![]() |
Log-Analyse und Auswertung: 100 Euro Trojaner WIN xp 64 bitWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() |
![]() | #1 |
| ![]() 100 Euro Trojaner WIN xp 64 bit Hallo Habe OTL PE zum laufen bekommen aber beim scan zeigt er schon Fehler an. OTLPE:OTLPE:exe -Bad Image Log file habe ich erstellt nachdem ich die Meldung immer weiter geklickt habe. INIT: INITLOG Date: Sun 06/24/2012 Time: 12:56:20.42 [RAM initialization] - 12:56:20.43: Start - ReFormated=true - Compressed=false - 12:56:20.45: Starting RAMDRV Data Transfer - Decompressing 7z SFX: X:\SFX\profiles-7z.exe - Decompressing 7z SFX: X:\SFX\shortcuts-7z.exe to "B:\Documents and Settings" - Decompressing 7z SFX: "X:\SFX\commonappdata-7z.exe" to "B:\Documents and Settings\All Users\Application Data" - 12:56:22.50: RamDrv Data transfer completed [PnP Hardware Detection] - 12:56:23.28 Start Detection : basic Detection Cmd : bartpe -pnp - 12:56:24.01 Running "bartpe -pnp " Found Device: PCI\VEN_10DE&DEV_0568&SUBSYS_82E81043&REV_A1\3&2411E6FE&0&0C PCI standard RAM Controller Found Device: PCI\VEN_10DE&DEV_0614&SUBSYS_14661462&REV_A2\4&3117C7BB&0&0080 No DriverNodes found for device. Found Device: PCI\VEN_10DE&DEV_0751&SUBSYS_82E81043&REV_A1\3&2411E6FE&0&0A PCI standard RAM Controller Found Device: PCI\VEN_10DE&DEV_0752&SUBSYS_82E81043&REV_A1\3&2411E6FE&0&09 No DriverNodes found for device. Found Device: PCI\VEN_10DE&DEV_0753&SUBSYS_82E81043&REV_A2\3&2411E6FE&0&0B No DriverNodes found for device. Found Device: PCI\VEN_10DE&DEV_0754&SUBSYS_82E81043&REV_A2\3&2411E6FE&0&00 PCI standard RAM Controller Found Device: PCI\VEN_10DE&DEV_0760&SUBSYS_82E81043&REV_A2\3&2411E6FE&0&50 NVIDIA nForce Networking Controller Found Device: PCI\VEN_10DE&DEV_0774&SUBSYS_82FE1043&REV_A1\3&2411E6FE&0&38 No DriverNodes found for device. Found Device: USB\VID_1395&PID_0002&MI_00\6&39EAA8F8&0&0000 No DriverNodes found for device. - 12:56:35.18 Completed [Display Settings] - Current Settings : [1024x768, 32 bits @ 1 Hz] - Settings requested : [1024x768, 32 bits @ 85 Hz] - No matching display mode found. - Trying: qres.exe /x:1024 /y:768 [Networking] - 12:56:37.23: Start Use PENetCFG : false Use NetConfig : false Sharing : false RAS Services : false Wireless Services : false - 12:56:37.35: Setting Computer Name (Reatogo, NONE) - 12:56:37.93: Setting Administrator Pass The command completed successfully. - 12:56:38.53: Installing Tcp/Ip protocol OK - 12:56:42.04: Installing MSClient protocol OK - 12:56:43.82: Starting Tcp/IP service The TCP/IP Protocol Driver service was started successfully. OK - 12:56:44.35: Starting DHCP service The DHCP Client service is starting. The DHCP Client service was started successfully. OK - 12:56:46.85: Starting NLA service The Network Location Awareness (NLA) service is starting. The Network Location Awareness (NLA) service was started successfully. OK - 12:56:49.04: Starting LMHOSTS service The TCP/IP NetBIOS Helper service is starting. The TCP/IP NetBIOS Helper service was started successfully. OK - 12:56:51.15 Network Configuration Completed Fixing IE path in StartMenuInternet [Shortcut Creation] - 12:57:11.92: Begin - 12:57:12.04: End OTL: OTL logfile created on: 6/24/2012 1:01:26 PM - Run OTLPE by OldTimer - Version Folder = X:\Programs\OTLPE 64bit-Microsoft Windows XP Service Pack 2 (Version = 5.2.3790) - Type = SYSTEM Internet Explorer (Version = 6.0.3790.3959) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free 2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 107.41 Gb Total Space | 20.95 Gb Free Space | 19.51% Space Free | Partition Type: NTFS Drive D: | 596.17 Gb Total Space | 477.42 Gb Free Space | 80.08% Space Free | Partition Type: NTFS Drive E: | 47.00 Gb Total Space | 25.98 Gb Free Space | 55.28% Space Free | Partition Type: NTFS Drive F: | 78.46 Gb Total Space | 76.35 Gb Free Space | 97.32% Space Free | Partition Type: NTFS Drive G: | 3.72 Gb Total Space | 2.85 Gb Free Space | 76.46% Space Free | Partition Type: FAT32 Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: REATOGO | User Name: SYSTEM Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days Using ControlSet: ControlSet002 ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/05/08 09:15:02 | 000,185,856 | ---- | M] () [Auto] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater) SRV:64bit: - [2012/03/06 20:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2012/02/09 23:17:36 | 000,186,176 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\WINDOWS\system32\nvsvc64.exe -- (NVSvc) SRV:64bit: - [2007/02/18 11:01:10 | 000,659,968 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC) SRV:64bit: - [2007/02/17 01:05:28 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov) SRV:64bit: - [2007/02/17 00:59:48 | 000,113,152 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr) SRV:64bit: - [2007/02/17 00:56:32 | 000,231,424 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srsvc.dll -- (srservice) SRV:64bit: - [2007/02/17 00:55:42 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog) SRV:64bit: - [2007/02/17 00:54:26 | 000,224,256 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (PlugPlay) SRV:64bit: - [2007/02/17 00:54:26 | 000,224,256 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (Eventlog) SRV:64bit: - [2007/02/17 00:53:58 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr) SRV:64bit: - [2007/02/17 00:41:30 | 000,794,112 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc) SRV:64bit: - [2007/02/17 00:40:04 | 000,160,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm) SRV:64bit: - [2007/02/17 00:40:04 | 000,160,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE) SRV:64bit: - [2007/02/17 00:38:26 | 000,057,344 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger) SRV:64bit: - [2007/02/17 00:17:20 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver) SRV:64bit: - [2007/02/17 00:17:14 | 000,399,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin) SRV:64bit: - [2007/02/17 00:03:14 | 000,285,184 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2007/02/17 00:03:10 | 001,051,648 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi) SRV:64bit: - [2005/03/25 04:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv) SRV:64bit: - [2005/03/25 04:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ups.exe -- (UPS) SRV:64bit: - [2005/03/25 04:00:00 | 000,031,744 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc) SRV:64bit: - [2005/03/25 04:00:00 | 000,029,696 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter) SRV:64bit: - [2005/03/25 04:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv) SRV:64bit: - [2005/03/25 04:00:00 | 000,008,704 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc) SRV - [2012/06/19 13:44:42 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012/05/03 05:42:46 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/03/28 00:24:54 | 001,148,632 | ---- | M] (Crawler.com) [Auto] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc) SRV - [2012/02/28 11:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012/02/14 10:49:12 | 000,736,104 | ---- | M] (Tunngle.net GmbH) [Disabled] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService) SRV - [2012/02/10 00:12:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Disabled] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2010/11/30 08:49:22 | 000,075,136 | ---- | M] () [Disabled] -- C:\WINDOWS\SysWow64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010/08/23 15:44:00 | 003,983,992 | ---- | M] (INCA Internet Co., Ltd.) [Disabled] -- C:\WINDOWS\SysWow64\GameMon.des -- (npggsvc) SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/10 09:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2010/02/19 08:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/11/06 08:24:54 | 000,282,728 | ---- | M] (NVIDIA) [Disabled] -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService) SRV - [2009/11/06 08:13:20 | 000,276,584 | ---- | M] (NVIDIA) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService) SRV - [2008/07/25 05:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007/02/17 00:44:20 | 000,077,312 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/04/06 14:15:10 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss) DRV:64bit: - [2011/03/18 09:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS) DRV:64bit: - [2011/03/18 09:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K) DRV:64bit: - [2011/02/24 13:21:10 | 006,640,744 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTKHDA64.SYS -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV:64bit: - [2011/02/12 16:02:29 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2010/06/25 13:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF) DRV:64bit: - [2010/06/23 12:44:41 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) DRV:64bit: - [2009/11/18 02:19:00 | 001,801,304 | ---- | M] (Creative) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ambft64.sys -- (Ambfilt64) DRV:64bit: - [2009/11/18 02:17:00 | 001,861,720 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Monft64.sys -- (Monfilt64) DRV:64bit: - [2009/09/16 02:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle) DRV:64bit: - [2009/09/15 08:59:30 | 000,042,088 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvoclk64.sys -- (nvoclk64) DRV:64bit: - [2009/08/07 17:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\WNt500x64\sandra.sys -- (SANDRA) DRV:64bit: - [2009/03/18 10:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2008/01/29 00:38:08 | 000,074,496 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV:64bit: - [2008/01/29 00:38:08 | 000,034,304 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV:64bit: - [2008/01/21 05:45:00 | 000,008,192 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) DRV:64bit: - [2007/08/14 21:00:00 | 000,709,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fxusbase.sys -- (fxusbase) DRV:64bit: - [2007/08/14 21:00:00 | 000,105,472 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avmcowan.sys -- (AVMCOWAN) DRV:64bit: - [2007/02/17 01:00:34 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update) DRV:64bit: - [2007/02/17 00:50:28 | 000,106,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched) DRV:64bit: - [2007/02/17 00:38:26 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc) DRV:64bit: - [2007/02/17 00:31:08 | 000,156,672 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec) DRV:64bit: - [2007/02/17 00:30:56 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw) DRV:64bit: - [2007/02/17 00:22:26 | 000,240,128 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk) DRV:64bit: - [2007/02/17 00:17:20 | 000,244,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio) DRV:64bit: - [2007/02/17 00:17:14 | 000,415,232 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot) DRV:64bit: - [2007/02/17 00:03:34 | 000,106,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc) DRV:64bit: - [2007/02/16 21:02:16 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud) DRV:64bit: - [2007/02/16 20:59:12 | 000,147,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio) DRV:64bit: - [2007/02/16 20:55:52 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter) DRV:64bit: - [2007/02/16 20:03:24 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\arp1394.sys -- (Arp1394) DRV:64bit: - [2006/10/18 23:00:38 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb) DRV:64bit: - [2005/03/25 04:00:00 | 000,123,904 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr) DRV:64bit: - [2005/03/25 04:00:00 | 000,072,704 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (imapi) DRV:64bit: - [2005/03/25 04:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti) DRV:64bit: - [2005/03/25 04:00:00 | 000,013,312 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\cdad10ba.sys -- (CdaD10BA) DRV:64bit: - [2005/03/25 04:00:00 | 000,013,312 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\cdac15ba.sys -- (CdaC15BA) DRV:64bit: - [2005/03/25 04:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload) DRV:64bit: - [2005/03/24 13:25:38 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi) DRV:64bit: - [2005/03/24 13:24:04 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook) DRV:64bit: - [2005/03/24 13:21:30 | 000,092,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nic1394.sys -- (NIC1394) DRV:64bit: - [2005/03/24 13:20:08 | 000,204,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer) DRV:64bit: - [2005/03/24 13:12:02 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub) DRV:64bit: - [2005/03/24 13:11:56 | 000,188,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec) DRV - [2010/05/26 20:43:00 | 000,014,648 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64) DRV - [2005/03/25 04:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SysWow64\mnmdd.dll -- (mnmdd) DRV - [2005/03/25 04:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\SysWow64\winsock.dll -- (Winsock) DRV - [2005/01/03 20:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SysWow64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoSoftonic&dpid=SnapdoSoftonic&co=DE&userid=7116eef5-9d0d-44fa-a0ae-f691a2849749&searchtype=ds&q={searchTerms} IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=SnapdoSoftonic&dpid=SnapdoSoftonic&co=DE&userid=7116eef5-9d0d-44fa-a0ae-f691a2849749&searchtype=hp IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=SnapdoSoftonic&dpid=SnapdoSoftonic&co=DE&userid=7116eef5-9d0d-44fa-a0ae-f691a2849749&searchtype=ds&q={searchTerms} IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoSoftonic&dpid=SnapdoSoftonic&co=DE&userid=7116eef5-9d0d-44fa-a0ae-f691a2849749&searchtype=ds&q={searchTerms} IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "MyStart Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.7 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com: FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&a=6OyEPEReOF&&i=26&search=" FF - prefs.js..network.proxy.http: "" FF - prefs.js..network.proxy.http_port: 3128 FF - prefs.js..network.proxy.type: 0 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll () FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\WINDOWS\SysWOW64\TVUAx\npTVUAx.dll (TVU networks) FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012/06/13 10:34:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/03/17 05:42:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/05/03 05:42:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/20 15:46:58 | 000,000,000 | ---D | M] [2011/01/01 20:26:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions [2012/06/14 08:01:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\amaklac8.default\extensions [2011/02/12 16:02:19 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\amaklac8.default\searchplugins\daemon-search.xml [2012/06/13 10:34:41 | 000,002,203 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\amaklac8.default\searchplugins\MyStart Search.xml [2012/04/20 16:11:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011/10/10 11:50:58 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com File not found (No name found) -- () (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\AMAKLAC8.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012/05/03 05:42:46 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011/10/03 00:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012/03/18 06:50:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011/10/10 11:50:52 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml [2012/03/18 06:50:52 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/03/18 06:50:52 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011/03/09 10:53:04 | 000,002,046 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml [2012/03/18 06:50:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012/03/18 06:50:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012/03/18 06:50:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2005/03/25 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: localhost O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll () O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - File not found O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll () O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found O3:64bit: - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe () O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [MSIAfterburner] C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe () O4 - HKU\Administrator_ON_C..\Run: [yrisi.exe] C:\Documents and Settings\Administrator\Application Data\Lukyr\yrisi.exe () O4 - HKU\LocalService_ON_C..\RunOnce: [tscuninstall] File not found O4 - HKU\NetworkService_ON_C..\RunOnce: [tscuninstall] File not found O4 - HKU\UpdatusUser_ON_C..\RunOnce: [tscuninstall] File not found O4 - Startup: C:\Documents and Settings\Administrator\Application Data\Gslqicfa\povyjrvj.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data] O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: = O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1 O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\UpdatusUser_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta () O8 - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta () O9:64bit: - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - C:\WINDOWS\system32\logonui.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: System - (lsass.exe) - File not found O20:64bit: - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20:64bit: - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20:64bit: - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20:64bit: - Winlogon\Notify\dimsntfy: DllName - dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation) O20:64bit: - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20:64bit: - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20:64bit: - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20:64bit: - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20:64bit: - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20:64bit: - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation) O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation) O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O27 - HKLM IFEO\msconfig.exe: Debugger - P9KDMF.EXE File not found O27 - HKLM IFEO\regedit.exe: Debugger - P9KDMF.EXE File not found O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/06/07 01:00:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{b4ad3687-36a1-11e0-995f-00235482d525}\Shell - "" = AutoRun O33 - MountPoints2\{b4ad3687-36a1-11e0-995f-00235482d525}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{b4ad3687-36a1-11e0-995f-00235482d525}\Shell\AutoRun\command - "" = G:\MLLaunch.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found 64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found 64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/06/22 07:13:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Gslqicfa [2012/06/21 09:57:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashStrike_at [2012/06/19 18:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPcap [2012/06/19 18:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap [2012/06/16 17:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Lukyr [2012/06/16 17:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Ifsozi [2012/06/15 10:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\CCGold [2012/06/15 10:27:17 | 000,000,000 | ---D | C] -- C:\Games [2012/06/15 10:16:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eusing Free Registry Cleaner [2012/06/15 10:16:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46} [2012/06/14 07:56:22 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012/06/13 12:31:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FileOpen [2012/06/13 12:31:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\FileOpen [2012/06/13 11:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\ABBYY [2012/06/13 11:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0 [2012/06/13 11:09:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 6.0 [2012/06/13 10:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ABBYY [2012/06/13 10:44:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ABBYY [2012/06/13 10:42:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Smartbar [2012/06/13 10:41:27 | 000,000,000 | ---D | C] -- C:\Temp [2012/06/13 10:34:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Scan2PDF [2012/06/13 10:34:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Scan2PDF [2012/06/13 10:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Scan2PDF [2012/06/13 10:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant [2012/06/11 17:35:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Mana 32 [2012/06/11 17:34:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\BMW Treffen [2012/06/11 06:11:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\EPSON [2012/06/07 07:00:02 | 000,044,032 | ---- | C] (Xifon) -- C:\Documents and Settings\Administrator\Desktop\MW3sa Reporting tool.exe [8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/06/24 05:48:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/06/24 05:48:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/06/22 07:13:22 | 000,058,880 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Gslqicfa\povyjrvj.exe [2012/06/19 18:09:42 | 020,813,862 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Nuddn.bmp [2012/06/19 18:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPcap [2012/06/19 18:04:15 | 000,000,156 | ---- | M] () -- C:\WINDOWS\SysWow64\-1 [2012/06/18 19:32:34 | 000,001,478 | ---- | M] () -- C:\WINDOWS\basscad.ini [2012/06/18 19:21:36 | 000,189,654 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\12W3_MAN.pdf [2012/06/18 14:29:04 | 001,094,585 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MW3sa_reporting_tool(1).zip [2012/06/17 20:00:02 | 000,000,370 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PRIVAT-MANA-Administrator.job [2012/06/15 10:16:43 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Eusing Free Registry Cleaner.lnk [2012/06/13 13:44:30 | 005,977,691 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Unbenannt 1.odt [2012/06/13 12:57:55 | 001,520,361 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Unbenannt-1.jpg [2012/06/13 12:54:58 | 021,063,251 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Unbenannt-1.psd [2012/06/13 12:39:56 | 005,441,090 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Unbenannt 1.odt [2012/06/13 11:06:36 | 374,873,708 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ABBYY_FR11_PE_TRIAL_ESD.exe [2012/06/13 10:35:28 | 000,118,916 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\alex.pdf [2012/06/13 10:34:54 | 000,000,447 | ---- | M] () -- C:\user.js [2012/06/13 10:34:48 | 000,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Scan2PDF.lnk [2012/06/13 10:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Scan2PDF [2012/06/11 06:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\EPSON [2012/06/09 14:14:31 | 000,022,325 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\uh44337,1289465820,22muffi_schlumpf.jpg [2012/06/07 06:59:27 | 000,848,610 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MW3sa_reporting_tool.zip [2012/06/03 10:57:50 | 000,044,032 | ---- | M] (Xifon) -- C:\Documents and Settings\Administrator\Desktop\MW3sa Reporting tool.exe [8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/06/19 18:09:41 | 020,813,862 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Nuddn.bmp [2012/06/19 18:04:14 | 000,000,156 | ---- | C] () -- C:\WINDOWS\SysWow64\-1 [2012/06/18 19:21:36 | 000,189,654 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\12W3_MAN.pdf [2012/06/18 14:45:38 | 001,094,585 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MW3sa_reporting_tool(1).zip [2012/06/15 10:16:43 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Eusing Free Registry Cleaner.lnk [2012/06/13 13:44:27 | 005,977,691 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Unbenannt 1.odt [2012/06/13 12:57:49 | 001,520,361 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Unbenannt-1.jpg [2012/06/13 12:54:56 | 021,063,251 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Unbenannt-1.psd [2012/06/13 12:39:51 | 005,441,090 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Unbenannt 1.odt [2012/06/13 11:01:47 | 374,873,708 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ABBYY_FR11_PE_TRIAL_ESD.exe [2012/06/13 10:35:28 | 000,118,916 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\alex.pdf [2012/06/13 10:34:53 | 000,000,447 | ---- | C] () -- C:\user.js [2012/06/13 10:34:48 | 000,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Scan2PDF.lnk [2012/06/09 14:14:31 | 000,022,325 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\uh44337,1289465820,22muffi_schlumpf.jpg [2012/06/07 08:52:24 | 000,848,610 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MW3sa_reporting_tool.zip [2012/03/09 04:41:33 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI [2012/02/03 16:01:15 | 000,110,592 | ---- | C] () -- C:\WINDOWS\SysWow64\rtvcvfw32.dll [2011/12/14 11:59:51 | 000,001,324 | ---- | C] () -- C:\WINDOWS\SysWow64\d3d9caps.dat [2011/10/06 15:46:42 | 000,001,478 | ---- | C] () -- C:\WINDOWS\basscad.ini [2011/09/30 06:43:55 | 000,059,392 | R--- | C] () -- C:\WINDOWS\SysWow64\streamhlp.dll [2011/09/28 11:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\SysWow64\xlive.dll.cat [2011/09/16 12:18:57 | 000,006,736 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2011/09/02 05:43:08 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel [2011/08/28 05:57:34 | 011,165,696 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Sandra.mdb [2011/08/25 10:00:18 | 000,077,312 | ---- | C] () -- C:\WINDOWS\SysWow64\ztvunace26.dll [2011/08/25 10:00:17 | 000,162,304 | ---- | C] () -- C:\WINDOWS\SysWow64\ztvunrar36.dll [2011/08/25 10:00:17 | 000,153,088 | ---- | C] () -- C:\WINDOWS\SysWow64\UNRAR3.dll [2011/08/25 10:00:17 | 000,075,264 | ---- | C] () -- C:\WINDOWS\SysWow64\unacev2.dll [2011/08/01 03:35:16 | 000,000,030 | ---- | C] () -- C:\Program Files (x86)\Exiferupdate.ini [2011/07/13 13:15:35 | 000,000,103 | ---- | C] () -- C:\WINDOWS\wiso.ini [2011/03/08 08:50:45 | 000,044,136 | ---- | C] () -- C:\WINDOWS\CPLUTL64.EXE [2011/02/20 15:51:02 | 000,015,873 | ---- | C] () -- C:\WINDOWS\SysWow64\Inetde.dll [2011/02/16 08:27:11 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\SysWow64\ezsidmv.dat [2010/12/01 09:13:04 | 000,008,832 | ---- | C] () -- C:\Program Files (x86)\MainTmp.RPT [2010/07/17 11:02:38 | 000,000,213 | ---- | C] () -- C:\WINDOWS\SYNOP.INI [2010/07/17 11:02:37 | 000,000,304 | ---- | C] () -- C:\WINDOWS\WDISPLAY.INI [2010/06/28 13:57:24 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2010/06/25 13:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\SysWow64\pthreadVC.dll [2010/06/23 13:58:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\Access.dat [2010/06/16 15:50:39 | 000,000,307 | ---- | C] () -- C:\WINDOWS\game.ini [2010/06/08 19:14:10 | 000,024,576 | R--- | C] () -- C:\WINDOWS\SysWow64\AsIO.dll [2010/06/08 19:14:10 | 000,014,392 | R--- | C] () -- C:\WINDOWS\SysWow64\drivers\AsIO.sys [2010/06/07 10:00:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\chrtmp [2010/06/07 06:24:13 | 000,271,200 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe [2010/06/07 06:23:39 | 000,075,136 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe [2010/06/07 01:11:14 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/06/07 01:08:23 | 000,024,059 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2010/06/07 01:08:23 | 000,010,296 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\ASUSHWIO.SYS [2010/06/07 01:04:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2010/06/06 17:49:57 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2010/06/06 16:16:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2008/10/07 08:33:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\SysWow64\nview.dll [2008/10/07 08:33:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\SysWow64\nvwimg.dll [2007/02/18 11:05:48 | 000,276,992 | ---- | C] () -- C:\WINDOWS\SysWow64\sbe.dll [2007/02/18 11:05:46 | 001,274,880 | ---- | C] () -- C:\WINDOWS\SysWow64\quartz.dll [2007/02/18 11:05:46 | 000,512,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qedit.dll [2007/02/18 11:05:46 | 000,385,536 | ---- | C] () -- C:\WINDOWS\SysWow64\qdvd.dll [2007/02/18 11:05:46 | 000,279,040 | ---- | C] () -- C:\WINDOWS\SysWow64\qdv.dll [2007/02/18 11:05:46 | 000,192,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qcap.dll [2007/02/18 11:05:40 | 000,355,112 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2007/02/18 11:05:34 | 000,062,464 | ---- | C] () -- C:\WINDOWS\SysWow64\mciqtz32.dll [2007/02/18 11:05:28 | 000,396,288 | ---- | C] () -- C:\WINDOWS\SysWow64\encdec.dll [2007/02/18 11:05:24 | 000,061,440 | ---- | C] () -- C:\WINDOWS\SysWow64\devenum.dll [2007/02/18 11:05:20 | 000,072,704 | ---- | C] () -- C:\WINDOWS\SysWow64\amstream.dll [2005/03/25 04:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\SysWow64\qedwipes.dll [2005/03/25 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2005/03/25 04:00:00 | 000,498,205 | ---- | C] () -- C:\WINDOWS\SysWow64\dxmasf.dll [2005/03/25 04:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\SysWow64\ir32_32.dll [2005/03/25 04:00:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\SysWow64\msencode.dll [2005/03/25 04:00:00 | 000,082,432 | ---- | C] () -- C:\WINDOWS\SysWow64\ieencode.dll [2005/03/25 04:00:00 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\dvdplay.exe [2005/03/25 04:00:00 | 000,046,907 | ---- | C] () -- C:\WINDOWS\mib.bin [2005/03/25 04:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\SysWow64\tsd32.dll [2005/03/25 04:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\SysWow64\msdmo.dll [2005/03/25 04:00:00 | 000,012,498 | ---- | C] () -- C:\WINDOWS\SysWow64\append.exe [2005/03/25 04:00:00 | 000,004,126 | ---- | C] () -- C:\WINDOWS\SysWow64\msdxmlc.dll [2005/03/25 04:00:00 | 000,001,129 | ---- | C] () -- C:\WINDOWS\SysWow64\vwipxspx.exe ========== LOP Check ========== [2011/10/19 19:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\.purple [2010/06/08 09:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ashampoo [2011/05/07 04:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Azureus [2011/10/10 11:50:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Babylon [2012/06/17 13:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\BOM [2011/03/20 20:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Command & Conquer 3 Kanes Rache [2011/03/10 20:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Command & Conquer 3 Tiberium Wars [2011/10/30 11:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Cyad [2010/06/23 12:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Lite [2012/06/13 12:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Downloaded Installations [2011/09/16 12:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DVDVideoSoft [2011/09/16 12:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers [2011/05/20 17:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\EFSoftware [2011/02/28 16:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\elsterformular [2012/06/11 06:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\EPSON [2011/03/05 14:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Eumex 2220 [2012/06/13 12:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FileOpen [2011/12/14 14:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GameScanner [2012/06/22 07:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Gslqicfa [2011/09/02 05:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\gtk-2.0 [2011/10/09 19:07:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICQ [2012/06/22 19:18:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ifsozi [2011/05/24 10:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\jpg-Illuminator [2012/06/16 17:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Lukyr [2011/12/18 17:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nitro PDF [2010/08/04 09:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org [2012/06/13 10:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Scan2PDF [2012/04/20 16:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator [2011/09/30 06:49:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TrojanHunter [2012/04/23 13:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TS3Client [2012/04/03 10:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Tunngle [2011/10/29 15:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Uqelox [2012/04/03 08:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3 [2010/06/08 09:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo [2011/09/30 06:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software [2011/10/10 11:50:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon [2012/02/29 10:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bitstream [2011/07/13 13:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Buhl Data Service GmbH [2010/06/23 12:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2011/07/11 12:39:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\elsterformular [2011/05/24 09:36:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON [2011/03/05 13:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Eumex 2220 [2012/06/13 12:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileOpen [2010/06/07 05:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameScanner [2010/06/07 13:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ [2011/05/16 11:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF [2012/02/29 12:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe [2012/04/20 16:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator [2011/08/25 10:01:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2011/09/30 06:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrojanHunter [2010/06/23 13:58:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle [2011/12/18 19:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebTemp [2012/06/15 10:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46} [2012/06/22 19:45:15 | 000,032,540 | ---- | M] () -- C:\WINDOWS\Tasks\SchedLgU.Txt ========== Purity Check ========== < End of report > Hoffe jemand kann mir dabei helfen. Vielen lieben Dank schon mal im vorraus. MFG Mana |
![]() | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() 100 Euro Trojaner WIN xp 64 bit Funktioniert noch der abgesicherte Modus mit Netzwerktreibern? Mit Internetverbindung?
__________________Abgesicherter Modus zur Bereinigung
__________________ |
![]() |
Themen zu 100 Euro Trojaner WIN xp 64 bit |
antivirus, bho, computer, desktop, error, euro, exe, fehler, firefox, google, helper, hotspot, hotspot shield, logfile, mozilla, nvidia update, object, plug-in, port, realtek, registry, scan, services.exe, software, spyware, trojaner, usb, windows, windows xp, winpcap packet driver |