Gema Trojaner und nichts geht mehr

Jade27 · 16.02.2012, 17:04

Hallo

Ich hoffe ich mache das jetzt hier richtig. Ich habe mich vorab schon Imformiert was ich gegen den Virus oder Trojaner machen kann und soweit auch alles verstanden nur,

reagiert mein Laptop immer gleich in jedem Modus, nach der eingabe meines pw öffnet sich nicht wie normal zuerst der Destop sondern immer wieder diese Seite vom Virus. Ich habe auch schon das Internet ausgeschaltet aber das ändert auch nichts. Wie beim normal start so auch im abgesicherten Modus auf mein Laptop habe ich leider kein zugriff mehr ..... ich kann auch nicht den Task manager öffnen der verschwinden immer wieder hinter der seite.

Ich hoffe das ich das irgendwie noch retten kann

Und dazu muss ich auch noch sagen ich kenne mich nicht wirklich mit dem Computer aus ... ich google zwar und versuche probleme zu lösen mit der Hilfe die ich mir erlese... aber zu meinem Problem konnte ich nichts finden daher frage ich jetzt mal jemanden von euch.

Danke im Vorraus und ich hoffe ich habe beim Posten alles richtig gemacht.

lg Jade

markusg · 16.02.2012, 17:07

hi,
erst mal durchatmen, wir bekommen das schon hin.
Mit einem sauberen 2. Rechner eine OTLPE-CD erstellen und den infizierten Rechner dann von dieser CD booten:

Falls Du kein Brennprogramm installiert hast, lade dir bitte ISOBurner herunter. Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen. Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.

Lade

OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.

Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
Lege eine leere CD in Deinen Brenner.
ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
Du kannst nun die Fenster des Brennprogramms schließen.

Nun boote von der OTLPE CD. Hinweis: Wie boote ich von CD

Bebilderte Anleitung: OTLpe-Scan

Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
Mache einen Doppelklick auf das OTLPE Icon.
Hinweis: Damit OTLPE auch das richtige installierte Windows scant, musst du den Windows-Ordner des auf der Platte installierten Windows auswählen, einfach nur C: auswählen gibt einen Fehler!
Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
OTLpe sollte nun starten.
Drücke Run Scan, um den Scan zu starten.
Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt erstellt
Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
Bitte poste den Inhalt von C:\OTL.txt und Extras.txt.

Jade27 · 16.02.2012, 17:28

ui das ging ja flott. Danke erstmal. ja ich habe noch einen 2 laptop mit brenner. Ich bin auch schon am laden der Programme. evtl bräuchte ich nachher dann noch etwas hilfe weil ich mich mit Logs nicht auskenne..

markusg · 16.02.2012, 17:40

nö :d
na sicher bekommst du da hilfe, wie jeder andere hier auch.

Jade27 · 16.02.2012, 21:51

klingt jetzt bestimmt dumm, aber ich habe keine ahnung wie man diese Iso datei brennen soll jedesmal wenn ich auf burn klicke erscheint ein fehler feld es wurde nichts ausgewählt zum brennen. was soll ich machen ???

Jade27 · 16.02.2012, 23:43

so ich hoffe das das jetzt richtig ist. das war eine menge an Kopieren.

Desweiteren hatte ich versucht meine daten auf meine externe zu ziehen aber der Lap erkennt sie nicht an dafür aber kleine usb sticks ..hmmm...
kann ich nun wieder mein Laptop im normalen starten oder erscheint dann wieder dieser Virus / Trojaner?

Fragen über Fragen ... sorry es liegt an meiner unwissenheit.. Danke vielmals für deine Hilfe
Ps das Datum hatte ich geändert vor 2 tagen ich dachte ich könnte beim zurücksetzen den Virus umgehen aber dem war nicht so also nicht wundern das ich noch in 2011 lebe

so nun,
Das ist der Log denke ich
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 12/1/2011 10:44:49 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19190)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116.21 Gb Total Space | 54.31 Gb Free Space | 46.74% Space Free | Partition Type: NTFS
Drive E: | 115.21 Gb Total Space | 36.38 Gb Free Space | 31.58% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto] --  -- (TOSHIBA Bluetooth Service)
SRV - File not found [Auto] --  -- (HWDeviceService.exe)
SRV - [2012/02/10 18:15:55 | 003,340,064 | ---- | M] () [Auto] -- C:\program files\common files\akamai/netsession_win_7de0ed9.dll -- (Akamai)
SRV - [2011/12/15 08:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/12/15 08:59:40 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011/12/15 08:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/11/14 06:40:59 | 000,239,968 | ---- | M] () [Auto] -- C:\Program Files\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc)
SRV - [2011/10/21 09:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 11:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/05/07 11:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/03/11 08:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Auto] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/07/21 11:55:30 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2008/07/18 14:39:30 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/04/24 12:35:46 | 000,073,728 | ---- | M] (Toshiba) [On_Demand] -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV - [2008/04/16 17:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/17 10:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007/12/03 11:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007/11/21 10:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/10/29 18:35:40 | 000,937,984 | ---- | M] (Atheros Communications, Inc.) [On_Demand] -- C:\Program Files\Jumpstart\jswpsapi.exe -- (jswpsapi)
SRV - [2006/08/23 09:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005/11/17 07:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (Tosrfcom)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - File not found [Kernel | On_Demand] --  -- (igfx)
DRV - [2011/12/15 09:00:00 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/12/15 09:00:00 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/12/15 09:00:00 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/11/14 06:41:05 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2011/11/14 06:41:05 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011/11/14 06:41:05 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2011/11/14 06:41:05 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2010/06/17 08:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/14 17:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Webcam C510(UVC)
DRV - [2010/05/14 17:02:26 | 000,276,448 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2010/05/14 16:58:58 | 000,020,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2010/05/07 11:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/07/18 12:52:16 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008/04/17 18:54:16 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/04/15 03:05:08 | 000,118,784 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/04/07 19:24:20 | 003,548,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/02/15 11:01:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/12/17 05:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007/11/09 08:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/08/31 11:43:32 | 000,020,352 | ---- | M] (Atheros Communications, Inc.) [Kernel | System] -- C:\Windows\System32\drivers\jswpslwf.sys -- (jswpslwf)
DRV - [2007/07/30 04:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 03:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/20 07:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/02 02:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/10/23 09:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/10/18 04:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} -  File not found
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421
 
IE - HKU\angel_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKU\angel_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\angel_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKU\angel_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Gast_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKU\Gast_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKU\Gast_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
IE - HKU\Toshiba_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
IE - HKU\Toshiba_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Toshiba_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\Toshiba_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Toshiba_ON_C\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKU\Toshiba_ON_C\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} -  File not found
IE - HKU\Toshiba_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.5
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/23 08:00:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.25\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/12/23 08:00:37 | 000,000,000 | ---D | M]
 
[2011/11/14 05:56:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\angel\AppData\Roaming\Mozilla\Extensions
[2012/02/10 19:54:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\angel\AppData\Roaming\Mozilla\Firefox\Profiles\6v8fsqjl.default\extensions
[2011/11/14 06:44:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\angel\AppData\Roaming\Mozilla\Firefox\Profiles\6v8fsqjl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/11/19 14:44:17 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\angel\AppData\Roaming\Mozilla\Firefox\Profiles\6v8fsqjl.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/11/24 07:56:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/06/08 04:57:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/06/08 04:56:32 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/11/20 18:26:27 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/11/20 18:26:27 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/11/20 18:26:27 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/11/20 18:26:27 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/11/20 18:26:27 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} -  File not found
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} -  File not found
O3 - HKU\angel_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\angel_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\angel_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} -  File not found
O3 - HKU\Gast_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\Gast_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\Gast_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} -  File not found
O3 - HKU\Toshiba_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\Toshiba_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\Toshiba_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} -  File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [cfFncEnabler.exe]  File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( )
O4 - HKLM..\Run: [InetAccelerator] C:\Windows\System32\InetAccelerator.exe (MacroSoft)
O4 - HKLM..\Run: [InetAccelerator.] C:\ProgramData\InetAccelerator\InetAccelerator.exe (MacroSoft)
O4 - HKLM..\Run: [ITSecMng]  File not found
O4 - HKLM..\Run: [jswtrayutil]  File not found
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [NDSTray.exe]  File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [Toshiba TEMPO]  File not found
O4 - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\angel_ON_C..\Run: [InetAccelerator] C:\Users\angel\AppData\Roaming\InetAccelerator\InetAccelerator.exe (MacroSoft)
O4 - HKU\angel_ON_C..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\angel_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Gast_ON_C..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\Gast_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Toshiba_ON_C..\Run: [Akamai NetSession Interface] C:\Users\Toshiba\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\Toshiba_ON_C..\Run: [Corel Photo Downloader]  File not found
O4 - HKU\Toshiba_ON_C..\Run: [InetAccelerator] C:\Users\Toshiba\AppData\Roaming\InetAccelerator\InetAccelerator.exe (MacroSoft)
O4 - HKU\Toshiba_ON_C..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid\Vid.exe (Logitech Inc.)
O4 - HKU\Toshiba_ON_C..\Run: [Logitech Vid HD] C:\Program Files\Logitech\Vid\vid.exe (Logitech Inc.)
O4 - HKU\Toshiba_ON_C..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Users\angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk =  File not found
O4 - Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
O4 - Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O8 - Extra context menu item: Free YouTube Download - C:\Users\angel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} -  File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\ProgramData\InetAccelerator\InetAccelerator.exe) - C:\ProgramData\InetAccelerator\InetAccelerator.exe (MacroSoft)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\InetAccelerator.exe) - C:\Windows\System32\InetAccelerator.exe (MacroSoft)
O20 - HKU\angel_ON_C Winlogon: Shell - (C:\Users\angel\AppData\Roaming\InetAccelerator\InetAccelerator.exe) - C:\Users\angel\AppData\Roaming\InetAccelerator\InetAccelerator.exe (MacroSoft)
O20 - HKU\Toshiba_ON_C Winlogon: Shell - (C:\Users\Toshiba\AppData\Roaming\InetAccelerator\InetAccelerator.exe) - C:\Users\Toshiba\AppData\Roaming\InetAccelerator\InetAccelerator.exe (MacroSoft)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll -  File not found
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{2b9eb436-1297-11e1-9d99-001e101fa1f5}\Shell - "" = AutoRun
O33 - MountPoints2\{2b9eb436-1297-11e1-9d99-001e101fa1f5}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{2f56c338-0eb2-11e1-b40a-001e101f82a7}\Shell - "" = AutoRun
O33 - MountPoints2\{2f56c338-0eb2-11e1-b40a-001e101f82a7}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{71e572c5-182b-11e1-8601-001e101f5bfc}\Shell - "" = AutoRun
O33 - MountPoints2\{71e572c5-182b-11e1-8601-001e101f5bfc}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{89a1b7a2-0ea9-11e1-95cc-001e3387453f}\Shell - "" = AutoRun
O33 - MountPoints2\{89a1b7a2-0ea9-11e1-95cc-001e3387453f}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/02/16 08:08:28 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\InetAccelerator
[2012/02/16 07:57:32 | 000,348,160 | ---- | C] (MacroSoft) -- C:\Windows\System32\InetAccelerator.exe
[2012/02/16 07:49:14 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/02/16 07:49:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/02/16 07:49:11 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/02/16 07:49:10 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/02/16 07:49:10 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012/02/16 07:49:10 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/02/16 07:49:10 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/02/16 07:49:10 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/02/16 07:49:10 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/02/16 07:49:10 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/02/16 07:49:09 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/02/16 07:49:09 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/02/16 07:49:09 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/02/16 07:49:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/02/16 07:49:09 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/02/16 07:49:09 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/02/16 07:49:09 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/02/16 07:49:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/02/16 07:48:34 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/02/12 10:27:35 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Avira
[2012/02/11 19:12:24 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Roaming\InetAccelerator
[2012/02/11 19:12:24 | 000,000,000 | ---D | C] -- C:\ProgramData\InetAccelerator
[2012/02/08 09:02:21 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Roaming\Avira
[2012/02/08 09:00:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/02/08 08:59:20 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2012/02/08 08:59:03 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012/02/08 08:59:02 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012/02/08 08:59:02 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012/02/08 08:59:02 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012/02/08 08:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/02/08 08:58:45 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012/02/07 12:41:34 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/02/07 12:41:24 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/02/07 12:41:23 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/02/07 12:39:46 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2012/02/07 12:39:33 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/02/07 12:39:32 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/02/07 12:39:17 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011/12/14 13:07:12 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/12/14 13:07:11 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/12/14 13:07:09 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/12/14 13:07:03 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/12/14 13:07:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/12/04 10:55:08 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Local\Microsoft Games
[2011/11/26 08:45:04 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Local\Adobe
[2011/11/23 18:15:43 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/19 14:44:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011/11/19 14:43:41 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2011/11/19 14:43:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2011/11/19 11:19:01 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Local\Apple
[2011/11/16 13:10:47 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Roaming\DVDVideoSoft
[2011/11/16 13:09:10 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/11/16 13:08:48 | 000,000,000 | ---D | C] -- C:\Users\angel\Documents\DVDVideoSoft
[2011/11/15 07:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/11/15 06:47:30 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Local\Apple Computer
[2011/11/14 06:46:12 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Roaming\Macromedia
[2011/11/14 06:46:12 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Roaming\Adobe
[2011/11/14 06:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
[2011/11/14 06:41:48 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2011/11/14 06:41:48 | 000,235,392 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2011/11/14 06:41:48 | 000,193,792 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2011/11/14 06:41:48 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2011/11/14 06:41:48 | 000,090,368 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2011/11/14 06:41:48 | 000,073,216 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2011/11/14 06:41:48 | 000,064,384 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2011/11/14 06:41:48 | 000,026,624 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2011/11/14 06:41:48 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2011/11/14 06:41:48 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2011/11/14 06:41:48 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2011/11/14 06:40:44 | 000,000,000 | ---D | C] -- C:\Program Files\Mobile Partner
[2011/11/14 06:07:47 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Local\Toshiba
[2011/11/14 05:56:44 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Roaming\Mozilla
[2011/11/14 05:56:44 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Local\Mozilla
[2011/11/14 05:56:05 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Roaming\Google
[2011/11/14 05:54:22 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Roaming\Toshiba
[2011/11/14 05:42:05 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Roaming\DivX
[2011/11/14 05:41:39 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Roaming\ATI
[2011/11/14 05:41:39 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Local\ATI
[2011/11/14 05:41:32 | 000,000,000 | ---D | C] -- C:\Users\angel\Documents\Eigene Google Gadgets
[2011/11/14 05:41:10 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Local\Google
[2011/11/14 05:40:54 | 000,000,000 | R--D | C] -- C:\Users\angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/11/14 05:40:54 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\LocalLow
[2011/11/14 05:40:42 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Roaming\Identities
[2011/11/14 05:40:36 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Local\VirtualStore
[2011/11/14 05:40:27 | 000,000,000 | -HSD | C] -- C:\Users\angel\AppData\Local\Verlauf
[2011/11/14 05:40:27 | 000,000,000 | -HSD | C] -- C:\Users\angel\AppData\Local\Temporary Internet Files
[2011/11/14 05:40:27 | 000,000,000 | -HSD | C] -- C:\Users\angel\Documents\Eigene Videos
[2011/11/14 05:40:27 | 000,000,000 | -HSD | C] -- C:\Users\angel\Documents\Eigene Musik
[2011/11/14 05:40:27 | 000,000,000 | -HSD | C] -- C:\Users\angel\Documents\Eigene Bilder
[2011/11/14 05:40:27 | 000,000,000 | -HSD | C] -- C:\Users\angel\AppData\Local\Anwendungsdaten
[2011/11/14 05:40:26 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Local\Temp
[2011/11/14 05:40:26 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Local\Microsoft Help
[2011/11/14 05:40:26 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Local\Microsoft
[2011/11/14 05:40:26 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Roaming\Media Center Programs
[2011/11/14 05:40:26 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Local
[2011/11/14 05:40:25 | 000,000,000 | --SD | C] -- C:\Users\angel\AppData\Roaming\Microsoft
[2011/11/14 05:40:25 | 000,000,000 | R--D | C] -- C:\Users\angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/11/14 05:40:25 | 000,000,000 | R--D | C] -- C:\Users\angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/11/14 05:40:25 | 000,000,000 | R--D | C] -- C:\Users\angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/11/14 05:40:25 | 000,000,000 | ---D | C] -- C:\Users\angel\AppData\Roaming
[2011/11/14 05:40:25 | 000,000,000 | ---D | C] -- C:\Users\angel
[2011/11/13 16:02:35 | 000,000,000 | ---D | C] -- C:\Users\Gast\AppData\Roaming\Google
[2011/11/13 16:00:55 | 000,000,000 | ---D | C] -- C:\Users\Gast\AppData\Roaming\DivX
[2011/11/13 16:00:20 | 000,000,000 | ---D | C] -- C:\Users\Gast\Documents\Eigene Google Gadgets
[2011/11/13 16:00:03 | 000,000,000 | ---D | C] -- C:\Users\Gast\AppData\Roaming\ATI
[2011/11/13 16:00:03 | 000,000,000 | ---D | C] -- C:\Users\Gast\AppData\Local\ATI
[2011/11/13 15:59:57 | 000,000,000 | ---D | C] -- C:\Users\Gast\AppData\Local\Google
[2011/11/13 15:59:38 | 000,000,000 | R--D | C] -- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/11/13 15:59:38 | 000,000,000 | ---D | C] -- C:\Users\Gast\AppData\LocalLow
[2011/11/13 15:59:27 | 000,000,000 | ---D | C] -- C:\Users\Gast\AppData\Roaming\Identities
[2011/11/13 15:59:22 | 000,000,000 | ---D | C] -- C:\Users\Gast\AppData\Local\VirtualStore
[2011/11/13 15:59:14 | 000,000,000 | -HSD | C] -- C:\Users\Gast\AppData\Local\Verlauf
[2011/11/13 15:59:14 | 000,000,000 | -HSD | C] -- C:\Users\Gast\AppData\Local\Temporary Internet Files
[2011/11/13 15:59:14 | 000,000,000 | -HSD | C] -- C:\Users\Gast\Documents\Eigene Videos
[2011/11/13 15:59:14 | 000,000,000 | -HSD | C] -- C:\Users\Gast\Documents\Eigene Musik
[2011/11/13 15:59:14 | 000,000,000 | -HSD | C] -- C:\Users\Gast\Documents\Eigene Bilder
[2011/11/13 15:59:14 | 000,000,000 | -HSD | C] -- C:\Users\Gast\AppData\Local\Anwendungsdaten
[2011/11/13 15:59:13 | 000,000,000 | --SD | C] -- C:\Users\Gast\AppData\Roaming\Microsoft
[2011/11/13 15:59:13 | 000,000,000 | R--D | C] -- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/11/13 15:59:13 | 000,000,000 | R--D | C] -- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/11/13 15:59:13 | 000,000,000 | R--D | C] -- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/11/13 15:59:13 | 000,000,000 | ---D | C] -- C:\Users\Gast\AppData\Local\Temp
[2011/11/13 15:59:13 | 000,000,000 | ---D | C] -- C:\Users\Gast\AppData\Roaming
[2011/11/13 15:59:13 | 000,000,000 | ---D | C] -- C:\Users\Gast\AppData\Local\Microsoft Help
[2011/11/13 15:59:13 | 000,000,000 | ---D | C] -- C:\Users\Gast\AppData\Local\Microsoft
[2011/11/13 15:59:13 | 000,000,000 | ---D | C] -- C:\Users\Gast\AppData\Roaming\Media Center Programs
[2011/11/13 15:59:13 | 000,000,000 | ---D | C] -- C:\Users\Gast\AppData\Local
[2011/11/13 15:59:13 | 000,000,000 | ---D | C] -- C:\Users\Gast
[2011/11/07 09:01:51 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/11/06 03:02:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2011/11/05 14:46:52 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Akamai
[2011/11/05 14:28:41 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/11/05 14:28:41 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/11/05 14:28:41 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/11/05 14:28:41 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/11/05 14:16:40 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/11/05 14:16:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011/11/02 06:38:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Mobile Partner
[2011/11/02 06:37:35 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2011/11/02 06:37:35 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2011/11/02 06:35:22 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService
[2010/04/26 07:52:52 | 005,181,591 | -H-- | C] (Axialis Software) -- C:\Users\Toshiba\AppData\Roaming\screensaver_Beach.scr
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/02/16 07:46:08 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3C416F6B-5294-42F5-A8F4-9D1E815CB25D}.job
[2012/02/16 07:43:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/16 07:42:19 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B5D846D5-3CA4-47C6-A378-D791F2D01BC7}.job
[2012/02/13 08:55:03 | 000,000,878 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2012/02/11 19:12:24 | 000,348,160 | ---- | M] (MacroSoft) -- C:\Windows\System32\InetAccelerator.exe
[2012/02/11 18:56:36 | 000,001,833 | ---- | M] () -- C:\Users\angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
[2012/02/09 15:55:36 | 000,662,095 | ---- | M] () -- C:\Users\angel\Desktop\IMG_0008.JPG
[2012/02/09 12:07:27 | 000,000,680 | ---- | M] () -- C:\Users\angel\AppData\Local\d3d9caps.dat
[2012/02/08 09:00:05 | 000,001,812 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/02/08 09:00:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/01/26 18:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/01/18 19:04:49 | 000,136,192 | ---- | M] () -- C:\Users\angel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/12 14:52:56 | 002,044,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/12/15 09:00:00 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/12/15 09:00:00 | 000,074,640 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/12/15 09:00:00 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011/12/15 01:21:50 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/12/15 01:18:56 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/12/15 01:18:29 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/12/15 01:18:29 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/12/15 01:18:03 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/12/15 01:17:56 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/12/15 01:17:51 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/12/15 01:17:35 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/12/15 01:17:35 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011/12/15 01:17:35 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011/12/15 01:17:34 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/12/15 01:17:34 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011/12/15 01:17:29 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/12/15 00:21:27 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/12/14 23:45:13 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011/12/14 23:45:00 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011/12/14 23:44:22 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011/12/14 23:43:48 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/12/08 16:04:54 | 000,164,810 | ---- | M] () -- C:\Users\angel\Desktop\DSC09657.jpg
[2011/12/08 15:52:14 | 000,108,846 | ---- | M] () -- C:\Users\angel\Desktop\Foto0281.jpg
[2011/12/01 16:01:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/01 15:59:26 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/01 15:54:45 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/01 15:54:45 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/01 15:54:28 | 000,321,376 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/01 15:52:38 | 3217,076,224 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/01 15:46:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011/12/01 15:41:20 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011/12/01 15:41:20 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011/12/01 15:41:20 | 000,008,838 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/01 15:41:20 | 000,006,448 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/25 10:59:48 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/11/23 18:15:43 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/23 16:26:35 | 000,050,839 | ---- | M] () -- C:\Users\angel\Documents\DSC02023.jpg
[2011/11/23 12:30:53 | 000,067,185 | ---- | M] () -- C:\Users\angel\Documents\DSC02026.jpg
[2011/11/23 12:30:13 | 000,066,624 | ---- | M] () -- C:\Users\angel\Documents\DSC02022.jpg
[2011/11/23 12:29:36 | 000,075,350 | ---- | M] () -- C:\Users\angel\Documents\DSC02021.jpg
[2011/11/23 12:28:20 | 000,080,608 | ---- | M] () -- C:\Users\angel\Documents\DSC02020.jpg
[2011/11/23 12:27:44 | 000,081,213 | ---- | M] () -- C:\Users\angel\Documents\DSC02019.jpg
[2011/11/23 12:26:43 | 000,070,985 | ---- | M] () -- C:\Users\angel\Documents\DSC02018.jpg
[2011/11/19 14:44:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011/11/19 14:44:02 | 000,001,070 | ---- | M] () -- C:\Users\angel\Desktop\Free YouTube Download.lnk
[2011/11/18 12:47:03 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2011/11/16 11:21:57 | 001,259,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011/11/15 07:08:27 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/11/15 06:15:38 | 000,000,903 | ---- | M] () -- C:\Users\angel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/11/14 17:25:15 | 000,066,836 | ---- | M] () -- C:\Users\angel\Desktop\DSC01974l.jpg
[2011/11/14 06:42:08 | 000,000,841 | ---- | M] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2011/11/14 06:42:08 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
[2011/11/14 06:41:06 | 000,861,696 | ---- | M] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
[2011/11/14 06:41:06 | 000,011,136 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
[2011/11/14 06:41:05 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2011/11/14 06:41:05 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2011/11/14 06:41:05 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
[2011/11/14 06:41:05 | 000,090,368 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
[2011/11/14 06:41:05 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
[2011/11/14 06:41:05 | 000,064,384 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
[2011/11/14 06:41:05 | 000,026,624 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
[2011/11/14 06:41:05 | 000,025,856 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2011/11/14 06:41:05 | 000,019,200 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
[2011/11/14 06:41:04 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2011/11/14 06:41:04 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
[2011/11/14 05:55:42 | 000,000,948 | ---- | M] () -- C:\Users\angel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/13 23:55:42 | 002,818,048 | ---- | M] () -- C:\Users\angel\Desktop\DSC01974.JPG
[2011/11/13 16:45:37 | 000,053,760 | ---- | M] () -- C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/13 16:02:14 | 000,000,948 | ---- | M] () -- C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/09 05:14:13 | 000,000,104 | ---- | M] () -- C:\Users\Toshiba\Desktop\Papierkorb - Verknüpfung.lnk
[2011/11/08 09:42:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/11/07 22:14:13 | 000,000,279 | ---- | M] () -- C:\Users\Toshiba\Desktop\Data (E) - Verknüpfung.lnk
[2011/11/07 09:01:53 | 000,002,057 | ---- | M] () -- C:\Users\Toshiba\Desktop\Google Chrome.lnk
[2011/11/07 09:01:53 | 000,002,019 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/05 19:09:16 | 000,007,728 | ---- | M] () -- C:\Users\Toshiba\AppData\Local\d3d9caps.dat
[2011/11/02 06:38:17 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/02/13 08:55:03 | 000,000,878 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2012/02/09 14:47:24 | 000,662,095 | ---- | C] () -- C:\Users\angel\Desktop\IMG_0008.JPG
[2012/02/08 09:00:05 | 000,001,812 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011/12/08 16:04:54 | 000,164,810 | ---- | C] () -- C:\Users\angel\Desktop\DSC09657.jpg
[2011/12/08 15:52:13 | 000,108,846 | ---- | C] () -- C:\Users\angel\Desktop\Foto0281.jpg
[2011/12/01 15:33:50 | 3217,076,224 | -HS- | C] () -- C:\hiberfil.sys
[2011/11/23 12:31:51 | 000,050,839 | ---- | C] () -- C:\Users\angel\Documents\DSC02023.jpg
[2011/11/23 12:30:53 | 000,067,185 | ---- | C] () -- C:\Users\angel\Documents\DSC02026.jpg
[2011/11/23 12:30:13 | 000,066,624 | ---- | C] () -- C:\Users\angel\Documents\DSC02022.jpg
[2011/11/23 12:29:35 | 000,075,350 | ---- | C] () -- C:\Users\angel\Documents\DSC02021.jpg
[2011/11/23 12:28:20 | 000,080,608 | ---- | C] () -- C:\Users\angel\Documents\DSC02020.jpg
[2011/11/23 12:27:44 | 000,081,213 | ---- | C] () -- C:\Users\angel\Documents\DSC02019.jpg
[2011/11/23 12:26:43 | 000,070,985 | ---- | C] () -- C:\Users\angel\Documents\DSC02018.jpg
[2011/11/22 01:23:11 | 000,000,680 | ---- | C] () -- C:\Users\angel\AppData\Local\d3d9caps.dat
[2011/11/19 14:44:02 | 000,001,070 | ---- | C] () -- C:\Users\angel\Desktop\Free YouTube Download.lnk
[2011/11/17 13:52:29 | 000,000,422 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{3C416F6B-5294-42F5-A8F4-9D1E815CB25D}.job
[2011/11/15 06:21:13 | 000,136,192 | ---- | C] () -- C:\Users\angel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/15 06:15:38 | 000,000,903 | ---- | C] () -- C:\Users\angel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/11/14 17:25:15 | 000,066,836 | ---- | C] () -- C:\Users\angel\Desktop\DSC01974l.jpg
[2011/11/14 17:24:23 | 002,818,048 | ---- | C] () -- C:\Users\angel\Desktop\DSC01974.JPG
[2011/11/14 06:42:08 | 000,000,841 | ---- | C] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2011/11/14 05:55:41 | 000,000,948 | ---- | C] () -- C:\Users\angel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/14 05:40:56 | 000,000,954 | ---- | C] () -- C:\Users\angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/11/14 05:40:53 | 000,000,909 | ---- | C] () -- C:\Users\angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/11/14 05:40:39 | 000,000,920 | ---- | C] () -- C:\Users\angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/11/14 05:40:26 | 000,001,833 | ---- | C] () -- C:\Users\angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
[2011/11/14 05:40:26 | 000,000,258 | ---- | C] () -- C:\Users\angel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/11/14 05:40:26 | 000,000,240 | ---- | C] () -- C:\Users\angel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/11/13 16:02:14 | 000,000,948 | ---- | C] () -- C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/13 15:59:40 | 000,000,954 | ---- | C] () -- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/11/13 15:59:37 | 000,000,949 | ---- | C] () -- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/11/13 15:59:24 | 000,000,920 | ---- | C] () -- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/11/13 15:59:13 | 000,001,835 | ---- | C] () -- C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
[2011/11/13 15:59:13 | 000,000,258 | ---- | C] () -- C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2011/11/13 15:59:13 | 000,000,240 | ---- | C] () -- C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2011/11/09 05:14:13 | 000,000,104 | ---- | C] () -- C:\Users\Toshiba\Desktop\Papierkorb - Verknüpfung.lnk
[2011/11/07 22:14:13 | 000,000,279 | ---- | C] () -- C:\Users\Toshiba\Desktop\Data (E) - Verknüpfung.lnk
[2011/11/07 09:01:53 | 000,002,057 | ---- | C] () -- C:\Users\Toshiba\Desktop\Google Chrome.lnk
[2011/11/07 09:01:53 | 000,002,019 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/02 06:38:17 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2011/04/26 15:28:40 | 000,000,344 | -H-- | C] () -- C:\ProgramData\41475848
[2010/12/09 20:43:51 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/12/09 20:43:51 | 000,000,088 | RHS- | C] () -- C:\ProgramData\5151C71AEE.sys
[2010/05/14 16:56:06 | 010,830,680 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2010/05/14 16:56:06 | 000,102,744 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2010/05/14 16:55:58 | 000,290,648 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2010/05/14 16:47:00 | 000,090,071 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2010/05/07 11:46:36 | 000,014,168 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2010/05/07 11:43:30 | 000,025,824 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2010/04/16 02:56:47 | 000,007,728 | ---- | C] () -- C:\Users\Toshiba\AppData\Local\d3d9caps.dat
[2010/03/06 17:01:21 | 000,000,016 | -H-- | C] () -- C:\Users\Toshiba\AppData\Local\mxfilerelatedcache.mxc2
[2010/03/06 17:01:20 | 000,000,016 | -H-- | C] () -- C:\Users\Toshiba\AppData\Roaming\mxfilerelatedcache.mxc2
[2010/03/06 17:01:20 | 000,000,016 | -H-- | C] () -- C:\Users\Toshiba\AppData\mxfilerelatedcache.mxc2
[2010/01/10 06:35:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/01/10 06:35:25 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/01/07 11:32:17 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/12/04 10:32:14 | 000,053,760 | ---- | C] () -- C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/01 01:49:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/08/04 05:30:01 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1502.dll
[2008/07/03 04:34:43 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008/07/03 04:27:11 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008/07/03 04:17:58 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008/07/03 04:17:58 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008/07/03 04:17:58 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008/07/03 04:17:58 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008/07/03 04:17:58 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008/07/03 04:17:58 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008/07/03 03:51:19 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC1.dat
[2008/07/03 03:51:19 | 000,000,852 | ---- | C] () -- C:\Windows\System32\drivers\RTKHDRC0.dat
[2008/07/03 03:51:19 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX1.dat
[2008/07/03 03:51:19 | 000,000,520 | ---- | C] () -- C:\Windows\System32\drivers\RTEQEX0.dat
[2008/07/03 03:51:19 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2008/07/03 03:51:19 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2008/07/03 03:48:03 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/07/03 03:48:03 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008/07/03 03:48:02 | 000,168,883 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/07/03 03:48:02 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/07/03 02:57:12 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/04/24 12:43:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\SmartFaceVCapt.dll
[2008/04/24 12:42:44 | 000,479,232 | ---- | C] () -- C:\Windows\System32\SmartFaceVCP.dll
[2008/04/24 12:25:46 | 006,701,056 | ---- | C] () -- C:\Windows\System32\FaceHI.dll
[2008/04/24 12:25:46 | 000,995,328 | ---- | C] () -- C:\Windows\System32\FaceRec.dll
[2008/04/24 12:25:46 | 000,126,976 | ---- | C] () -- C:\Windows\System32\SmartFaceVCtrl.dll
[2008/04/24 12:23:58 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IppLib.dll
[2008/01/21 02:15:58 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/01/21 02:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/01/21 02:15:58 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/01/21 02:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007/12/21 09:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,321,376 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:33:01 | 000,008,838 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,006,448 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/07/22 14:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
 
========== LOP Check ==========
 
[2011/11/19 14:44:36 | 000,000,000 | ---D | M] -- C:\Users\angel\AppData\Roaming\DVDVideoSoft
[2011/11/16 13:09:10 | 000,000,000 | ---D | M] -- C:\Users\angel\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/02/11 19:12:24 | 000,000,000 | ---D | M] -- C:\Users\angel\AppData\Roaming\InetAccelerator
[2011/11/14 05:54:22 | 000,000,000 | ---D | M] -- C:\Users\angel\AppData\Roaming\Toshiba
[2011/01/31 06:05:13 | 000,000,000 | -H-D | M] -- C:\Users\Toshiba\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/06/16 14:24:54 | 000,000,000 | -H-D | M] -- C:\Users\Toshiba\AppData\Roaming\Facebook
[2012/02/16 08:08:28 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\InetAccelerator
[2011/09/12 19:14:41 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Leadertech
[2011/01/17 20:38:46 | 000,000,000 | -H-D | M] -- C:\Users\Toshiba\AppData\Roaming\PhotoScape
[2009/12/01 07:40:28 | 000,000,000 | -H-D | M] -- C:\Users\Toshiba\AppData\Roaming\toshiba
[2011/01/10 12:12:48 | 000,000,000 | -H-D | M] -- C:\Users\Toshiba\AppData\Roaming\Total Immersion
[2011/01/17 20:47:24 | 000,000,000 | -H-D | M] -- C:\Users\Toshiba\AppData\Roaming\Ulleo
[2010/08/26 07:15:45 | 000,000,000 | -H-D | M] -- C:\Users\Toshiba\AppData\Roaming\Vivox
[2011/06/02 14:53:55 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Vodafone
[2011/01/17 20:22:46 | 000,000,000 | -H-D | M] -- C:\Users\Toshiba\AppData\Roaming\Yfxe
[2009/12/01 02:53:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/11/14 06:42:42 | 000,000,000 | ---D | M] -- C:\ProgramData\DatacardService
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/12/01 02:53:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2009/12/01 02:53:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/02/11 19:12:24 | 000,000,000 | ---D | M] -- C:\ProgramData\InetAccelerator
[2009/12/01 07:30:07 | 000,000,000 | -H-D | M] -- C:\ProgramData\IsolatedStorage
[2008/07/03 04:28:40 | 000,000,000 | -H-D | M] -- C:\ProgramData\MAGIX
[2011/11/02 06:38:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Mobile Partner
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2009/12/01 02:53:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2009/12/01 03:00:28 | 000,000,000 | -H-D | M] -- C:\ProgramData\Toshiba
[2009/12/01 02:57:50 | 000,000,000 | -H-D | M] -- C:\ProgramData\ToshibaEurope
[2010/12/09 20:26:24 | 000,000,000 | -H-D | M] -- C:\ProgramData\Ulead Systems
[2011/06/02 14:51:59 | 000,000,000 | ---D | M] -- C:\ProgramData\Vodafone
[2009/12/01 02:53:46 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2008/07/03 08:05:54 | 000,000,000 | -H-D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/12/01 15:51:13 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/02/16 07:46:08 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3C416F6B-5294-42F5-A8F4-9D1E815CB25D}.job
[2012/02/16 07:42:19 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{B5D846D5-3CA4-47C6-A378-D791F2D01BC7}.job
 
========== Purity Check ==========
 
 
< End of report >

--- --- ---

markusg · 17.02.2012, 12:20

auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:

Code:

ATTFilter

:OTL
O4 - HKLM..\Run: [InetAccelerator] C:\Windows\System32\InetAccelerator.exe (MacroSoft)
O4 - HKLM..\Run: [InetAccelerator.] C:\ProgramData\InetAccelerator\InetAccelerator.exe (MacroSoft)
O4 - HKU\angel_ON_C..\Run: [InetAccelerator] C:\Users\angel\AppData\Roaming\InetAccelerator\InetAccelerator.exe (MacroSoft)
O20 - HKLM Winlogon: UserInit - (C:\ProgramData\InetAccelerator\InetAccelerator.exe) - C:\ProgramData\InetAccelerator\InetAccelerator.exe (MacroSoft)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\InetAccelerator.exe) - C:\Windows\System32\InetAccelerator.exe (MacroSoft)
O20 - HKU\angel_ON_C Winlogon: Shell - (C:\Users\angel\AppData\Roaming\InetAccelerator\InetAccelerator.exe) - C:\Users\angel\AppData\Roaming\InetAccelerator\InetAccelerator.exe
(MacroSoft)
O20 - HKU\Toshiba_ON_C Winlogon: Shell - (C:\Users\Toshiba\AppData\Roaming\InetAccelerator\InetAccelerator.exe) - C:\Users\Toshiba\AppData\Roaming\InetAccelerator\InetAccelerator.exe
(MacroSoft)
:Files
C:\Windows\System32\InetAccelerator.exe 
C:\ProgramData\InetAccelerator
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]

dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!

Drücke bitte die

+ E Taste.

Öffne dein Systemlaufwerk ( meistens C: )
Suche nun
folgenden Ordner: _OTL und öffne diesen.
Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner
Dies wird eine Movedfiles.zip Datei in _OTL erstellen
Lade diese bitte in unseren Uploadchannel
hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )

Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus

Jade27 · 18.02.2012, 01:03

der möchte jetzt nach dem letzten vorgang rebooten, ist das richtig?

und gehen dadurch meine Bilder verloren??

markusg · 18.02.2012, 11:28

was denkst du denn?
sie gehen natürlich nicht verloren, was meinst du was hier los wäre wenn wir persönliche daten löschen würden... :-)

16.02.2012, 17:40	#4
markusg /// Malware-holic	Gema Trojaner und nichts geht mehr nö :d na sicher bekommst du da hilfe, wie jeder andere hier auch. __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

Gema Trojaner und nichts geht mehr

Plagegeister aller Art und deren Bekämpfung: Gema Trojaner und nichts geht mehr