Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Ich habe mir auch den 50 Euro Virus eingefangen. Was tun?

Ich habe mir auch den 50 Euro Virus eingefangen. Was tun?


Log-Analyse und Auswertung: Ich habe mir auch den 50 Euro Virus eingefangen. Was tun?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 05.02.2012, 22:40   #1
lena-laura
 
Ich habe mir auch den 50 Euro Virus eingefangen. Was tun? - Standard

Ich habe mir auch den 50 Euro Virus eingefangen. Was tun?


Hallo zu später Stund,

auch ich habe mir leider den 50 Euro Virus eingefangen. habe auch schon den scan gemacht. leider weiß ich nicht, wie ich das seperat einfügen kann und habe es jetzt hier rein kopiert. im anhang ist der "extras.txt" .
wie auch viele andere hier, bekomme ich die meldung dass das windows system blockiert ist. 1000000 dank im voraus!
Hier der OTL Logfile


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 05.02.2012 19:52:41 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\lena-laura\Downloads
 Starter Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 74,56% Memory free
3,98 Gb Paging File | 3,55 Gb Available in Paging File | 89,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 80,00 Gb Total Space | 30,18 Gb Free Space | 37,73% Space Free | Partition Type: NTFS
Drive D: | 59,03 Gb Total Space | 3,81 Gb Free Space | 6,46% Space Free | Partition Type: NTFS
 
Computer Name: PC | User Name: lena-laura | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.05 19:34:25 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\lena-laura\Downloads\OTL(2).exe
PRC - [2012.02.05 00:44:12 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.05 00:44:11 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.09.29 10:19:56 | 006,277,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] --  -- (NMIndexingService)
SRV - [2011.07.05 14:08:05 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.12 18:31:26 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.04.01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2009.08.18 17:35:56 | 000,219,136 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\AsusService.exe -- (AsusService)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:33 | 000,029,696 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\iprip.dll -- (iprip)
SRV - [2009.07.14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009.07.14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009.07.14 02:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.07.05 14:08:07 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.05 14:08:07 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.08.20 03:43:40 | 000,583,680 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2010.08.20 03:43:08 | 000,840,704 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2009.10.05 08:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.07.27 08:06:46 | 000,051,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV - [2009.07.20 10:29:00 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.02.13 10:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2005.08.17 06:46:26 | 000,093,872 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2005.08.17 06:46:20 | 000,008,272 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2005.08.17 06:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.T-Mobile.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://asus.msn.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://asus.msn.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.T-Mobile.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.T-Mobile.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://asus.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=gppc
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\lena-laura\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\lena-laura\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\lena-laura\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.06.17 19:24:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.05 00:44:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.24 09:20:59 | 000,000,000 | ---D | M]
 
[2011.05.12 18:36:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lena-laura\AppData\Roaming\mozilla\Extensions
[2011.06.05 01:35:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\lena-laura\AppData\Roaming\mozilla\Firefox\Profiles\ztgpl636.default\extensions
[2011.11.10 01:17:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.11.13 03:42:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.02.05 00:44:12 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.09.29 10:19:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.04.23 15:07:10 | 000,002,047 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2011.11.10 01:17:16 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Yahoo! Deutschland (Enabled)
CHR - default_search_provider: search_url = hxxp://de.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://de-sayt.ff.search.yahoo.com/gossip-de-sayt?output=fxjson&command={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\lena-laura\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\lena-laura\AppData\Local\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\lena-laura\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\lena-laura\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AT_Porsche = C:\Users\lena-laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg\3_1\
CHR - Extension: Skype Click to Call = C:\Users\lena-laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\lena-laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program Files\Freecorder\prxtbFre0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FILSHtray] C:\Program Files\FILSHtray\FILSHtray.exe (FILSH Media GmbH)
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [HotKeyMon] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [HotkeyService] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SuperHybridEngine] C:\windows\System32\AsusSender.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKCU..\Run: [Firefox helper] C:\Users\lena-laura\AppData\Local\Mozilla\Firefox\firefox.exe ()
O4 - Startup: C:\Users\lena-laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10D8D06D-13E7-46A5-AEC4-38C5609E3260}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{18A4EB30-28E1-4E04-8664-4351C9AD8B76}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{049ca162-d23b-11e0-a356-e0cb4eb0427f}\Shell - "" = AutoRun
O33 - MountPoints2\{049ca162-d23b-11e0-a356-e0cb4eb0427f}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{3d6035cd-68dc-11e0-8259-e0cb4eb0427f}\Shell - "" = AutoRun
O33 - MountPoints2\{3d6035cd-68dc-11e0-8259-e0cb4eb0427f}\Shell\AutoRun\command - "" = E:\LGAutoRun.exe
O33 - MountPoints2\{4666dbe8-7cbd-11e0-986c-e0cb4eb0427f}\Shell - "" = AutoRun
O33 - MountPoints2\{4666dbe8-7cbd-11e0-986c-e0cb4eb0427f}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{4666dc02-7cbd-11e0-986c-e0cb4eb0427f}\Shell - "" = AutoRun
O33 - MountPoints2\{4666dc02-7cbd-11e0-986c-e0cb4eb0427f}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{521546b0-aab6-11df-808c-e0cb4eb0427f}\Shell - "" = AutoRun
O33 - MountPoints2\{521546b0-aab6-11df-808c-e0cb4eb0427f}\Shell\AutoRun\command - "" = C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Start.hta
O33 - MountPoints2\{8f862723-3db4-11e0-81c7-e0cb4eb0427f}\Shell - "" = AutoRun
O33 - MountPoints2\{8f862723-3db4-11e0-81c7-e0cb4eb0427f}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a74b0db3-8526-11e0-8947-001e101fa1f5}\Shell - "" = AutoRun
O33 - MountPoints2\{a74b0db3-8526-11e0-8947-001e101fa1f5}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{a74b0dc0-8526-11e0-8947-001e101fa1f5}\Shell - "" = AutoRun
O33 - MountPoints2\{a74b0dc0-8526-11e0-8947-001e101fa1f5}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{dc49d409-20a3-11df-a859-e0cb4eb0427f}\Shell - "" = AutoRun
O33 - MountPoints2\{dc49d409-20a3-11df-a859-e0cb4eb0427f}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{e156c5bf-cfa0-11e0-a7bc-001e101f7f74}\Shell - "" = AutoRun
O33 - MountPoints2\{e156c5bf-cfa0-11e0-a7bc-001e101f7f74}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{e156c5c4-cfa0-11e0-a7bc-001e101f7f74}\Shell - "" = AutoRun
O33 - MountPoints2\{e156c5c4-cfa0-11e0-a7bc-001e101f7f74}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{f13ede54-62a2-11e0-bd00-e0cb4eb0427f}\Shell - "" = AutoRun
O33 - MountPoints2\{f13ede54-62a2-11e0-bd00-e0cb4eb0427f}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpReg: avgnt - hkey= - key= - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= -  File not found
 
CREATERESTOREPOINT
Error creating restore point.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.05 19:29:34 | 000,000,000 | ---D | C] -- C:\windows\Sun
[2012.02.02 18:30:00 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Local\{B4B289B1-9E76-4A41-87EE-872E53342399}
[2012.01.28 09:19:57 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Local\{060BCF3A-EF92-4C73-B053-A062A279A6DC}
[2012.01.28 09:19:45 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Local\{3DB838EE-C94F-4ED6-AAB5-2563E7661750}
[2012.01.11 01:08:46 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Local\{A3BC6859-796B-4F62-988F-5370FD3D3D52}
[2012.01.11 01:08:34 | 000,000,000 | ---D | C] -- C:\Users\lena-laura\AppData\Local\{08BD80DA-A291-4CB3-AB5B-9E78D7A39A0B}
[2009.08.13 05:52:58 | 000,013,880 | ---- | C] ( ) -- C:\windows\System32\drivers\kbfiltr.sys
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\lena-laura\*.tmp files -> C:\Users\lena-laura\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.05 19:52:36 | 000,010,447 | ---- | M] () -- C:\Users\lena-laura\Documents\aw.odt
[2012.02.05 19:50:03 | 000,024,845 | ---- | M] () -- C:\Users\lena-laura\Documents\user.odt
[2012.02.05 19:41:04 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.02.05 09:42:46 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.05 09:42:46 | 000,009,696 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.05 00:17:00 | 000,001,140 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3837843822-382491344-1778226907-1000UA.job
[2012.02.04 23:44:41 | 000,013,352 | ---- | M] () -- C:\Users\lena-laura\Documents\4.2.odt
[2012.02.04 18:45:37 | 000,000,480 | -H-- | M] () -- C:\windows\tasks\Norton Security Scan for lena-laura.job
[2012.02.04 14:17:01 | 000,001,088 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3837843822-382491344-1778226907-1000Core.job
[2012.02.02 19:39:54 | 000,011,686 | ---- | M] () -- C:\Users\lena-laura\Documents\untermiet.odt
[2012.02.02 19:34:28 | 000,030,175 | ---- | M] () -- C:\Users\lena-laura\Documents\neu.pdf
[2012.02.02 19:34:04 | 000,030,178 | ---- | M] () -- C:\Users\lena-laura\Documents\unterie.pdf
[2012.02.02 18:52:34 | 000,033,930 | ---- | M] () -- C:\Users\lena-laura\Documents\mv.pdf
[2012.02.02 18:47:13 | 000,704,072 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2012.02.02 18:47:13 | 000,655,402 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012.02.02 18:47:13 | 000,145,342 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2012.02.02 18:47:13 | 000,118,952 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012.02.02 18:46:43 | 000,000,425 | ---- | M] () -- C:\windows\BRWMARK.INI
[2012.02.02 18:46:43 | 000,000,027 | ---- | M] () -- C:\windows\BRPP2KA.INI
[2012.02.02 18:45:55 | 000,033,750 | ---- | M] () -- C:\Users\lena-laura\Documents\mietverrtrag.pdf
[2012.01.22 05:24:58 | 000,011,660 | ---- | M] () -- C:\Users\lena-laura\Documents\step back.odt
[2012.01.09 20:06:00 | 000,026,775 | ---- | M] () -- C:\Users\lena-laura\Documents\lovew.odt
[2012.01.09 01:20:25 | 000,010,821 | ---- | M] () -- C:\Users\lena-laura\Documents\09.01.odt
[2012.01.08 00:24:56 | 000,012,436 | ---- | M] () -- C:\Users\lena-laura\Documents\07.01.odt
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\lena-laura\*.tmp files -> C:\Users\lena-laura\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.02.05 19:52:34 | 000,010,447 | ---- | C] () -- C:\Users\lena-laura\Documents\aw.odt
[2012.02.05 19:50:00 | 000,024,845 | ---- | C] () -- C:\Users\lena-laura\Documents\user.odt
[2012.02.04 23:44:39 | 000,013,352 | ---- | C] () -- C:\Users\lena-laura\Documents\4.2.odt
[2012.02.02 19:39:51 | 000,011,686 | ---- | C] () -- C:\Users\lena-laura\Documents\untermiet.odt
[2012.02.02 19:34:26 | 000,030,175 | ---- | C] () -- C:\Users\lena-laura\Documents\neu.pdf
[2012.02.02 19:32:29 | 000,030,178 | ---- | C] () -- C:\Users\lena-laura\Documents\unterie.pdf
[2012.02.02 18:52:31 | 000,033,930 | ---- | C] () -- C:\Users\lena-laura\Documents\mv.pdf
[2012.02.02 18:46:43 | 000,000,425 | ---- | C] () -- C:\windows\BRWMARK.INI
[2012.02.02 18:46:43 | 000,000,027 | ---- | C] () -- C:\windows\BRPP2KA.INI
[2012.02.02 18:45:53 | 000,033,750 | ---- | C] () -- C:\Users\lena-laura\Documents\mietverrtrag.pdf
[2012.01.22 05:24:47 | 000,011,660 | ---- | C] () -- C:\Users\lena-laura\Documents\step back.odt
[2012.01.09 01:20:23 | 000,010,821 | ---- | C] () -- C:\Users\lena-laura\Documents\09.01.odt
[2012.01.08 00:24:55 | 000,012,436 | ---- | C] () -- C:\Users\lena-laura\Documents\07.01.odt
[2011.10.20 13:30:59 | 000,000,000 | ---- | C] () -- C:\Users\lena-laura\AppData\Roaming\wklnhst.dat
[2011.03.20 11:12:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.10.05 00:59:32 | 000,005,632 | ---- | C] () -- C:\windows\System32\StarOpen.sys
[2010.04.10 14:08:15 | 000,027,623 | ---- | C] () -- C:\Users\lena-laura\AppData\Roaming\UserTile.png
[2010.03.27 21:24:46 | 000,001,472 | ---- | C] () -- C:\Users\lena-laura\AppData\Local\RecConfig.xml
[2010.02.25 19:00:30 | 000,000,008 | R--- | C] () -- C:\windows\System32\drivers\rtkhdaud.dat
[2010.02.25 18:51:01 | 000,219,136 | ---- | C] () -- C:\windows\System32\AsusService.exe
[2010.02.25 18:43:55 | 000,039,089 | ---- | C] () -- C:\windows\Ascd_log.ini
[2010.02.25 18:41:52 | 000,025,440 | ---- | C] () -- C:\windows\Ascd_tmp.ini
[2009.10.16 11:46:45 | 000,021,864 | ---- | C] () -- C:\windows\AsAcpiSvrLang.ini
[2009.10.16 11:44:22 | 000,013,931 | ---- | C] () -- C:\windows\System32\RaCoInst.dat
[2009.10.16 11:41:37 | 000,004,692 | R--- | C] () -- C:\windows\System32\drivers\SamSfPa.dat
[2009.07.14 09:47:43 | 000,704,072 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2009.07.14 09:47:43 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2009.07.14 09:47:43 | 000,145,342 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2009.07.14 09:47:43 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009.07.14 05:33:53 | 000,351,440 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,655,402 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,118,952 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009.07.14 01:55:09 | 000,587,776 | ---- | C] () -- C:\windows\System32\hpotscl1.dll
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\windows\System32\drivers\ASUSHWIO.SYS
 
========== LOP Check ==========
 
[2011.01.16 21:38:40 | 000,000,000 | ---D | M] -- C:\Users\lena-laura\AppData\Roaming\Alawar Entertainment
[2010.03.16 20:14:32 | 000,000,000 | ---D | M] -- C:\Users\lena-laura\AppData\Roaming\ICQ
[2010.03.28 18:55:02 | 000,000,000 | ---D | M] -- C:\Users\lena-laura\AppData\Roaming\No23
[2011.06.06 18:58:17 | 000,000,000 | ---D | M] -- C:\Users\lena-laura\AppData\Roaming\OpenOffice.org
[2011.11.08 04:36:03 | 000,000,000 | ---D | M] -- C:\Users\lena-laura\AppData\Roaming\PhotoScape
[2009.10.16 14:37:05 | 000,000,000 | ---D | M] -- C:\Users\lena-laura\AppData\Roaming\T-Mobile
[2011.03.19 10:11:50 | 000,000,000 | ---D | M] -- C:\Users\lena-laura\AppData\Roaming\T-Mobile Internet Manager
[2011.10.20 13:31:06 | 000,000,000 | ---D | M] -- C:\Users\lena-laura\AppData\Roaming\Template
[2010.10.19 22:12:10 | 000,000,000 | ---D | M] -- C:\Users\lena-laura\AppData\Roaming\TitanicMystery
[2010.09.23 13:48:52 | 000,000,000 | ---D | M] -- C:\Users\lena-laura\AppData\Roaming\TMInc
[2010.10.22 18:39:19 | 000,000,000 | ---D | M] -- C:\Users\lena-laura\AppData\Roaming\TuneUp Software
[2010.09.04 13:34:17 | 000,000,000 | ---D | M] -- C:\Users\lena-laura\AppData\Roaming\V-Games
[2011.11.08 01:31:27 | 000,000,000 | ---D | M] -- C:\Users\lena-laura\AppData\Roaming\Windows Live Writer
[2012.02.01 12:54:01 | 000,032,640 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2010.02.23 18:55:26 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2010.06.26 13:48:37 | 000,000,000 | ---D | M] -- C:\24f9b73c4ca54b0bfb344d5d22
[2009.06.15 07:14:32 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.01.03 05:13:20 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.02.23 18:53:15 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.08.31 18:52:22 | 000,000,000 | ---D | M] -- C:\inetpub
[2009.10.16 11:39:13 | 000,000,000 | ---D | M] -- C:\Intel
[2010.11.03 13:58:59 | 000,000,000 | R--D | M] -- C:\lena-laura-PC
[2009.10.16 11:49:38 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.12.30 17:06:38 | 000,000,000 | ---D | M] -- C:\Program Files
[2011.12.12 12:59:05 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.02.23 18:53:15 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.02.23 18:53:15 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.01.29 19:22:58 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.11.13 03:41:48 | 000,000,000 | R--D | M] -- C:\Users
[2012.02.05 19:29:34 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2009.06.04 11:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\drivers\iaStor.sys
[2009.06.04 11:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_4f144d6467fc7c22\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]
 
< %USERPROFILE%\*.* >
[2012.02.05 20:04:27 | 002,359,296 | -HS- | M] () -- C:\Users\lena-laura\ntuser.dat
[2012.02.05 20:04:27 | 000,262,144 | -HS- | M] () -- C:\Users\lena-laura\ntuser.dat.LOG1
[2010.02.23 18:53:47 | 000,000,000 | -HS- | M] () -- C:\Users\lena-laura\ntuser.dat.LOG2
[2010.03.28 22:17:49 | 000,065,536 | -HS- | M] () -- C:\Users\lena-laura\ntuser.dat{26ee11ca-3a93-11df-b15e-e0cb4eb0427f}.TM.blf
[2010.03.28 22:17:49 | 000,524,288 | -HS- | M] () -- C:\Users\lena-laura\ntuser.dat{26ee11ca-3a93-11df-b15e-e0cb4eb0427f}.TMContainer00000000000000000001.regtrans-ms
[2010.03.28 22:17:49 | 000,524,288 | -HS- | M] () -- C:\Users\lena-laura\ntuser.dat{26ee11ca-3a93-11df-b15e-e0cb4eb0427f}.TMContainer00000000000000000002.regtrans-ms
[2010.04.10 19:19:04 | 000,065,536 | -HS- | M] () -- C:\Users\lena-laura\ntuser.dat{4af22062-44a3-11df-b54e-e0cb4eb0427f}.TM.blf
[2010.04.10 19:19:04 | 000,524,288 | -HS- | M] () -- C:\Users\lena-laura\ntuser.dat{4af22062-44a3-11df-b54e-e0cb4eb0427f}.TMContainer00000000000000000001.regtrans-ms
[2010.04.10 19:19:04 | 000,524,288 | -HS- | M] () -- C:\Users\lena-laura\ntuser.dat{4af22062-44a3-11df-b54e-e0cb4eb0427f}.TMContainer00000000000000000002.regtrans-ms
[2010.02.23 16:05:20 | 000,065,536 | -HS- | M] () -- C:\Users\lena-laura\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.02.23 16:05:20 | 000,524,288 | -HS- | M] () -- C:\Users\lena-laura\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.02.23 16:05:20 | 000,524,288 | -HS- | M] () -- C:\Users\lena-laura\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2011.03.20 14:02:53 | 000,065,536 | -HS- | M] () -- C:\Users\lena-laura\ntuser.dat{d92befd9-520b-11e0-bd8e-e0cb4eb0427f}.TM.blf
[2011.03.20 14:02:53 | 000,524,288 | -HS- | M] () -- C:\Users\lena-laura\ntuser.dat{d92befd9-520b-11e0-bd8e-e0cb4eb0427f}.TMContainer00000000000000000001.regtrans-ms
[2011.03.20 14:02:53 | 000,524,288 | -HS- | M] () -- C:\Users\lena-laura\ntuser.dat{d92befd9-520b-11e0-bd8e-e0cb4eb0427f}.TMContainer00000000000000000002.regtrans-ms
[2009.07.14 05:53:59 | 000,000,020 | -HS- | M] () -- C:\Users\lena-laura\ntuser.ini
[1 C:\Users\lena-laura\*.tmp files -> C:\Users\lena-laura\*.tmp -> ]
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

< End of report >
--- --- ---
Geändert von lena-laura (05.02.2012 um 22:45 Uhr) Grund: etwas vergessen

 

Themen zu Ich habe mir auch den 50 Euro Virus eingefangen. Was tun?
.com, antivir, avira, babylon, bho, bingbar, blockiert, browser, conduit, defender, desktop, device driver, euro, explorer, firefox, format, helper, mozilla, nvstor.sys, object, plug-in, registry, required, rundll, scan, security, security scan, software, system, usb, virus, webcheck, windows, winlogon.exe


« Sinowal Befall | Windows blockiert - 50 Euro für Virenupdate »


Ähnliche Themen: Ich habe mir auch den 50 Euro Virus eingefangen. Was tun?


  1. 50 euro virus - auch mich hats erwischt
    Log-Analyse und Auswertung - 02.08.2015 (24)
  2. Ich habe 2 DllHost.exe Prozesse, Habe ich mir einen Virus eingefangen?
    Log-Analyse und Auswertung - 29.08.2013 (9)
  3. Habe mir auch den Bundespolizei Virus eingefangen
    Log-Analyse und Auswertung - 03.05.2013 (16)
  4. Habe mir auch den GVU eingefangen :-(
    Plagegeister aller Art und deren Bekämpfung - 18.09.2012 (2)
  5. 50 Euro Virus hat auch mich erwischt
    Plagegeister aller Art und deren Bekämpfung - 28.02.2012 (27)
  6. 50 Euro Virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 24.02.2012 (15)
  7. [2x] 50 euro virus - auch mich hats erwischt
    Mülltonne - 18.02.2012 (1)
  8. Hab auch den 50 euro virus
    Log-Analyse und Auswertung - 01.02.2012 (11)
  9. [doppelt] 50 Euro Virus hat auch bei mir zugeschlagen!
    Mülltonne - 18.01.2012 (1)
  10. 50 euro virus, ich nun auch
    Log-Analyse und Auswertung - 05.01.2012 (5)
  11. hallo ich habe den 50 euro virus
    Log-Analyse und Auswertung - 28.12.2011 (19)
  12. Muss Auch 50 Euro Zahlen, habe OTL heruntergeladen nur wie gehts weiter????
    Log-Analyse und Auswertung - 20.12.2011 (3)
  13. Ich habe mir auch den BKA Trojaner eingefangen
    Plagegeister aller Art und deren Bekämpfung - 15.08.2011 (8)
  14. Habe mir auch den Antivirus_antyspyware_2011 eingefangen
    Plagegeister aller Art und deren Bekämpfung - 28.04.2011 (5)
  15. Habe mir auch einen sshnas.dll - Virus eingefangen
    Log-Analyse und Auswertung - 23.09.2010 (2)
  16. Auch ich habe nen TR/Dropper.Gen eingefangen
    Plagegeister aller Art und deren Bekämpfung - 15.08.2010 (16)
  17. Hallo! Habe mir auch was eingefangen :-(
    Plagegeister aller Art und deren Bekämpfung - 26.11.2004 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ich habe mir auch den 50 Euro Virus eingefangen. Was tun? - Hallo zu später Stund, auch ich habe mir leider den 50 Euro Virus eingefangen. habe auch schon den scan gemacht. leider weiß ich nicht, wie ich das seperat einfügen kann - Ich habe mir auch den 50 Euro Virus eingefangen. Was tun?...
Archiv
Du betrachtest: Ich habe mir auch den 50 Euro Virus eingefangen. Was tun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19