx-server.exe () SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (SUService) -- C:\Program Files\Lenovo\System Update\SUService.exe (Lenovo Group Limited) SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (MAudioXponentService) -- C:\Programme\M-Audio\Xponent\MAUSBXPInst.exe (Avid Technology, Inc.) SRV - (ThinkVantage Registry Monitor Service) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe (Lenovo Group Limited) SRV - (AcSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcSvc.exe (Lenovo) SRV - (AcPrfMgrSvc) -- C:\Programme\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe (Lenovo) SRV - (FNF5SVC) -- C:\Programme\Lenovo\HOTKEY\FnF5svc.exe (Lenovo.) SRV - (PMSveH) -- C:\Programme\Lenovo\PM Driver\PMSveH.exe (Lenovo) SRV - (nmservice) -- C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe (Pure Networks, Inc.) SRV - (nmraapache) -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe (Pure Networks, Inc.) SRV - (TPHKSVC) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe () SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (IPSSVC) -- C:\Windows\System32\IPSSVC.EXE (Lenovo Group Limited) SRV - (Diskeeper) -- C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (Diskeeper Corporation) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (psadd) -- C:\Windows\System32\drivers\psadd.sys (Lenovo (United States) Inc.) DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (MADFUXPONENT) -- C:\Windows\System32\drivers\MAudioXponent_DFU.sys (M-Audio) DRV - (MAUSBXPONENT) -- C:\Windows\System32\drivers\MAudioXponent.sys (Avid Technology, Inc.) DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation) DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation) DRV - (TVTI2C) -- C:\Windows\System32\drivers\tvti2c.sys (Lenovo (United States) Inc.) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel® Corporation) DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (PROCDD) -- C:\Windows\System32\drivers\PROCDD.SYS (Lenovo Group Limited) DRV - (lenovo.smi) -- C:\Windows\System32\drivers\smiif32.sys (Lenovo Group Limited) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.live.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/3000notebook [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/3000notebook [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.live.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.23 13:27:14 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.14 15:29:13 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{FCF36B88-1BBA-487f-B64B-D2E8980A9293}: C:\Program Files\Lenovo\Client Security Solution\PWM Firefox Extension [2011.04.09 15:53:18 | 000,000,000 | ---D | M] [2011.04.09 18:52:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rapho\AppData\Roaming\mozilla\Extensions [2011.07.18 00:02:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rapho\AppData\Roaming\mozilla\Firefox\Profiles\6wmvbu2m.default\extensions [2011.06.22 19:43:50 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Users\Rapho\AppData\Roaming\mozilla\Firefox\Profiles\6wmvbu2m.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66} [2011.07.06 18:52:42 | 000,000,000 | ---D | M] (Awesome screenshot: Capture and Annotate) -- C:\Users\Rapho\AppData\Roaming\mozilla\Firefox\Profiles\6wmvbu2m.default\extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack [2011.06.14 15:29:29 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.04.09 19:06:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.04.09 18:55:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.06.14 15:29:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- [2011.04.09 18:55:07 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011.06.14 15:29:29 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} () (No name found) -- C:\USERS\RAPHO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6WMVBU2M.DEFAULT\EXTENSIONS\{1F91CDE0-C040-11DA-A94D-0800200C9A66}.XPI () (No name found) -- C:\USERS\RAPHO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6WMVBU2M.DEFAULT\EXTENSIONS\{C0C9A2C7-2E5C-4447-BC53-97718BC91E1B}.XPI [2011.04.12 13:30:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2011.06.23 13:27:13 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Programme\Mindjet\MindManager 9\Mm8InternetExplorer.dll (Mindjet) O2 - BHO: (CPwmIEBrowserHelper Object) - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited) O4 - HKLM..\Run: [ACTray] C:\Programme\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo) O4 - HKLM..\Run: [ACWLIcon] C:\Programme\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] File not found O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [AwaySch] C:\Programme\Lenovo\AwayTask\AwaySch.EXE (Lenovo Group Limited) O4 - HKLM..\Run: [DiskeeperSystray] C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe (Diskeeper Corporation) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\Lenovo Multimedia Center\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LenovoOobeOffers] c:\SWTOOLS\LenovoWelcome\LenovoOobeOffers.exe (lenovo) O4 - HKLM..\Run: [LPManager] C:\Programme\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited) O4 - HKLM..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\M-AudioTaskBarIcon.exe (Avid Technology, Inc.) O4 - HKLM..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe () O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.) O4 - HKLM..\Run: [PMHandler] C:\Programme\Lenovo\PM Driver\PMHandler.exe (Lenovo) O4 - HKLM..\Run: [RemoteControl] C:\Program Files\Lenovo Multimedia Center\PowerDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TPFNF7] C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe (Lenovo Group Limited) O4 - HKLM..\Run: [TPWAUDAP] C:\Programme\Lenovo\HOTKEY\TpWAudAp.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [{A528D4C2-8D70-CF99-9E74-C495DA3E6BA0}] File not found O4 - HKCU..\Run: [4Y3Y0C3AZF7XXHYWMAFFXA] File not found O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [rfxsrvtray] C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rapho\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Programme\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited) O9 - Extra Button: An Mindjet MindManager senden - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Programme\Mindjet\MindManager 9\Mm8InternetExplorer.dll (Mindjet) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Programme\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Programme\Common Files\Pure Networks Shared\puresp3.dll (Pure Networks, Inc.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Rapho\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Rapho\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk /p \??\C:) - File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.07.26 19:35:51 | 000,000,000 | ---D | C] -- C:\Users\Rapho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2011.07.26 19:35:50 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2011.07.21 14:13:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.07.21 14:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2011.07.21 14:02:59 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2011.07.21 13:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2011.07.18 19:18:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon [2011.07.18 19:18:41 | 000,000,000 | ---D | C] -- C:\Program Files\No23 Recorder [2011.07.18 19:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No23 Recorder [2011.07.18 18:51:12 | 000,000,000 | ---D | C] -- C:\Users\Rapho\AppData\Roaming\Simfy [2011.07.18 18:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simfy [2011.07.18 18:51:05 | 000,000,000 | ---D | C] -- C:\Program Files\simfy [2011.07.16 13:44:07 | 000,000,000 | ---D | C] -- C:\Users\Rapho\AppData\Roaming\Ovvy [2011.07.16 13:44:07 | 000,000,000 | ---D | C] -- C:\Users\Rapho\AppData\Roaming\Aguhi [2011.07.13 22:23:33 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.07.13 22:23:30 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2011.07.13 22:23:30 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2011.07.12 11:20:54 | 000,178,536 | ---- | C] (Apple Inc.) -- C:\Windows\System32\dnssdX.dll [2011.07.12 11:20:54 | 000,083,816 | ---- | C] (Apple Inc.) -- C:\Windows\System32\dns-sd.exe [2011.07.12 11:20:54 | 000,073,064 | ---- | C] (Apple Inc.) -- C:\Windows\System32\dnssd.dll [2011.07.12 11:20:54 | 000,050,536 | ---- | C] (Apple Inc.) -- C:\Windows\System32\jdns_sd.dll [2011.07.09 17:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tobit.Software [2011.07.09 17:17:33 | 001,844,488 | ---- | C] (Tobit.Software) -- C:\Windows\RXSUnins.exe [2011.07.09 17:17:33 | 001,844,488 | ---- | C] (Tobit.Software) -- C:\Windows\RXCUnins.exe [2011.07.07 19:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2011.07.07 19:11:27 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2011.07.07 19:01:07 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll [2011.07.07 19:01:07 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2011.07.01 19:37:30 | 000,000,000 | ---D | C] -- C:\Users\Rapho\AppData\Roaming\Ugab [2011.07.01 19:37:30 | 000,000,000 | ---D | C] -- C:\Users\Rapho\AppData\Roaming\Ucef [2011.06.30 13:57:57 | 000,000,000 | ---D | C] -- C:\Users\Rapho\AppData\Roaming\Veavna [2011.06.30 13:57:57 | 000,000,000 | ---D | C] -- C:\Users\Rapho\AppData\Roaming\Acurpo [2011.06.29 19:54:41 | 020,535,942 | ---- | C] (MatchWare A/S) -- C:\Users\Rapho\Desktop\reco11.exe [2011.04.09 15:23:53 | 000,167,936 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll [2011.04.09 15:23:53 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll ========== Files - Modified Within 30 Days ========== [2011.07.27 16:39:19 | 013,540,959 | ---- | M] () -- C:\Users\Rapho\Desktop\Justin Vito & CJ Stone feat. Emine Bahar - On & On (Orginal Mix).mp3 [2011.07.27 15:23:56 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.07.27 15:23:56 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.07.27 15:23:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.07.26 20:37:46 | 011,725,897 | ---- | M] () -- C:\Users\Rapho\Desktop\sash_ft_jeanpearl_mirrormirror_ClubExtended.mp3 [2011.07.26 20:10:17 | 000,322,022 | ---- | M] () -- C:\Users\Rapho\AppData\Local\census.cache [2011.07.26 20:09:34 | 000,221,743 | ---- | M] () -- C:\Users\Rapho\AppData\Local\ars.cache [2011.07.26 19:53:14 | 000,000,036 | ---- | M] () -- C:\Users\Rapho\AppData\Local\housecall.guid.cache [2011.07.26 19:46:21 | 000,025,181 | ---- | M] () -- C:\Windows\System32\PROCDB.INI [2011.07.26 19:45:43 | 000,000,380 | ---- | M] () -- C:\Windows\System32\IPSCtrl.INI [2011.07.26 19:45:18 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys [2011.07.26 19:45:16 | 192,014,980 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011.07.26 19:42:50 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.dll [2011.07.26 19:42:21 | 000,017,408 | ---- | M] () -- C:\Windows\System32\rpcnetp.exe [2011.07.26 19:35:51 | 000,001,948 | ---- | M] () -- C:\Users\Rapho\Desktop\HiJackThis.lnk [2011.07.26 19:02:14 | 000,044,544 | ---- | M] (Absolute Software Corp.) -- C:\Windows\System32\agremove.exe [2011.07.23 18:12:30 | 013,165,864 | ---- | M] () -- C:\Users\Rapho\Desktop\Set-Fire-to-the-Rain-A-Stupid-Hole-Bootleg.mp3 [2011.07.23 14:25:00 | 000,042,083 | ---- | M] () -- C:\Users\Rapho\Desktop\IMG_0513.jpg [2011.07.22 19:04:24 | 013,030,003 | ---- | M] () -- C:\Users\Rapho\Desktop\ricobernasconi_and_beenieman_ft_akon_Girls_ClubMix.mp3 [2011.07.22 18:30:15 | 013,203,330 | ---- | M] () -- C:\Users\Rapho\Desktop\saknoel_LocaPeople_MaxFarenthideRemix.mp3 [2011.07.22 18:30:14 | 013,541,877 | ---- | M] () -- C:\Users\Rapho\Desktop\saknoel_LocaPeople_RicoBernasconiRemix.mp3 [2011.07.22 18:30:05 | 013,602,481 | ---- | M] () -- C:\Users\Rapho\Desktop\saknoel_LocaPeople_ExtendedMix_ExplicitVersion.mp3 [2011.07.22 17:33:41 | 013,639,594 | ---- | M] () -- C:\Users\Rapho\Desktop\taylordayne_flooronfire_TheThinRedMenClubMix.mp3 [2011.07.22 17:33:03 | 009,744,970 | ---- | M] () -- C:\Users\Rapho\Desktop\leonalewis-collide-cln.mp3 [2011.07.22 17:26:30 | 003,523,810 | ---- | M] () -- C:\Users\Rapho\Desktop\Seeed-Molotov.mp3 [2011.07.22 17:26:03 | 014,687,745 | ---- | M] () -- C:\Users\Rapho\Desktop\denizkoyu_tung_OriginalMix.mp3 [2011.07.22 17:23:13 | 000,720,173 | ---- | M] () -- C:\Users\Rapho\Desktop\110721_song_sommer.mp3 [2011.07.22 17:23:01 | 018,978,781 | ---- | M] () -- C:\Users\Rapho\Desktop\arnocost_lise_OriginalMix.mp3 [2011.07.22 17:17:04 | 016,986,626 | ---- | M] () -- C:\Users\Rapho\Desktop\jaykay_ft_florida_smokey_and_gitfresh_WhatTheGirlsLike_DimaroRemix.mp3 [2011.07.22 17:16:47 | 012,429,249 | ---- | M] () -- C:\Users\Rapho\Desktop\jaykay_ft_florida_smokey_and_gitfresh_WhatTheGirlsLike_DavidMayRemixExtended.mp3 [2011.07.22 17:16:30 | 011,224,390 | ---- | M] () -- C:\Users\Rapho\Desktop\jaykay_ft_florida_smokey_and_gitfresh_WhatTheGirlsLike_KylianMashRemix.mp3 [2011.07.22 16:17:35 | 017,041,161 | ---- | M] () -- C:\Users\Rapho\Desktop\scotty_sundown_SeanFinnRemix.mp3 [2011.07.22 16:17:17 | 015,101,815 | ---- | M] () -- C:\Users\Rapho\Desktop\scotty_sundown_ClubMix.mp3 [2011.07.22 13:27:55 | 021,073,936 | ---- | M] () -- C:\Users\Rapho\Documents\vlc-1.1.11-win32.exe [2011.07.21 19:06:28 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.07.21 19:06:28 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.07.21 19:06:28 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.07.21 19:06:27 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.07.21 18:58:45 | 015,236,702 | ---- | M] () -- C:\Users\Rapho\Desktop\taylordayne_flooronfire_JoeMartonExtendedVersion.mp3 [2011.07.21 15:40:12 | 001,148,795 | ---- | M] () -- C:\Users\Rapho\Desktop\Perso.jpg [2011.07.21 15:06:44 | 000,340,539 | ---- | M] () -- C:\Users\Rapho\Desktop\IMG_0513.PNG [2011.07.21 15:06:33 | 000,337,927 | ---- | M] () -- C:\Users\Rapho\Desktop\IMG_0512.PNG [2011.07.21 15:06:03 | 000,355,689 | ---- | M] () -- C:\Users\Rapho\Desktop\IMG_0511.PNG [2011.07.21 14:18:27 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk [2011.07.21 14:13:09 | 000,001,674 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.07.21 13:52:24 | 000,001,356 | ---- | M] () -- C:\Users\Rapho\AppData\Local\d3d9caps.dat [2011.07.19 15:58:01 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2011.07.18 19:18:44 | 000,000,940 | ---- | M] () -- C:\Users\Public\Desktop\No23 Recorder.lnk [2011.07.18 18:51:06 | 000,000,724 | ---- | M] () -- C:\Users\Public\Desktop\simfy.lnk [2011.07.15 20:37:54 | 059,434,010 | ---- | M] () -- C:\Users\Rapho\Desktop\monogamie.mp3 [2011.07.14 14:19:03 | 003,611,600 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.07.13 19:35:52 | 000,002,061 | ---- | M] () -- C:\Users\Rapho\Documents\Firefox Sync Key.html [2011.07.13 19:34:30 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2011.07.12 22:40:33 | 002,206,823 | ---- | M] () -- C:\Users\Rapho\Desktop\MTiIVzC8NsMF.128.mp3 [2011.07.12 22:38:13 | 004,832,861 | ---- | M] () -- C:\Users\Rapho\Desktop\EnERrJnhXFDu.128.mp3 [2011.07.12 22:36:36 | 005,038,497 | ---- | M] () -- C:\Users\Rapho\Desktop\nmRfKRu2NYrw.128.mp3 [2011.07.12 11:20:54 | 000,178,536 | ---- | M] (Apple Inc.) -- C:\Windows\System32\dnssdX.dll [2011.07.12 11:20:54 | 000,083,816 | ---- | M] (Apple Inc.) -- C:\Windows\System32\dns-sd.exe [2011.07.12 11:20:54 | 000,073,064 | ---- | M] (Apple Inc.) -- C:\Windows\System32\dnssd.dll [2011.07.12 11:20:54 | 000,050,536 | ---- | M] (Apple Inc.) -- C:\Windows\System32\jdns_sd.dll [2011.07.07 19:11:34 | 000,000,917 | ---- | M] () -- C:\Users\Rapho\Desktop\EVEREST Home Edition.lnk [2011.07.07 19:02:11 | 000,000,814 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.07.01 18:52:58 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2011.07.01 18:52:58 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2011.06.30 11:54:02 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2011.06.30 11:46:46 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2011.06.30 11:46:40 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll ========== Files Created - No Company Name ========== [2011.07.27 16:39:02 | 013,540,959 | ---- | C] () -- C:\Users\Rapho\Desktop\Justin Vito & CJ Stone feat. Emine Bahar - On & On (Orginal Mix).mp3 [2011.07.26 20:37:33 | 011,725,897 | ---- | C] () -- C:\Users\Rapho\Desktop\sash_ft_jeanpearl_mirrormirror_ClubExtended.mp3 [2011.07.26 20:10:17 | 000,322,022 | ---- | C] () -- C:\Users\Rapho\AppData\Local\census.cache [2011.07.26 20:09:34 | 000,221,743 | ---- | C] () -- C:\Users\Rapho\AppData\Local\ars.cache [2011.07.26 19:53:14 | 000,000,036 | ---- | C] () -- C:\Users\Rapho\AppData\Local\housecall.guid.cache [2011.07.26 19:42:50 | 000,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.dll [2011.07.26 19:42:20 | 000,017,408 | ---- | C] () -- C:\Windows\System32\rpcnetp.exe [2011.07.26 19:35:51 | 000,001,948 | ---- | C] () -- C:\Users\Rapho\Desktop\HiJackThis.lnk [2011.07.23 18:12:13 | 013,165,864 | ---- | C] () -- C:\Users\Rapho\Desktop\Set-Fire-to-the-Rain-A-Stupid-Hole-Bootleg.mp3 [2011.07.23 14:24:54 | 000,042,083 | ---- | C] () -- C:\Users\Rapho\Desktop\IMG_0513.jpg [2011.07.22 18:29:53 | 013,541,877 | ---- | C] () -- C:\Users\Rapho\Desktop\saknoel_LocaPeople_RicoBernasconiRemix.mp3 [2011.07.22 18:29:49 | 013,203,330 | ---- | C] () -- C:\Users\Rapho\Desktop\saknoel_LocaPeople_MaxFarenthideRemix.mp3 [2011.07.22 18:29:44 | 013,602,481 | ---- | C] () -- C:\Users\Rapho\Desktop\saknoel_LocaPeople_ExtendedMix_ExplicitVersion.mp3 [2011.07.22 18:22:27 | 013,030,003 | ---- | C] () -- C:\Users\Rapho\Desktop\ricobernasconi_and_beenieman_ft_akon_Girls_ClubMix.mp3 [2011.07.22 16:52:57 | 014,687,745 | ---- | C] () -- C:\Users\Rapho\Desktop\denizkoyu_tung_OriginalMix.mp3 [2011.07.22 16:16:24 | 017,041,161 | ---- | C] () -- C:\Users\Rapho\Desktop\scotty_sundown_SeanFinnRemix.mp3 [2011.07.22 16:16:13 | 015,101,815 | ---- | C] () -- C:\Users\Rapho\Desktop\scotty_sundown_ClubMix.mp3 [2011.07.22 14:14:07 | 000,720,173 | ---- | C] () -- C:\Users\Rapho\Desktop\110721_song_sommer.mp3 [2011.07.22 13:27:25 | 021,073,936 | ---- | C] () -- C:\Users\Rapho\Documents\vlc-1.1.11-win32.exe [2011.07.22 12:46:17 | 009,744,970 | ---- | C] () -- C:\Users\Rapho\Desktop\leonalewis-collide-cln.mp3 [2011.07.22 11:34:46 | 016,986,626 | ---- | C] () -- C:\Users\Rapho\Desktop\jaykay_ft_florida_smokey_and_gitfresh_WhatTheGirlsLike_DimaroRemix.mp3 [2011.07.22 11:33:55 | 011,224,390 | ---- | C] () -- C:\Users\Rapho\Desktop\jaykay_ft_florida_smokey_and_gitfresh_WhatTheGirlsLike_KylianMashRemix.mp3 [2011.07.22 11:33:43 | 012,429,249 | ---- | C] () -- C:\Users\Rapho\Desktop\jaykay_ft_florida_smokey_and_gitfresh_WhatTheGirlsLike_DavidMayRemixExtended.mp3 [2011.07.21 20:08:40 | 018,978,781 | ---- | C] () -- C:\Users\Rapho\Desktop\arnocost_lise_OriginalMix.mp3 [2011.07.21 19:35:59 | 192,014,980 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011.07.21 19:16:19 | 000,337,927 | ---- | C] () -- C:\Users\Rapho\Desktop\IMG_0512.PNG [2011.07.21 19:16:15 | 000,355,689 | ---- | C] () -- C:\Users\Rapho\Desktop\IMG_0511.PNG [2011.07.21 19:16:13 | 000,340,539 | ---- | C] () -- C:\Users\Rapho\Desktop\IMG_0513.PNG [2011.07.21 19:04:34 | 001,148,795 | ---- | C] () -- C:\Users\Rapho\Desktop\Perso.jpg [2011.07.21 18:58:22 | 013,639,594 | ---- | C] () -- C:\Users\Rapho\Desktop\taylordayne_flooronfire_TheThinRedMenClubMix.mp3 [2011.07.21 18:58:16 | 015,236,702 | ---- | C] () -- C:\Users\Rapho\Desktop\taylordayne_flooronfire_JoeMartonExtendedVersion.mp3 [2011.07.21 14:18:27 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk [2011.07.21 14:13:09 | 000,001,674 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.07.18 19:18:44 | 000,000,940 | ---- | C] () -- C:\Users\Public\Desktop\No23 Recorder.lnk [2011.07.18 18:51:06 | 000,000,724 | ---- | C] () -- C:\Users\Public\Desktop\simfy.lnk [2011.07.15 20:30:44 | 059,434,010 | ---- | C] () -- C:\Users\Rapho\Desktop\monogamie.mp3 [2011.07.13 19:35:51 | 000,002,061 | ---- | C] () -- C:\Users\Rapho\Documents\Firefox Sync Key.html [2011.07.12 22:40:31 | 002,206,823 | ---- | C] () -- C:\Users\Rapho\Desktop\MTiIVzC8NsMF.128.mp3 [2011.07.12 22:38:09 | 004,832,861 | ---- | C] () -- C:\Users\Rapho\Desktop\EnERrJnhXFDu.128.mp3 [2011.07.12 22:36:29 | 005,038,497 | ---- | C] () -- C:\Users\Rapho\Desktop\nmRfKRu2NYrw.128.mp3 [2011.07.08 20:07:38 | 003,523,810 | ---- | C] () -- C:\Users\Rapho\Desktop\Seeed-Molotov.mp3 [2011.07.07 19:11:34 | 000,000,917 | ---- | C] () -- C:\Users\Rapho\Desktop\EVEREST Home Edition.lnk [2011.05.30 19:50:10 | 000,003,584 | ---- | C] () -- C:\Users\Rapho\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.05.16 22:32:34 | 000,000,136 | ---- | C] () -- C:\ProgramData\~32694008r [2011.05.16 22:32:34 | 000,000,112 | ---- | C] () -- C:\ProgramData\~32694008 [2011.05.16 22:32:18 | 000,000,384 | ---- | C] () -- C:\ProgramData\32694008 [2011.05.10 19:15:34 | 002,681,344 | ---- | C] () -- C:\Windows\System32\dvmsg.dll [2011.04.11 13:54:20 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011.04.11 13:54:20 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011.04.11 13:53:35 | 000,643,072 | ---- | C] () -- C:\Windows\System32\autochk.exe [2011.04.11 12:04:09 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2011.04.10 01:06:41 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2011.04.10 01:06:41 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2011.04.10 01:06:41 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2011.04.10 01:06:41 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2011.04.09 18:46:52 | 000,001,356 | ---- | C] () -- C:\Users\Rapho\AppData\Local\d3d9caps.dat [2011.04.09 15:39:25 | 002,115,816 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll [2011.04.09 15:32:11 | 000,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll [2011.04.09 15:32:11 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2011.04.09 15:32:11 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1268.dll [2011.04.09 15:30:05 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat [2011.04.09 15:28:23 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll [2011.04.09 15:23:53 | 009,598,080 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys [2011.04.09 15:23:53 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini [2011.04.09 15:20:06 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat [2007.08.16 12:28:38 | 000,025,181 | ---- | C] () -- C:\Windows\System32\PROCDB.INI [2007.08.16 12:28:27 | 000,000,380 | ---- | C] () -- C:\Windows\System32\IPSCtrl.INI [2007.03.29 12:42:38 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll [2006.12.05 07:26:43 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2006.11.02 14:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:44:53 | 003,611,600 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll < End of report > |
|
27.07.2011, 16:13
| #4 |
| | 2 Probleme: Automatisches Öffnen des IEs und Weiterleitung bei Google VON HJT-Scanlist Code:
ATTFilter
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Microsoft Windows [Version 6.0.6002]
C:
27.07.2011 15:58 C:\installer_service_log.txt --------- 637407
26.07.2011 22:36 C:\System Volume Information --------- 32768
C:\hiberfil.sys ---------
C:\pagefile.sys ---------
26.07.2011 19:45 C:\Windows --------- 49152
26.07.2011 19:35 C:\Program Files --------- 24576
25.07.2011 18:31 C:\Washer2.rar --------- 0
18.07.2011 19:24 C:\$Recycle.Bin --------- 0
18.07.2011 19:18 C:\ProgramData --------- 12288
17.05.2011 19:30 C:\rkill.log --------- 5079
14.04.2011 00:00 C:\Boot --------- 0
13.04.2011 03:05 C:\f95823599bd0fa9d83d7 --------- 0
12.04.2011 13:36 C:\293014b7f5066e81c6aa --------- 0
10.04.2011 00:59 C:\syslevel.lgl --------- 59
10.04.2011 00:59 C:\DRIVERS --------- 0
09.04.2011 19:03 C:\SWTOOLS --------- 8192
09.04.2011 18:48 C:\SWSHARE --------- 0
09.04.2011 18:46 C:\Users --------- 4096
09.04.2011 18:21 C:\Programme --------- 0
09.04.2011 18:21 C:\Dokumente und Einstellungen --------- 0
09.04.2011 15:40 C:\MyWorks --------- 0
09.04.2011 15:37 C:\Icons --------- 0
09.04.2011 15:30 C:\RHDSetup.log --------- 420
09.04.2011 15:28 C:\Intel --------- 0
09.04.2011 15:28 C:\setup.log --------- 86
15.10.2010 15:48 C:\Recycle.Bin --------- 0
11.04.2009 08:36 C:\bootmgr --------- 333257
06.02.2008 18:51 C:\BOOTSECT.BAK --------- 8192
21.01.2008 04:43 C:\PerfLogs --------- 0
02.11.2006 14:59 C:\Documents and Settings --------- 0
18.09.2006 23:43 C:\config.sys --------- 10
18.09.2006 23:43 C:\autoexec.bat --------- 24
----------------------------------------
C:\Windows
27.07.2011 15:23 C:\Windows\bootstat.dat --------- 67584
26.07.2011 22:37 C:\Windows\WindowsUpdate.log --------- 1655112
26.07.2011 19:45 C:\Windows\MEMORY.DMP --------- 192014980
22.07.2011 13:51 C:\Windows\wmsetup.log --------- 1007
19.07.2011 15:58 C:\Windows\bthservsdp.dat --------- 12
10.04.2011 01:12 C:\Windows\KB948881.LOG.bootstrap.perf --------- 65536
10.04.2011 01:12 C:\Windows\KB948881.LOG.bootstrap.dpx --------- 65536
10.04.2011 01:12 C:\Windows\KB948881.LOG.bootstrap --------- 196608
10.04.2011 01:12 C:\Windows\KB948881.LOG.perf --------- 196608
10.04.2011 01:12 C:\Windows\KB948881.LOG.dpx --------- 196608
10.04.2011 01:12 C:\Windows\KB948590.LOG.bootstrap.perf --------- 65536
10.04.2011 01:12 C:\Windows\KB948590.LOG.bootstrap.dpx --------- 65536
10.04.2011 01:12 C:\Windows\KB948590.LOG.bootstrap --------- 196608
10.04.2011 01:12 C:\Windows\KB948590.LOG.perf --------- 196608
10.04.2011 01:12 C:\Windows\KB948590.LOG.dpx --------- 196608
10.04.2011 01:11 C:\Windows\KB947864.LOG.bootstrap.perf --------- 65536
10.04.2011 01:11 C:\Windows\KB947864.LOG.bootstrap.dpx --------- 65536
10.04.2011 01:11 C:\Windows\KB947864.LOG.bootstrap --------- 196608
10.04.2011 01:11 C:\Windows\KB947864.LOG.perf --------- 196608
10.04.2011 01:11 C:\Windows\KB947864.LOG.dpx --------- 196608
10.04.2011 01:10 C:\Windows\KB941693.LOG.bootstrap.perf --------- 65536
10.04.2011 01:10 C:\Windows\KB941693.LOG.bootstrap.dpx --------- 65536
10.04.2011 01:10 C:\Windows\KB941693.LOG.bootstrap --------- 196608
10.04.2011 01:10 C:\Windows\KB941693.LOG.perf --------- 196608
10.04.2011 01:10 C:\Windows\KB941693.LOG.dpx --------- 196608
10.04.2011 01:10 C:\Windows\KB938371.LOG.bootstrap.perf --------- 65536
10.04.2011 01:10 C:\Windows\KB938371.LOG.bootstrap.dpx --------- 65536
10.04.2011 01:10 C:\Windows\KB938371.LOG.bootstrap --------- 196608
10.04.2011 01:10 C:\Windows\KB938371.LOG.perf --------- 196608
10.04.2011 01:10 C:\Windows\KB938371.LOG.dpx --------- 196608
10.04.2011 01:08 C:\Windows\KB937286de-de.LOG.bootstrap.perf --------- 65536
10.04.2011 01:08 C:\Windows\KB937286de-de.LOG.bootstrap.dpx --------- 65536
10.04.2011 01:08 C:\Windows\KB937286de-de.LOG.bootstrap --------- 196608
10.04.2011 01:08 C:\Windows\KB937286de-de.LOG.perf --------- 196608
10.04.2011 01:08 C:\Windows\KB937286de-de.LOG.dpx --------- 196608
10.04.2011 01:07 C:\Windows\KB905866.LOG.bootstrap.perf --------- 65536
10.04.2011 01:07 C:\Windows\KB905866.LOG.bootstrap.dpx --------- 65536
10.04.2011 01:07 C:\Windows\KB905866.LOG.bootstrap --------- 196608
10.04.2011 01:07 C:\Windows\KB905866.LOG.perf --------- 196608
10.04.2011 01:07 C:\Windows\KB905866.LOG.dpx --------- 196608
10.04.2011 01:07 C:\Windows\GRLP.LOG.bootstrap.perf --------- 65536
10.04.2011 01:07 C:\Windows\GRLP.LOG.bootstrap.dpx --------- 65536
10.04.2011 01:07 C:\Windows\GRLP.LOG.bootstrap --------- 196608
10.04.2011 01:07 C:\Windows\GRLP.LOG.perf --------- 196608
10.04.2011 01:07 C:\Windows\GRLP.LOG.dpx --------- 131072
09.04.2011 15:46 C:\Windows\ocsetup_install_OEMHelpCustomization.etl --------- 26083328
09.04.2011 15:46 C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.perf --------- 196608
09.04.2011 15:46 C:\Windows\ocsetup_cbs_install_OEMHelpCustomization.dpx --------- 65536
09.04.2011 15:30 C:\Windows\DIFxAPI.dll --------- 319456
09.04.2011 15:30 C:\Windows\HideWin.exe --------- 315392
09.04.2011 15:23 C:\Windows\win.ini --------- 202
09.12.2009 10:41 C:\Windows\RXSUnins.exe --------- 1844488
09.12.2009 10:41 C:\Windows\RXCUnins.exe --------- 1844488
11.04.2009 08:27 C:\Windows\explorer.exe --------- 2926592
21.01.2008 04:57 C:\Windows\WindowsShell.Manifest --------- 749
21.01.2008 04:34 C:\Windows\regedit.exe --------- 134656
21.01.2008 04:34 C:\Windows\bfsvc.exe --------- 58880
21.01.2008 04:34 C:\Windows\fveupdate.exe --------- 13312
21.01.2008 04:33 C:\Windows\HelpPane.exe --------- 498176
21.01.2008 04:33 C:\Windows\notepad.exe --------- 151040
29.03.2007 13:11 C:\Windows\BtwIEProxy.exe --------- 285488
23.03.2007 13:04 C:\Windows\RtHDVCpl.exe --------- 4423680
16.03.2007 09:06 C:\Windows\SkyTel.exe --------- 1822720
16.01.2007 04:39 C:\Windows\RtlUpd.exe --------- 1191936
12.01.2007 10:54 C:\Windows\RtlExUpd.dll --------- 520192
28.12.2006 19:48 C:\Windows\vsnp2uvc.exe --------- 569344
02.11.2006 14:34 C:\Windows\WMSysPr9.prx --------- 316640
02.11.2006 14:33 C:\Windows\twunk_16.exe --------- 49680
02.11.2006 14:33 C:\Windows\twain_32.dll --------- 50688
02.11.2006 14:33 C:\Windows\twunk_32.exe --------- 31232
02.11.2006 14:33 C:\Windows\twain.dll --------- 94784
02.11.2006 11:45 C:\Windows\winhlp32.exe --------- 9216
02.11.2006 11:45 C:\Windows\hh.exe --------- 14848
02.11.2006 09:46 C:\Windows\mib.bin --------- 43131
26.10.2006 06:08 C:\Windows\agrsmdel.exe --------- 50752
19.09.2006 13:41 C:\Windows\HomeBasic.xml --------- 8286
18.09.2006 23:46 C:\Windows\system.ini --------- 219
18.09.2006 23:43 C:\Windows\_default.pif --------- 707
18.09.2006 23:43 C:\Windows\winhelp.exe --------- 256192
18.09.2006 23:30 C:\Windows\msdfmap.ini --------- 1405
19.05.2006 11:53 C:\Windows\snp2uvc.src --------- 13022
19.05.2006 11:39 C:\Windows\snp2uvc.ini --------- 15497
11.12.2002 20:11 C:\Windows\WMPrfDEU.prx --------- 33820
----------------------------------------
C:\Windows\System
02.11.2006 14:33 C:\Windows\System\mciseq.drv --------- 25264
02.11.2006 14:33 C:\Windows\System\mciwave.drv --------- 28160
02.11.2006 14:33 C:\Windows\System\avifile.dll --------- 109456
02.11.2006 14:33 C:\Windows\System\mciavi.drv --------- 73376
02.11.2006 14:33 C:\Windows\System\avicap.dll --------- 69584
02.11.2006 14:33 C:\Windows\System\msvideo.dll --------- 126912
02.11.2006 09:10 C:\Windows\System\OLESVR.DLL --------- 24064
02.11.2006 09:10 C:\Windows\System\WFWNET.DRV --------- 12704
02.11.2006 09:10 C:\Windows\System\COMMDLG.DLL --------- 32816
02.11.2006 09:10 C:\Windows\System\TIMER.DRV --------- 4048
02.11.2006 09:10 C:\Windows\System\MMSYSTEM.DLL --------- 68992
02.11.2006 09:10 C:\Windows\System\mmtask.tsk --------- 1152
02.11.2006 09:10 C:\Windows\System\mouse.drv --------- 2032
02.11.2006 09:10 C:\Windows\System\vga.drv --------- 2176
02.11.2006 09:10 C:\Windows\System\sound.drv --------- 1744
02.11.2006 09:10 C:\Windows\System\keyboard.drv --------- 2000
02.11.2006 09:10 C:\Windows\System\SHELL.DLL --------- 5120
02.11.2006 09:10 C:\Windows\System\system.drv --------- 3360
18.09.2006 23:43 C:\Windows\System\ver.dll --------- 9008
18.09.2006 23:43 C:\Windows\System\olecli.dll --------- 82944
18.09.2006 23:43 C:\Windows\System\lzexpand.dll --------- 9936
18.09.2006 23:35 C:\Windows\System\stdole.tlb --------- 5532
----------------------------------------
C:\Windows\System32
27.07.2011 15:23 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3616
27.07.2011 15:23 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3616
26.07.2011 20:20 C:\Windows\system32\drivers --------- 65536
26.07.2011 19:46 C:\Windows\system32\PROCDB.INI --------- 25181
26.07.2011 19:45 C:\Windows\system32\IPSCtrl.INI --------- 380
26.07.2011 19:42 C:\Windows\system32\rpcnetp.dll --------- 17408
26.07.2011 19:42 C:\Windows\system32\rpcnetp.exe --------- 17408
26.07.2011 19:02 C:\Windows\system32\agremove.exe --------- 44544
22.07.2011 13:50 C:\Windows\system32\Tasks --------- 0
21.07.2011 19:06 C:\Windows\system32\perfh009.dat --------- 595996
21.07.2011 19:06 C:\Windows\system32\perfc009.dat --------- 104070
21.07.2011 19:06 C:\Windows\system32\perfh007.dat --------- 628742
21.07.2011 19:06 C:\Windows\system32\perfc007.dat --------- 126454
21.07.2011 19:06 C:\Windows\system32\PerfStringBackup.INI --------- 1445310
14.07.2011 14:19 C:\Windows\system32\catroot --------- 4096
14.07.2011 14:19 C:\Windows\system32\FNTCACHE.DAT --------- 3611600
14.07.2011 14:15 C:\Windows\system32\catroot2 --------- 4096
14.07.2011 03:02 C:\Windows\system32\mrt.exe --------- 49089992
13.07.2011 19:34 C:\Windows\system32\FlashPlayerCPLApp.cpl --------- 404640
12.07.2011 11:20 C:\Windows\system32\jdns_sd.dll --------- 50536
12.07.2011 11:20 C:\Windows\system32\dnssd.dll --------- 73064
12.07.2011 11:20 C:\Windows\system32\dnssdX.dll --------- 178536
12.07.2011 11:20 C:\Windows\system32\dns-sd.exe --------- 83816
01.07.2011 18:20 C:\Windows\system32\LogFiles --------- 0
30.06.2011 11:54 C:\Windows\system32\TURegOpt.exe --------- 31552
30.06.2011 11:46 C:\Windows\system32\authuitu.dll --------- 21312
30.06.2011 11:46 C:\Windows\system32\uxtuneup.dll --------- 29504
16.06.2011 18:31 C:\Windows\system32\WDI --------- 4096
15.06.2011 15:42 C:\Windows\system32\gdiplus.dll --------- 1700352
14.06.2011 15:29 C:\Windows\system32\jupdate-1.6.0_26-b03.log --------- 3886
02.06.2011 15:34 C:\Windows\system32\win32k.sys --------- 2043392
24.05.2011 19:14 C:\Windows\system32\MpSigStub.exe --------- 222080
22.05.2011 23:40 C:\Windows\system32\de-DE --------- 196608
22.05.2011 23:40 C:\Windows\system32\migration --------- 0
22.05.2011 23:40 C:\Windows\system32\wbem --------- 61440
22.05.2011 23:40 C:\Windows\system32\en-US --------- 221184
21.05.2011 18:09 C:\Windows\system32\icrav03.rat --------- 8798
21.05.2011 18:09 C:\Windows\system32\ticrf.rat --------- 1988
21.05.2011 18:09 C:\Windows\system32\msls31.dll --------- 161792
21.05.2011 18:09 C:\Windows\system32\wininet.dll --------- 1126912
21.05.2011 18:09 C:\Windows\system32\jsproxy.dll --------- 65024
21.05.2011 18:09 C:\Windows\system32\msrating.dll --------- 162304
21.05.2011 18:09 C:\Windows\system32\RegisterIEPKEYs.exe --------- 74752
21.05.2011 18:09 C:\Windows\system32\SetIEInstalledDate.exe --------- 76800
21.05.2011 18:09 C:\Windows\system32\mshtmler.dll --------- 48640
21.05.2011 18:09 C:\Windows\system32\iesysprep.dll --------- 86528
21.05.2011 18:09 C:\Windows\system32\tdc.ocx --------- 63488
21.05.2011 18:09 C:\Windows\system32\html.iec --------- 367104
21.05.2011 18:09 C:\Windows\system32\dxtrans.dll --------- 223232
21.05.2011 18:09 C:\Windows\system32\dxtmsft.dll --------- 353792
21.05.2011 18:09 C:\Windows\system32\ieapfltr.dat --------- 3695416
21.05.2011 18:09 C:\Windows\system32\ieapfltr.dll --------- 434176
21.05.2011 18:09 C:\Windows\system32\icardie.dll --------- 66048
21.05.2011 18:09 C:\Windows\system32\ie4uinit.exe --------- 74240
21.05.2011 18:09 C:\Windows\system32\iernonce.dll --------- 31744
21.05.2011 18:09 C:\Windows\system32\ieuinit.inf --------- 72822
21.05.2011 18:09 C:\Windows\system32\iesetup.dll --------- 74752
21.05.2011 18:09 C:\Windows\system32\url.dll --------- 231936
21.05.2011 18:09 C:\Windows\system32\iedkcs32.dll --------- 353584
21.05.2011 18:09 C:\Windows\system32\inetcpl.cpl --------- 1427456
21.05.2011 18:09 C:\Windows\system32\webcheck.dll --------- 203776
21.05.2011 18:09 C:\Windows\system32\licmgr10.dll --------- 23552
21.05.2011 18:09 C:\Windows\system32\inseng.dll --------- 78848
21.05.2011 18:09 C:\Windows\system32\wextract.exe --------- 152064
21.05.2011 18:09 C:\Windows\system32\iexpress.exe --------- 150528
21.05.2011 18:09 C:\Windows\system32\msfeeds.dll --------- 580608
21.05.2011 18:09 C:\Windows\system32\vbscript.dll --------- 420864
21.05.2011 18:09 C:\Windows\system32\ieUnatt.exe --------- 142848
21.05.2011 18:09 C:\Windows\system32\occache.dll --------- 123392
21.05.2011 18:09 C:\Windows\system32\pngfilt.dll --------- 54272
21.05.2011 18:09 C:\Windows\system32\mshta.exe --------- 11776
21.05.2011 18:09 C:\Windows\system32\admparse.dll --------- 101888
21.05.2011 18:09 C:\Windows\system32\ieaksie.dll --------- 227840
21.05.2011 18:09 C:\Windows\system32\ieakui.dll --------- 163840
21.05.2011 18:09 C:\Windows\system32\imgutil.dll --------- 35840
21.05.2011 18:09 C:\Windows\system32\advpack.dll --------- 114176
21.05.2011 18:09 C:\Windows\system32\iepeers.dll --------- 118784
21.05.2011 18:09 C:\Windows\system32\msfeedsbs.dll --------- 41472
21.05.2011 18:09 C:\Windows\system32\msfeedssync.exe --------- 10752
21.05.2011 18:09 C:\Windows\system32\IEAdvpack.dll --------- 110592
21.05.2011 18:09 C:\Windows\system32\ieakeng.dll --------- 130560
12.05.2011 21:16 C:\Windows\system32\NDF --------- 0
10.05.2011 08:06 C:\Windows\system32\usbaaplrc.dll --------- 4517664
04.05.2011 04:52 C:\Windows\system32\javaws.exe --------- 157472
04.05.2011 04:52 C:\Windows\system32\javaw.exe --------- 145184
04.05.2011 04:52 C:\Windows\system32\java.exe --------- 145184
04.05.2011 04:52 C:\Windows\system32\deployJava1.dll --------- 472808
02.05.2011 19:16 C:\Windows\system32\inetcomm.dll --------- 739328
29.04.2011 17:59 C:\Windows\system32\schannel.dll --------- 276992
23.04.2011 01:36 C:\Windows\system32\mshtml.dll --------- 12269056
23.04.2011 01:35 C:\Windows\system32\jscript9.dll --------- 1797632
23.04.2011 01:32 C:\Windows\system32\ieframe.dll --------- 9703936
23.04.2011 01:30 C:\Windows\system32\urlmon.dll --------- 1102336
23.04.2011 01:26 C:\Windows\system32\jscript.dll --------- 716800
23.04.2011 01:26 C:\Windows\system32\iertutil.dll --------- 1785344
23.04.2011 01:26 C:\Windows\system32\mshtmled.dll --------- 72704
23.04.2011 01:25 C:\Windows\system32\mshtml.tlb --------- 2382848
23.04.2011 01:24 C:\Windows\system32\ieui.dll --------- 176640
20.04.2011 17:55 C:\Windows\system32\winsrv.dll --------- 375808
20.04.2011 17:50 C:\Windows\system32\csrsrv.dll --------- 49152
----------------------------------------
C:\Windows\Prefetch
----------------------------------------
C:\Windows\Tasks
26.07.2011 19:45 C:\Windows\Tasks\SA.DAT --------- 6
19.07.2011 15:58 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32614
08.06.2011 13:24 C:\Windows\Tasks\At1.job --------- 508
----------------------------------------
C:\Windows\Temp
----------------------------------------
C:\Users\Rapho\AppData\Local\Temp
27.07.2011 17:06 C:\Users\Rapho\AppData\Local\Temp\~DF4527.tmp --------- 16384
27.07.2011 17:06 C:\Users\Rapho\AppData\Local\Temp\~DF3492.tmp --------- 16384
27.07.2011 16:57 C:\Users\Rapho\AppData\Local\Temp\plugtmp-4 --------- 0
27.07.2011 16:54 C:\Users\Rapho\AppData\Local\Temp\~DFC7F8.tmp --------- 16384
27.07.2011 15:59 C:\Users\Rapho\AppData\Local\Temp\etilqs_46uTYJ4Z51K926ATndSg-journal --------- 0
27.07.2011 15:59 C:\Users\Rapho\AppData\Local\Temp\etilqs_46uTYJ4Z51K926ATndSg --------- 1024
27.07.2011 15:59 C:\Users\Rapho\AppData\Local\Temp\wmplog01.sqm --------- 1646
26.07.2011 21:56 C:\Users\Rapho\AppData\Local\Temp\xprt4c68.ico --------- 4286
26.07.2011 21:56 C:\Users\Rapho\AppData\Local\Temp\xprt6bed.ico --------- 4286
26.07.2011 21:19 C:\Users\Rapho\AppData\Local\Temp\hsperfdata_Rapho --------- 0
26.07.2011 21:19 C:\Users\Rapho\AppData\Local\Temp\jusched.log --------- 4547
26.07.2011 20:10 C:\Users\Rapho\AppData\Local\Temp\HouseCall --------- 0
26.07.2011 19:54 C:\Users\Rapho\AppData\Local\Temp\HCLauncher.log --------- 8820
26.07.2011 19:54 C:\Users\Rapho\AppData\Local\Temp\HCBackup --------- 0
26.07.2011 19:47 C:\Users\Rapho\AppData\Local\Temp\WPDNSE --------- 0
26.07.2011 19:40 C:\Users\Rapho\AppData\Local\Temp\2aJhAPQf.exe.part --------- 1572864
26.07.2011 19:40 C:\Users\Rapho\AppData\Local\Temp\plugtmp-3 --------- 0
26.07.2011 19:39 C:\Users\Rapho\AppData\Local\Temp\fla36F5.tmp --------- 2134070
26.07.2011 19:37 C:\Users\Rapho\AppData\Local\Temp\~DF243D.tmp --------- 114688
25.07.2011 23:23 C:\Users\Rapho\AppData\Local\Temp\wmplog00.sqm --------- 1702
25.07.2011 18:44 C:\Users\Rapho\AppData\Local\Temp\plugtmp-2 --------- 0
25.07.2011 17:12 C:\Users\Rapho\AppData\Local\Temp\tmpcda44975 --------- 0
24.07.2011 19:52 C:\Users\Rapho\AppData\Local\Temp\svk1e.tmp --------- 0
23.07.2011 18:19 C:\Users\Rapho\AppData\Local\Temp\MPSampleSubmit --------- 0
23.07.2011 15:34 C:\Users\Rapho\AppData\Local\Temp\fla5C56.tmp --------- 3113771
23.07.2011 15:34 C:\Users\Rapho\AppData\Local\Temp\~DF9504.tmp --------- 0
23.07.2011 15:33 C:\Users\Rapho\AppData\Local\Temp\~DF7346.tmp --------- 16384
23.07.2011 15:30 C:\Users\Rapho\AppData\Local\Temp\fla3AC0.tmp --------- 12884138
23.07.2011 15:23 C:\Users\Rapho\AppData\Local\Temp\fla1BC7.tmp --------- 22726335
23.07.2011 14:05 C:\Users\Rapho\AppData\Local\Temp\flaAF40.tmp --------- 2050617
23.07.2011 12:05 C:\Users\Rapho\AppData\Local\Temp\plugtmp-1 --------- 0
22.07.2011 19:51 C:\Users\Rapho\AppData\Local\Temp\~DF1E07.tmp --------- 0
22.07.2011 19:49 C:\Users\Rapho\AppData\Local\Temp\~DF21A3.tmp --------- 0
22.07.2011 19:41 C:\Users\Rapho\AppData\Local\Temp\~DF6A18.tmp --------- 0
22.07.2011 19:04 C:\Users\Rapho\AppData\Local\Temp\tmp3B83.tmp --------- 0
22.07.2011 13:50 C:\Users\Rapho\AppData\Local\Temp\{2c4004ca-0ca2-4b16-96f1-a9fecebc305f} --------- 0
21.07.2011 20:15 C:\Users\Rapho\AppData\Local\Temp\BTN%Copy%1 --------- 0
21.07.2011 19:43 C:\Users\Rapho\AppData\Local\Temp\etilqs_DP2ECaEnvtXeqJ2vB8W7-journal --------- 0
21.07.2011 19:43 C:\Users\Rapho\AppData\Local\Temp\etilqs_DP2ECaEnvtXeqJ2vB8W7 --------- 1024
21.07.2011 19:34 C:\Users\Rapho\AppData\Local\Temp\xprt3040.ico --------- 4286
21.07.2011 19:34 C:\Users\Rapho\AppData\Local\Temp\xprt5ae8.ico --------- 4286
21.07.2011 19:33 C:\Users\Rapho\AppData\Local\Temp\xprt113d.ico --------- 4286
21.07.2011 19:33 C:\Users\Rapho\AppData\Local\Temp\xprt79f3.ico --------- 4286
21.07.2011 19:33 C:\Users\Rapho\AppData\Local\Temp\xprt501b.ico --------- 4286
21.07.2011 19:33 C:\Users\Rapho\AppData\Local\Temp\xprt7a70.ico --------- 4286
21.07.2011 19:32 C:\Users\Rapho\AppData\Local\Temp\xprt2575.ico --------- 4286
21.07.2011 19:32 C:\Users\Rapho\AppData\Local\Temp\xprt0fc5.ico --------- 4286
21.07.2011 19:32 C:\Users\Rapho\AppData\Local\Temp\xprt35af.ico --------- 4286
21.07.2011 19:32 C:\Users\Rapho\AppData\Local\Temp\xprt5257.ico --------- 4286
21.07.2011 19:32 C:\Users\Rapho\AppData\Local\Temp\xprt44d9.ico --------- 4286
21.07.2011 19:32 C:\Users\Rapho\AppData\Local\Temp\xprt080d.ico --------- 4286
21.07.2011 19:30 C:\Users\Rapho\AppData\Local\Temp\xprt0e11.ico --------- 4286
21.07.2011 19:28 C:\Users\Rapho\AppData\Local\Temp\xprt539a.ico --------- 4286
21.07.2011 19:27 C:\Users\Rapho\AppData\Local\Temp\~DFFDB2.tmp --------- 0
21.07.2011 19:15 C:\Users\Rapho\AppData\Local\Temp\xprt4f42.ico --------- 4286
21.07.2011 18:34 C:\Users\Rapho\AppData\Local\Temp\plugtmp --------- 0
21.07.2011 14:17 C:\Users\Rapho\AppData\Local\Temp\etilqs_UQxD8kl9vDfqNKC7BFKI-journal --------- 0
21.07.2011 14:17 C:\Users\Rapho\AppData\Local\Temp\etilqs_UQxD8kl9vDfqNKC7BFKI --------- 1024
21.07.2011 14:17 C:\Users\Rapho\AppData\Local\Temp\SetupAdmin16A0.log --------- 85
21.07.2011 14:07 C:\Users\Rapho\AppData\Local\Temp\QTInstallCode.log --------- 1875
21.07.2011 14:03 C:\Users\Rapho\AppData\Local\Temp\SetupAdmin1FF4.log --------- 85
21.07.2011 13:22 C:\Users\Rapho\AppData\Local\Temp\CC9379.tmp --------- 20570
21.07.2011 13:21 C:\Users\Rapho\AppData\Local\Temp\Low --------- 0
20.07.2011 23:44 C:\Users\Rapho\AppData\Local\Temp\~DF1667.tmp --------- 0
20.07.2011 23:42 C:\Users\Rapho\AppData\Local\Temp\~DFD876.tmp --------- 0
----------------------------------------
C:\Program Files
26.07.2011 19:35 C:\Program Files\Trend Micro --------- 0
21.07.2011 14:18 C:\Program Files\Safari --------- 4096
21.07.2011 14:13 C:\Program Files\iTunes --------- 8192
21.07.2011 14:11 C:\Program Files\iPod --------- 0
21.07.2011 14:03 C:\Program Files\Bonjour --------- 4096
21.07.2011 13:53 C:\Program Files\Apple Software Update --------- 0
20.07.2011 22:45 C:\Program Files\No23 Recorder --------- 0
18.07.2011 18:51 C:\Program Files\simfy --------- 4096
09.07.2011 17:17 C:\Program Files\Tobit Radio.fx --------- 4096
07.07.2011 19:11 C:\Program Files\Lavalys --------- 0
07.07.2011 19:02 C:\Program Files\CCleaner --------- 0
07.07.2011 19:00 C:\Program Files\TuneUp Utilities 2011 --------- 65536
01.07.2011 15:15 C:\Program Files\Lenovo --------- 4096
30.06.2011 18:44 C:\Program Files\ICQ7.5 --------- 16384
24.06.2011 18:21 C:\Program Files\Adobe --------- 4096
24.06.2011 18:14 C:\Program Files\Common Files --------- 4096
23.06.2011 13:27 C:\Program Files\Mozilla Firefox --------- 32768
19.06.2011 14:58 C:\Program Files\Spybot - Search & Destroy --------- 8192
17.06.2011 03:26 C:\Program Files\Microsoft Silverlight --------- 4096
17.06.2011 03:24 C:\Program Files\Internet Explorer --------- 4096
17.06.2011 03:02 C:\Program Files\Windows Mail --------- 4096
15.06.2011 15:51 C:\Program Files\ASIO4ALL v2 --------- 0
15.06.2011 15:51 C:\Program Files\VstPlugins --------- 0
15.06.2011 15:51 C:\Program Files\Image-Line --------- 4096
15.06.2011 15:50 C:\Program Files\Outsim --------- 0
14.06.2011 15:29 C:\Program Files\Java --------- 4096
04.06.2011 05:13 C:\Program Files\FileZilla FTP Client --------- 4096
02.06.2011 15:26 C:\Program Files\InstallShield Installation Information --------- 12288
31.05.2011 22:39 C:\Program Files\Windows Live Toolbar --------- 0
31.05.2011 22:37 C:\Program Files\DVDVideoSoft --------- 0
24.05.2011 14:49 C:\Program Files\Free M4a to MP3 Converter --------- 0
18.05.2011 17:16 C:\Program Files\GoldWave --------- 0
17.05.2011 22:11 C:\Program Files\Malwarebytes' Anti-Malware --------- 4096
13.05.2011 20:29 C:\Program Files\VideoLAN --------- 0
04.05.2011 21:32 C:\Program Files\Mindjet --------- 0
23.04.2011 03:01 C:\Program Files\Microsoft CAPICOM 2.1.0.2 --------- 0
17.04.2011 20:56 C:\Program Files\PokerStars.NET --------- 8192
16.04.2011 03:40 C:\Program Files\Windows Portable Devices --------- 0
14.04.2011 03:02 C:\Program Files\Microsoft.NET --------- 0
13.04.2011 23:53 C:\Program Files\Windows Calendar --------- 0
13.04.2011 23:53 C:\Program Files\Movie Maker --------- 0
13.04.2011 23:53 C:\Program Files\Windows Sidebar --------- 4096
13.04.2011 23:53 C:\Program Files\Windows Media Player --------- 4096
13.04.2011 23:53 C:\Program Files\Windows Collaboration --------- 4096
13.04.2011 23:53 C:\Program Files\Windows Photo Gallery --------- 4096
13.04.2011 23:53 C:\Program Files\Windows Defender --------- 4096
11.04.2011 10:31 C:\Program Files\MSXML 4.0 --------- 0
10.04.2011 15:18 C:\Program Files\QuickTime --------- 4096
09.04.2011 21:12 C:\Program Files\Audacity --------- 0
09.04.2011 20:14 C:\Program Files\Native Instruments --------- 0
09.04.2011 19:49 C:\Program Files\M-Audio --------- 0
09.04.2011 19:07 C:\Program Files\OpenOffice.org 3 --------- 4096
09.04.2011 19:02 C:\Program Files\Avira --------- 0
09.04.2011 19:01 C:\Program Files\WinRAR --------- 4096
09.04.2011 18:21 C:\Program Files\Gemeinsame Dateien --------- 0
09.04.2011 18:21 C:\Program Files\Windows NT --------- 4096
09.04.2011 15:52 C:\Program Files\Google --------- 0
09.04.2011 15:52 C:\Program Files\ThinkPad --------- 0
09.04.2011 15:52 C:\Program Files\PCDR5 --------- 0
09.04.2011 15:48 C:\Program Files\Pure Networks --------- 0
09.04.2011 15:47 C:\Program Files\ThinkVantage --------- 0
09.04.2011 15:42 C:\Program Files\Lenovo Multimedia Center --------- 4096
09.04.2011 15:42 C:\Program Files\CyberLink --------- 0
09.04.2011 15:39 C:\Program Files\Lenovo Registration --------- 0
09.04.2011 15:39 C:\Program Files\Diskeeper Corporation --------- 0
09.04.2011 15:31 C:\Program Files\Broadcom --------- 0
09.04.2011 15:30 C:\Program Files\Realtek --------- 0
09.04.2011 15:29 C:\Program Files\Intel --------- 0
09.04.2011 15:27 C:\Program Files\Synaptics --------- 0
21.01.2008 04:57 C:\Program Files\desktop.ini --------- 174
02.11.2006 14:58 C:\Program Files\Uninstall Information --------- 0
02.11.2006 14:35 C:\Program Files\Microsoft Games --------- 4096
02.11.2006 14:35 C:\Program Files\Reference Assemblies --------- 0
02.11.2006 14:35 C:\Program Files\MSBuild --------- 0
----------------------------------------
C:\ProgramData\..
Rapho
Default
desktop.ini
Default User
All Users
Public
----------------------------------------
C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
----------------------------------------
Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process 0 Services 0 12 K
System 4 Services 0 14.528 K
smss.exe 572 Services 0 524 K
csrss.exe 640 Services 0 3.876 K
csrss.exe 696 Console 1 8.444 K
wininit.exe 704 Services 0 3.076 K
services.exe 748 Services 0 6.824 K
lsass.exe 784 Services 0 2.232 K
lsm.exe 792 Services 0 3.148 K
winlogon.exe 880 Console 1 4.356 K
svchost.exe 980 Services 0 5.628 K
svchost.exe 1048 Services 0 5.620 K
svchost.exe 1088 Services 0 26.600 K
svchost.exe 1196 Services 0 11.072 K
svchost.exe 1276 Services 0 79.308 K
svchost.exe 1296 Services 0 58.920 K
audiodg.exe 1356 Services 0 16.148 K
svchost.exe 1380 Services 0 3.600 K
SLsvc.exe 1408 Services 0 3.632 K
svchost.exe 1456 Services 0 10.860 K
svchost.exe 1640 Services 0 12.324 K
spoolsv.exe 1832 Services 0 6.476 K
taskeng.exe 1840 Services 0 4.320 K
sched.exe 1864 Services 0 772 K
svchost.exe 1892 Services 0 12.848 K
IPSSVC.EXE 388 Services 0 2.684 K
AcPrfMgrSvc.exe 432 Services 0 4.948 K
agrsmsvc.exe 516 Services 0 2.008 K
avguard.exe 600 Services 0 22.124 K
AppleMobileDeviceService. 612 Services 0 6.296 K
avshadow.exe 656 Services 0 3.036 K
mDNSResponder.exe 1032 Services 0 3.304 K
svchost.exe 1344 Services 0 3.120 K
DkService.exe 1512 Services 0 11.956 K
FnF5svc.exe 1636 Services 0 1.316 K
IAANTmon.exe 220 Services 0 4.156 K
MAUSBXPInst.exe 2068 Services 0 3.300 K
PMSveH.exe 2196 Services 0 1.888 K
svchost.exe 2240 Services 0 4.632 K
rfx-server.exe 2260 Services 0 12.764 K
RichVideo.exe 2304 Services 0 3.084 K
svchost.exe 2324 Services 0 4.332 K
tvt_reg_monitor_svc.exe 2356 Services 0 2.776 K
TPHKSVC.exe 2368 Services 0 2.576 K
tvttcsd.exe 2428 Services 0 2.144 K
TuneUpUtilitiesService32. 2448 Services 0 13.204 K
tvtsched.exe 2464 Services 0 3.792 K
svchost.exe 2520 Services 0 2.640 K
SearchIndexer.exe 2544 Services 0 26.176 K
AcSvc.exe 2612 Services 0 6.820 K
nmsrvc.exe 2680 Services 0 5.328 K
SUService.exe 2780 Services 0 5.932 K
taskeng.exe 3860 Console 1 9.984 K
dwm.exe 3888 Console 1 58.104 K
SDWinSec.exe 3896 Services 0 7.024 K
TuneUpUtilitiesApp32.exe 3928 Console 1 7.960 K
explorer.exe 3972 Console 1 34.512 K
DkIcon.exe 788 Console 1 4.524 K
WmiPrvSE.exe 3132 Services 0 8.736 K
SvcGuiHlpr.exe 3536 Services 0 4.444 K
MSASCui.exe 3844 Console 1 9.404 K
tpfnf7sp.exe 4012 Console 1 4.876 K
SynTPEnh.exe 3228 Console 1 6.060 K
PMHandler.exe 4248 Console 1 4.960 K
TpWAudAp.exe 4460 Console 1 4.116 K
IAAnotif.exe 4468 Console 1 5.232 K
RtHDVCpl.exe 4512 Console 1 6.128 K
hkcmd.exe 4564 Console 1 5.188 K
igfxsrvc.exe 4572 Console 1 4.640 K
igfxpers.exe 4688 Console 1 4.992 K
LPMGR.EXE 4772 Console 1 6.200 K
AwaySch.EXE 4812 Console 1 4.752 K
PDVDServ.exe 4836 Console 1 4.716 K
wmpnscfg.exe 4856 Console 1 5.252 K
nmapp.exe 4892 Console 1 16.220 K
ACTray.exe 4900 Console 1 5.092 K
ACWLIcon.exe 4916 Console 1 5.288 K
cssauth.exe 4924 Console 1 5.696 K
avgnt.exe 4956 Console 1 2.164 K
M-AudioTaskBarIcon.exe 4964 Console 1 5.012 K
MCPLaunch.exe 4984 Console 1 2.476 K
jusched.exe 4996 Console 1 2.940 K
scheduler_proxy.exe 5032 Console 1 3.024 K
iTunesHelper.exe 5040 Console 1 7.848 K
TeaTimer.exe 5048 Console 1 50.696 K
ICQ.exe 5272 Console 1 90.368 K
rfx-tray.exe 5292 Console 1 7.980 K
BTTray.exe 5316 Console 1 8.492 K
firefox.exe 6048 Console 1 446.176 K
svchost.exe 1120 Services 0 6.856 K
wmpnetwk.exe 956 Services 0 13.184 K
tvtpwm_tray.exe 2792 Console 1 13.224 K
BTStackServer.exe 5736 Console 1 8.636 K
iPodService.exe 4848 Services 0 3.964 K
plugin-container.exe 5664 Console 1 42.656 K
rfx-client.exe 5492 Console 1 52.800 K
WUDFHost.exe 8000 Services 0 2.888 K
iTunes.exe 4244 Console 1 37.484 K
mobsync.exe 7924 Console 1 6.156 K
AppleMobileDeviceHelper.e 6820 Console 1 5.048 K
distnoted.exe 7544 Console 1 3.272 K
iexplore.exe 7356 Console 1 30.844 K
iexplore.exe 1424 Console 1 43.660 K
explorer.exe 6884 Console 1 41.672 K
OTL.exe 5704 Console 1 26.964 K
notepad.exe 6272 Console 1 4.840 K
notepad.exe 7320 Console 1 7.104 K
SearchProtocolHost.exe 6240 Services 0 8.328 K
SearchFilterHost.exe 6416 Services 0 5.128 K
cmd.exe 7292 Console 1 3.000 K
conime.exe 5104 Console 1 11.476 K
dllhost.exe 944 Console 1 11.356 K
tasklist.exe 7052 Console 1 4.708 K
***** Ende des Scans 27.07.2011 um 17:12:22,59 ***
|
|
27.07.2011, 16:15
| #5 |
| | 2 Probleme: Automatisches Öffnen des IEs und Weiterleitung bei Google Meine Programme: Code:
ATTFilter Access Help 08.04.2011 1,64MB 2.00
Adobe AIR Adobe Systems Incorporated 17.07.2011 30,1MB 2.7.0.19530
Adobe Community Help Adobe Systems Incorporated. 23.06.2011 5,70MB 3.4.980
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 12.07.2011 10.3.181.34
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 18.06.2011 10.3.181.26
Adobe Reader 8 - Deutsch Adobe Systems Incorporated 08.04.2011 90,9MB 8.0.0
Agere Systems HDA Modem Agere Systems 08.04.2011
Anzeige am Bildschirm 08.04.2011 5.03
Apple Application Support Apple Inc. 20.07.2011 60,2MB 2.0.1
Apple Mobile Device Support Apple Inc. 17.06.2011 22,1MB 3.4.1.2
Apple Software Update Apple Inc. 20.07.2011 2,38MB 2.1.3.127
ASIO4ALL Michael Tippach 14.06.2011 0,52MB 2.10
Audacity 1.2.6 08.04.2011 8,43MB
Avira AntiVir Personal - Free Antivirus Avira GmbH 30.06.2011 114,1MB 10.2.0.696
Bonjour Apple Inc. 20.07.2011 1,06MB 3.0.0.2
Broadcom Gigabit Integrated Controller Broadcom Corporation 08.04.2011 0,74MB 10.15.06
CCleaner Piriform 06.07.2011 3,60MB 3.08
Client Security Solution Lenovo Group Limited 08.04.2011 100,4MB 8.0.0311.00
Diskeeper Home Diskeeper Corporation 09.04.2011 12,1MB 9.0.545
Ergänzung zu Lenovo Care 08.04.2011 1,88MB 2.00
EVEREST Home Edition v2.20 Lavalys Inc 06.07.2011 6,58MB 2.20
FileZilla Client 3.5.0 30.05.2011 17,6MB 3.5.0
Free M4a to MP3 Converter 6.2 ManiacTools.com 23.05.2011 3,84MB
Free YouTube to MP3 Converter version 3.9.35.324 DVDVideoSoft Limited. 23.04.2011 3,72MB
GoldWave v5.58 17.05.2011 7,77MB
Help Center 08.04.2011 2,05MB 2.00c
HiJackThis Trend Micro 25.07.2011 0,36MB 1.0.0
ICQ7.5 ICQ 22.04.2011 50,3MB 7.5
IL Download Manager Image-Line 14.06.2011 4,91MB
Integrated Camera Sonix 08.04.2011 3,61MB 5.8.8.012
Intel(R) Graphics Media Accelerator Driver 08.04.2011
Intel(R) Matrix Storage Manager 08.04.2011 3,77MB
iTunes Apple Inc. 20.07.2011 141,9MB 10.4.0.80
Java(TM) 6 Update 2 Sun Microsystems, Inc. 08.04.2011 168,1MB 1.6.0.20
Java(TM) 6 Update 22 Oracle 08.04.2011 97,1MB 6.0.220
Java(TM) 6 Update 26 Oracle 08.04.2011 94,8MB 6.0.260
Lenovo Bluetooth with Enhanced Data Rate Software 6.0.1.4900 Lenovo. 09.04.2011 40,8MB 6.0.1.4900
Lenovo Care 08.04.2011 1,93MB 2.10
Lenovo Care System Update Lenovo 01.07.2011 27,4MB 3.14.0034
Lenovo Multimedia Center 08.04.2011 3,23MB
Lenovo Registration Lenovo - Leader Technologies 08.04.2011 0,81MB
Lenovo System Interface Driver 08.04.2011 4,00KB 1.00
M-Audio Xponent Driver 6.0.1 (x86) M-Audio 08.04.2011 3,52MB 6.0.1
Maintenance Manager 08.04.2011 6,57MB 3.0.5.0
Malwarebytes' Anti-Malware Malwarebytes Corporation 16.05.2011 4,82MB
Message Center 08.04.2011 2,02MB 2.01b
Message Center Plus Lenovo Group Limited 11.06.2011 1,70MB 2.0.0012.00
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU Microsoft Corporation 11.04.2011 37,0MB
Microsoft .NET Framework 3.5 SP1 Microsoft Corporation 10.04.2011 27,8MB
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 13.04.2011 120,3MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 13.04.2011 24,5MB 4.0.30319
Microsoft Silverlight Microsoft Corporation 17.06.2011 40,3MB 4.0.60531.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 05.05.2011 0,25MB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation a17.06.2011 0,29MB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 30.04.2011 0,58MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 04.05.2011 0,23MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 09.04.2011 0,58MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 16.06.2011 0,58MB 9.0.30729.6161
Mindjet MindManager 9 Mindjet 04.05.2011 100,6MB 9.0.246
Mozilla Firefox 5.0 (x86 de) Mozilla 22.06.2011 32,3MB 5.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 11.04.2011 1,28MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 11.04.2011 1,34MB 4.20.9876.0
Native Instruments Traktor Native Instruments 08.04.2011 64,8MB
Network Magic Pure Networks 09.04.2011 28,1MB 4.1.7082.0
No23 Recorder No23 17.07.2011 3,18MB 2.1.0.3
OpenOffice.org 3.3 OpenOffice.org 09.04.2011 413MB 3.3.9567
PC-Doctor 5 für Windows PC-Doctor, Inc. 08.04.2011 144,6MB 5.00.4565.08
PDF-XChange 3 Tracker Software 03.05.2011 15,5MB
PM Driver Lenovo 08.04.2011 0,37MB 0.63.1.6
PokerStars.net PokerStars.net 16.04.2011 62,2MB
Präsentationsdirektor 08.04.2011 1,93MB 3.04
QuickTime Apple Inc. 10.04.2011 73,7MB 7.69.80.9
Radio.fx Tobit.Software 08.07.2011 1.968MB
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 08.04.2011 14,2MB 6.0.1.5391
Registry patch for Windows Vista USB S3 PM Enablement 08.04.2011 4,00KB 1.00
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.33 08.04.2011 1,67MB 3.33.01
Safari Apple Inc. 20.07.2011 43,4MB 5.34.50.0
simfy simfy GmbH 17.07.2011 3,14MB 1.4.9
Spybot - Search & Destroy Safer Networking Limited 18.06.2011 63,7MB 1.6.2
Synaptics Pointing Device Driver Synaptics 08.04.2011 12,8MB 9.0.3.0
ThinkVantage Access Connections 08.04.2011 2,68MB 4.42
TuneUp Utilities 2011 TuneUp Software 06.07.2011 64,5MB 10.0.4300.9
Uninstall 1.0.0.1 23.04.2011 29,7MB
VLC media player 1.1.9 VideoLAN 12.05.2011 80,1MB 1.1.9
Windows Media Player Firefox Plugin Microsoft Corp 05.06.2011 0,29MB 1.0.0.8
WinRAR 4.00 (32-Bit) win.rar GmbH 08.04.2011 4,04MB 4.00.0
Xponent M-Audio 01.06.2011 2,18MB 5.10.00.5112v2
|
|
27.07.2011, 16:39
| #6 |
| | 2 Probleme: Automatisches Öffnen des IEs und Weiterleitung bei Google Und der Log vom Malware-Programm: Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Datenbank Version: 7296
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
27.07.2011 17:37:32
mbam-log-2011-07-27 (17-37-32).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 163156
Laufzeit: 14 Minute(n), 16 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 2
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4Y3Y0C3AZF7XXHYWMAFFXA (Trojan.SpyEyes) -> Value: 4Y3Y0C3AZF7XXHYWMAFFXA -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{A528D4C2-8D70-CF99-9E74-C495DA3E6BA0} (Trojan.ZbotR.Gen) -> Value: {A528D4C2-8D70-CF99-9E74-C495DA3E6BA0} -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
c:\Recycle.Bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.
Infizierte Dateien:
c:\Recycle.Bin\config.bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.
c:\Recycle.Bin\dde2f571a4d0c65 (Trojan.Spyeyes) -> Quarantined and deleted successfully.
|
|
| Themen zu 2 Probleme: Automatisches Öffnen des IEs und Weiterleitung bei Google |
| angezeigt, automatisch, automatisches, explorer, fehlermeldung, google, inter, interne, internet, internet explorer, klicke, minute, minuten, probleme, seite, seiten, trojan.spyeyes, trojan.zbotr.gen, weitergeleitet, weiterleitung, öffnet |
Hybrid-Darstellung
