Windows Vista - Infektion mit Sirefef, Sirefef.AB

SatanasOz · 15.10.2012, 22:19

Ok ... mein Provider hat es seit Donnerstag noch nicht geschafft die Verbindung wieder hin zu kriegen, aber es muss ja weiter gehen. Also hier, in voller 3G übertragungspracht, das Log. Wie gesagt, keine extras.txt. Habe die ganze Kiste noch mal gescannt.

Code:

ATTFilter

OTL logfile created on: 10/10/2012 8:37:17 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 86.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116.44 Gb Total Space | 21.67 Gb Free Space | 18.61% Space Free | Partition Type: NTFS
Drive D: | 109.60 Gb Total Space | 31.07 Gb Free Space | 28.35% Space Free | Partition Type: NTFS
Drive E: | 967.22 Mb Total Space | 663.44 Mb Free Space | 68.59% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled] --  -- (NMIndexingService)
SRV - [2012/10/02 18:10:31 | 003,459,024 | ---- | M] (Acronis) [Auto] -- C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012/09/30 03:44:09 | 000,529,744 | ---- | M] (Valve Corporation) [Disabled] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/09/12 00:25:24 | 000,287,824 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012/09/12 00:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/07/12 21:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/06/28 00:32:18 | 005,915,352 | ---- | M] (Acronis) [Auto] -- C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2012/06/28 00:29:42 | 000,821,048 | ---- | M] (Acronis) [Auto] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009/12/07 09:13:14 | 000,397,312 | ---- | M] () [Disabled] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2009/10/31 02:48:42 | 000,348,160 | ---- | M] (AVerMedia) [Disabled] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2008/01/19 03:36:49 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/19 03:36:15 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/15 13:47:48 | 000,094,208 | ---- | M] () [Auto] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007/02/12 08:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/02/05 22:13:14 | 000,094,208 | ---- | M] () [Disabled] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2006/12/28 20:17:50 | 000,123,248 | ---- | M] () [Auto] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - [2012/10/02 18:10:44 | 000,234,752 | ---- | M] (Acronis) [File_System | On_Demand] -- C:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV - [2012/10/02 18:10:11 | 000,775,232 | ---- | M] (Acronis) [Kernel | Boot] -- C:\Windows\System32\drivers\tdrpman.sys -- (tdrpman)
DRV - [2012/10/02 18:10:03 | 000,614,592 | ---- | M] (Acronis) [Kernel | Boot] -- C:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV - [2012/10/02 18:09:12 | 000,126,880 | ---- | M] (Acronis) [Kernel | Boot] -- C:\Windows\System32\drivers\vididr.sys -- (vididr)
DRV - [2012/10/02 18:09:11 | 000,086,496 | ---- | M] (Acronis) [Kernel | Boot] -- C:\Windows\System32\drivers\vsflt67.sys -- (vidsflt67) Acronis Disk Storage Filter (67)
DRV - [2012/10/02 18:09:06 | 000,177,600 | ---- | M] (Acronis) [Kernel | Boot] -- C:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV - [2012/10/02 18:09:03 | 000,080,416 | ---- | M] (Acronis) [Kernel | Boot] -- C:\Windows\System32\drivers\fltsrv.sys -- (fltsrv)
DRV - [2012/08/30 05:03:50 | 000,099,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2010/05/06 06:35:16 | 000,569,728 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVerAF15DMBTH.sys -- (AVerAF15DMBTH)
DRV - [2009/10/31 05:38:28 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/10/25 22:09:06 | 001,095,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009/07/01 07:59:00 | 009,786,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/04/11 00:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2007/05/24 22:15:15 | 001,743,232 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/04/30 10:45:18 | 002,219,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007/03/22 02:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/15 02:41:15 | 000,048,128 | ---- | M] (Attansic Technology corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atl01v32.sys -- (AtcL001)
DRV - [2007/02/24 18:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/05 07:53:58 | 000,011,632 | ---- | M] () [Kernel | Auto] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007/01/24 06:08:39 | 000,005,632 | ---- | M] ( ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2007/01/23 20:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/12/14 03:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006/11/15 22:02:19 | 000,015,216 | ---- | M] () [Kernel | Auto] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2006/11/02 05:50:17 | 000,041,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2006/11/02 03:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2006/11/02 03:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Florian_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKU\Florian_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.asus.com
IE - HKU\Florian_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\Mcx1_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\Nina_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
IE - HKU\Nina_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Nina_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Nina_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
 
 
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  File not found
O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\22.0.1229.92\npchrome_frame.dll (Google Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Mcx1_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: &Citavi Picker... - C:\Program Files\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html ()
O9 - Extra Button: Send to Mindjet MindManager - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 -  File not found
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cf - No CLSID value found
O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\22.0.1229.92\npchrome_frame.dll (Google Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- C:\Users\Nina\Documents\Uni und Schule
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- C:\Users\Nina\Documents\pics from NZ friends
[2099/01/01 12:00:00 | 000,000,000 | ---D | C] -- C:\Users\Nina\Documents\NINA - Queen of Awesomeness and Antarctica
[2012/10/08 16:28:55 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Nina\Desktop\tdsskiller.exe
[2012/10/08 16:28:32 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Nina\Desktop\aswMBR.exe
[2012/10/08 03:52:34 | 000,000,000 | ---D | C] -- C:\FRST
[2012/10/02 18:12:19 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Roaming\Acronis
[2012/10/02 18:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2012/10/02 18:10:41 | 000,234,752 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\afcdp.sys
[2012/10/02 18:10:10 | 000,775,232 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\tdrpman.sys
[2012/10/02 18:10:02 | 000,614,592 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\timntr.sys
[2012/10/02 18:09:12 | 000,126,880 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\vididr.sys
[2012/10/02 18:09:10 | 000,086,496 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\vsflt67.sys
[2012/10/02 18:09:06 | 000,177,600 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\snapman.sys
[2012/10/02 18:09:03 | 000,080,416 | ---- | C] (Acronis) -- C:\Windows\System32\drivers\fltsrv.sys
[2012/10/02 18:08:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
[2012/10/02 18:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\Acronis
[2012/10/02 18:07:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Acronis
[2012/10/02 08:08:05 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/10/02 07:33:25 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2012/10/02 07:32:33 | 000,381,816 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\PsExec.exe
[2012/10/02 06:56:39 | 000,000,000 | ---D | C] -- C:\Users\Nina\Desktop\Neuer Ordner
[2012/10/02 01:03:54 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Local\ElevatedDiagnostics
[2012/10/01 04:11:50 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Local\{ECDEF87C-64BF-4661-B9CC-BF20B5C042C5}
[2012/10/01 01:56:46 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Local\{A083496B-F28A-454E-ACD6-AE190C1B0283}
[2012/09/30 18:07:59 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Local\{3A09E88B-5581-46ED-9BC1-37B250087C21}
[2012/09/30 16:44:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Nina\Desktop\OTL.exe
[2012/09/30 05:04:03 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Roaming\Malwarebytes
[2012/09/30 05:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/30 05:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/09/30 05:02:10 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/30 05:02:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/09/30 03:53:30 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012/09/30 03:11:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2012/09/30 03:11:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/09/30 03:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2012/09/30 01:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/09/30 01:19:50 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Local\{E6D7D3C0-3687-457D-8D8D-AF6830A285E0}
[2012/09/29 05:22:35 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Local\{20666CC0-4259-43A3-A916-C011F1229BFD}
[2012/09/27 14:57:18 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Local\{D21FCDC8-0591-4A39-A636-7040B1A90BC8}
[2012/09/27 02:40:41 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/09/27 02:40:40 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2012/09/27 02:40:39 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/09/27 02:40:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/09/27 02:40:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/09/27 02:40:38 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/09/27 02:40:37 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2012/09/27 02:40:36 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/09/27 02:40:36 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/09/27 02:40:33 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/09/27 01:49:33 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Local\{928279D6-6C89-49E1-8F47-762BC1025D61}
[2012/09/26 23:36:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/09/26 23:36:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/09/26 22:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012/09/26 22:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2012/09/26 21:57:18 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Local\{8771A15B-7446-4500-82BD-7D9955761C20}
[2012/09/25 18:16:10 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Local\{75BAB726-26B3-489B-AB66-6C843DD63D67}
[2012/09/24 20:44:17 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Local\{8E93B501-DBF1-44CF-8D06-26E71FF5752E}
[2012/09/22 06:01:27 | 000,000,000 | ---D | C] -- C:\Users\Nina\AppData\Local\{6396CA56-3F9E-4835-A99D-8072AA846B38}
[2012/09/19 06:42:52 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\dvdcss
[2007/01/24 06:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
 
========== Files - Modified Within 30 Days ==========
 
[2012/10/10 02:22:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/10 02:21:43 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/10 02:21:43 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/10 02:21:42 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/10/10 02:20:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/10 02:16:56 | 000,633,584 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/10/10 02:16:56 | 000,600,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/10 02:16:56 | 000,128,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/10/10 02:16:56 | 000,106,018 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/10/10 02:15:00 | 000,031,776 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/10/10 02:12:05 | 000,031,776 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/10/10 02:12:04 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/08 16:25:34 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Nina\Desktop\tdsskiller.exe
[2012/10/08 16:24:56 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Nina\Desktop\aswMBR.exe
[2012/10/02 18:10:44 | 000,234,752 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\afcdp.sys
[2012/10/02 18:10:11 | 000,775,232 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\tdrpman.sys
[2012/10/02 18:10:03 | 000,614,592 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\timntr.sys
[2012/10/02 18:09:12 | 000,126,880 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\vididr.sys
[2012/10/02 18:09:11 | 000,086,496 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\vsflt67.sys
[2012/10/02 18:09:06 | 000,177,600 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\snapman.sys
[2012/10/02 18:09:03 | 000,080,416 | ---- | M] (Acronis) -- C:\Windows\System32\drivers\fltsrv.sys
[2012/10/02 18:08:54 | 000,001,011 | ---- | M] () -- C:\Users\Public\Desktop\Acronis True Image Home 2012.lnk
[2012/10/02 18:08:54 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
[2012/10/02 07:54:22 | 000,052,566 | ---- | M] () -- C:\Users\Nina\AppData\Roaming\nvModes.001
[2012/10/02 07:44:05 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/10/02 07:44:00 | 000,001,833 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/10/02 07:33:25 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE
[2012/10/01 01:55:21 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2012/09/30 06:45:58 | 000,302,592 | ---- | M] () -- C:\Users\Nina\Desktop\soo9ymcb.exe
[2012/09/30 06:45:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nina\Desktop\OTL.exe
[2012/09/30 05:02:26 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/09/30 05:02:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/09/30 04:34:04 | 000,035,541 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\nvModes.001
[2012/09/30 03:53:30 | 000,000,214 | ---- | M] () -- C:\Users\Nina\Desktop\Sid Meier's Civilization V.url
[2012/09/30 03:11:10 | 000,000,793 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/09/30 03:11:10 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012/09/26 23:36:32 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/09/26 23:36:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/09/26 22:16:37 | 000,052,566 | ---- | M] () -- C:\Users\Nina\AppData\Roaming\nvModes.dat
[2012/09/26 22:03:15 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012/09/24 20:52:42 | 000,002,631 | ---- | M] () -- C:\Users\Nina\Desktop\Microsoft Office Word 2007.lnk
 
========== Files Created - No Company Name ==========
 
[2012/10/02 18:08:54 | 000,001,011 | ---- | C] () -- C:\Users\Public\Desktop\Acronis True Image Home 2012.lnk
[2012/10/02 17:55:27 | 225,073,224 | ---- | C] () -- C:\Users\Nina\Desktop\ATIH2012_trial_en-US.exe
[2012/10/02 17:23:45 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.001
[2012/10/02 17:23:33 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2012/09/30 16:44:59 | 000,302,592 | ---- | C] () -- C:\Users\Nina\Desktop\soo9ymcb.exe
[2012/09/30 05:02:26 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/09/30 03:53:30 | 000,000,214 | ---- | C] () -- C:\Users\Nina\Desktop\Sid Meier's Civilization V.url
[2012/09/30 03:11:10 | 000,000,793 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2012/09/30 02:01:17 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/09/30 01:58:29 | 000,001,833 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/09/26 23:36:32 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/09/02 15:32:02 | 000,006,656 | ---- | C] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/03 07:17:09 | 000,000,350 | ---- | C] () -- C:\Windows\System32\AP6RMHV.BIN
[2010/07/03 07:17:09 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJX.BIN
[2010/07/03 07:17:09 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJH.BIN
[2010/07/03 07:17:09 | 000,000,238 | ---- | C] () -- C:\Windows\System32\AP6RMFP.BIN
[2010/07/03 07:17:09 | 000,000,189 | ---- | C] () -- C:\Windows\System32\AP6RMKS.BIN
[2010/07/03 07:17:09 | 000,000,126 | ---- | C] () -- C:\Windows\System32\AP6RMHR.BIN
[2010/07/03 07:15:45 | 000,049,152 | ---- | C] () -- C:\Windows\System32\AVerIO.dll
[2010/07/03 07:15:45 | 000,003,456 | ---- | C] () -- C:\Windows\System32\AVerIO.sys
[2010/07/03 07:15:36 | 000,606,208 | ---- | C] () -- C:\Windows\System32\sptlib21.dll
[2010/07/03 07:15:36 | 000,311,296 | ---- | C] () -- C:\Windows\System32\sptlib01.dll
[2010/07/03 07:15:36 | 000,294,912 | ---- | C] () -- C:\Windows\System32\sptlib11.dll
[2010/07/03 07:15:36 | 000,290,816 | ---- | C] () -- C:\Windows\System32\sptlib22.dll
[2010/07/03 07:15:36 | 000,249,856 | ---- | C] () -- C:\Windows\System32\sptlib03.dll
[2010/07/03 07:15:36 | 000,225,280 | ---- | C] () -- C:\Windows\System32\sptlib02.dll
[2010/07/03 07:15:36 | 000,135,168 | ---- | C] () -- C:\Windows\System32\sptlib12.dll
[2010/02/22 18:39:28 | 000,035,541 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\nvModes.001
[2010/02/22 18:39:26 | 000,035,541 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\nvModes.dat
[2009/10/22 10:42:27 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/10/22 10:42:27 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/30 06:10:38 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/10/24 12:26:02 | 000,000,145 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2008/10/24 12:26:02 | 000,000,023 | ---- | C] () -- C:\Windows\Brownie.ini
[2008/10/24 12:26:02 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2008/10/24 12:25:54 | 000,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini
[2008/10/24 12:25:53 | 000,008,981 | ---- | C] () -- C:\Windows\HL-2030.INI
[2008/10/24 12:25:05 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008/10/24 12:25:05 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD2030.DAT
[2008/10/11 15:00:37 | 000,000,680 | ---- | C] () -- C:\Users\Nina\AppData\Local\d3d9caps.dat
[2008/08/19 21:01:08 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/20 22:01:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/03/13 05:52:12 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2008/03/13 05:52:12 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2007/12/31 14:48:57 | 000,000,049 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007/12/26 13:52:08 | 000,052,566 | ---- | C] () -- C:\Users\Nina\AppData\Roaming\nvModes.001
[2007/12/25 11:47:44 | 000,052,566 | ---- | C] () -- C:\Users\Nina\AppData\Roaming\nvModes.dat
[2007/12/25 07:49:10 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2007/12/25 05:52:45 | 000,000,546 | ---- | C] () -- C:\Windows\System32\ABF3Sc.DAT
[2007/12/23 17:22:18 | 000,099,328 | ---- | C] () -- C:\Users\Nina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/06 07:27:29 | 000,037,232 | ---- | C] () -- C:\Windows\ASScrProlog.exe
[2007/11/06 07:27:25 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2007/11/06 07:27:18 | 000,033,136 | ---- | C] () -- C:\Windows\ASScrPro.exe
[2007/11/06 07:21:52 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2007/11/06 07:05:36 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/05/24 22:15:15 | 001,743,232 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007/05/09 03:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2007/04/18 05:14:04 | 000,633,584 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2007/04/18 05:14:04 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2007/04/18 05:14:04 | 000,128,800 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2007/04/18 05:14:04 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007/04/18 05:06:01 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2007/04/18 04:33:08 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/04/16 15:31:38 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,380,544 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,600,142 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,106,018 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/08 22:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
 
========== LOP Check ==========
 
[2010/02/14 08:41:53 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Teleca
[2011/12/06 16:12:44 | 000,000,000 | ---D | M] -- C:\Users\Nina\AppData\Roaming\.minecraft
[2009/11/04 03:52:55 | 000,000,000 | ---D | M] -- C:\Users\Nina\AppData\Roaming\Academic Software Zurich
[2012/10/02 18:12:19 | 000,000,000 | ---D | M] -- C:\Users\Nina\AppData\Roaming\Acronis
[2011/12/11 07:27:08 | 000,000,000 | ---D | M] -- C:\Users\Nina\AppData\Roaming\Audacity
[2009/10/31 05:55:29 | 000,000,000 | ---D | M] -- C:\Users\Nina\AppData\Roaming\DAEMON Tools Lite
[2011/07/10 10:12:46 | 000,000,000 | ---D | M] -- C:\Users\Nina\AppData\Roaming\ScummVM
[2009/09/04 15:03:29 | 000,000,000 | ---D | M] -- C:\Users\Nina\AppData\Roaming\Teleca
[2009/08/30 06:10:37 | 000,000,000 | ---D | M] -- C:\Users\Nina\AppData\Roaming\Thunderbird
[2012/10/02 18:11:17 | 000,000,000 | ---D | M] -- C:\ProgramData\Acronis
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2007/12/31 14:48:15 | 000,000,000 | ---D | M] -- C:\ProgramData\ASUS
[2010/07/03 07:17:29 | 000,000,000 | ---D | M] -- C:\ProgramData\AVerTV
[2009/10/31 05:37:36 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/12/26 06:13:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Mindjet
[2007/11/06 07:10:24 | 000,000,000 | ---D | M] -- C:\ProgramData\P4G
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2009/09/03 11:57:14 | 000,000,000 | ---D | M] -- C:\ProgramData\Teleca
[2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/04/28 08:37:55 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2007/11/06 06:12:40 | 000,000,000 | ---D | M] -- C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[2010/02/28 06:39:32 | 000,000,000 | ---D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2012/10/10 02:21:43 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >

Windows Vista - Infektion mit Sirefef, Sirefef.AB

Log-Analyse und Auswertung: Windows Vista - Infektion mit Sirefef, Sirefef.AB

Windows Vista - Infektion mit Sirefef, Sirefef.AB

Ähnliche Themen: Windows Vista - Infektion mit Sirefef, Sirefef.AB