Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
fehler meldungen mit .exe datein

fehler meldungen mit .exe datein


Log-Analyse und Auswertung: fehler meldungen mit .exe datein

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 2 1 2
Alt 26.03.2010, 14:48   #16
Larusso
/// Selecta Jahrusso
 
fehler meldungen mit .exe datein - Standard

fehler meldungen mit .exe datein


danke arne.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie
Alt 29.03.2010, 18:35   #17
xplayax11
 
fehler meldungen mit .exe datein - Standard

fehler meldungen mit .exe datein


nOCH NE frage ähm ich hab den Malwarebytes'Anti Malware KOmmt das immer das hier
Malwarebylte anti malware Hat erfolgreich Den Zugang zu folgender ip blokiert : und jedes mal neues ip !!
habt ihr dafür ne lösung oder
__________________
Alt 29.03.2010, 19:29   #18
Larusso
/// Selecta Jahrusso
 
fehler meldungen mit .exe datein - Standard

fehler meldungen mit .exe datein


Hast Du die Kaufversion. Wie wärs wenn du mal den rest abarbeitest und mir mal so eine IP gibst.
Das hat bestimmt nen Grund warum die geblockt wird.
__________________
__________________
Alt 29.03.2010, 20:07   #19
xplayax11
 
fehler meldungen mit .exe datein - Standard

fehler meldungen mit .exe datein


58.241.126.71

Alt 29.03.2010, 20:12   #20
Larusso
/// Selecta Jahrusso
 
fehler meldungen mit .exe datein - Standard

fehler meldungen mit .exe datein


Da will sich was mit china verbinden.

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die Textbox.
Code:
ATTFilter
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie
Alt 29.03.2010, 23:14   #21
xplayax11
 
fehler meldungen mit .exe datein - Standard

fehler meldungen mit .exe datein


OTL logfile created on: 29.03.2010 22:15:34 - Run 4
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Turgut\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916,86 Gb Total Space | 848,53 Gb Free Space | 92,55% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MCM-PC
Current User Name: Turgut
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010.03.29 21:29:45 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Turgut\Desktop\OTL.exe
PRC - [2010.03.21 20:31:10 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\DNA\btdna.exe
PRC - [2010.03.09 13:24:10 | 002,769,336 | ---- | M] (ALWIL Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.03.09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.01.22 10:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2010.01.07 17:07:10 | 000,429,392 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2010.01.07 17:07:10 | 000,236,368 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2009.11.20 20:17:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009.09.30 20:58:42 | 000,026,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
PRC - [2009.07.26 17:44:14 | 003,883,840 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
PRC - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.04.10 23:27:30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.09.18 11:13:00 | 000,099,896 | ---- | M] (Packard Bell BV) -- C:\ACER\Preload\Autorun\DRV\FUJI Keyboard\AOSD.exe
PRC - [2008.09.18 11:13:00 | 000,079,416 | ---- | M] (Packard Bell BV) -- C:\ACER\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe
PRC - [2008.05.29 10:49:58 | 000,083,264 | ---- | M] (Packard Bell Services) -- C:\Windows\SysWOW64\HidService.exe
PRC - [2006.11.03 12:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\Pixart\PAC7302\Monitor.exe


========== Modules (SafeList) ==========

MOD - [2010.03.29 21:29:45 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Turgut\Desktop\OTL.exe
MOD - [2010.01.02 08:38:20 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
MOD - [2009.04.10 23:28:20 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2006.11.02 10:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.03.09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010.03.09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010.03.09 13:24:08 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.01.03 21:42:21 | 000,842,056 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV:64bit: - [2010.01.03 21:42:09 | 000,506,696 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\SysNative\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV:64bit: - [2009.11.16 13:25:48 | 000,035,144 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.09.25 03:26:26 | 001,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009.03.30 18:19:56 | 002,297,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2008.05.29 10:49:58 | 000,083,264 | ---- | M] (Packard Bell Services) [Auto | Running] -- C:\Windows\SysNative\HidService.exe -- (GenericHidService)
SRV:64bit: - [2008.01.21 04:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svchost.exe -- (usprserv)
SRV:64bit: - [2008.01.21 04:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\svchost.exe -- (ezSharedSvc)
SRV - [2010.03.15 13:50:36 | 001,142,224 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2010.03.11 13:09:22 | 000,366,840 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2010.01.22 10:56:24 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010.01.07 17:07:10 | 000,236,368 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010.01.04 21:55:00 | 003,404,560 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2009.11.20 20:17:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009.11.16 13:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009.03.29 21:39:56 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2009.01.13 22:17:01 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.05.29 10:49:58 | 000,083,264 | ---- | M] (Packard Bell Services) [Auto | Running] -- C:\Windows\SysWow64\HidService.exe -- (GenericHidService)
SRV - [2008.02.03 12:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2006.11.02 15:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006.11.02 08:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006.11.02 08:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 60 1F BE 57 7F CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {35106bca-6c78-48c7-ac28-56df30b51d2d}:1.2.4
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.8
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.6.0
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100314


FF - HKLM\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.03.23 16:33:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2pre\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.03.23 16:33:03 | 000,000,000 | ---D | M]

[2009.10.17 12:18:52 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\mozilla\Extensions
[2010.03.29 17:24:26 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions
[2009.10.17 12:36:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.02.28 14:29:01 | 000,000,000 | ---D | M] (PopupMaster) -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2d}
[2010.03.25 17:45:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.03.25 17:45:38 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}-trash
[2010.02.27 21:49:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2010.02.28 14:29:00 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.02.28 13:13:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.03.13 09:53:44 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009.11.26 19:40:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\{de5809e0-2b07-11dd-bd0b-0800200c9a66}
[2010.02.27 21:29:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2010.03.15 13:51:19 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2010.03.01 14:37:16 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\battlefieldheroespatcher@ea.com
[2009.11.21 15:58:19 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\fdm_ffext@freedownloadmanager.org
[2010.02.25 23:40:32 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\firefox@tvunetworks.com
[2010.03.15 21:21:11 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\nasanightlaunch@example.com
[2010.03.25 16:10:15 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\mozilla\Firefox\Profiles\fo49jvy5.default\extensions\staged-xpis
[2009.11.20 22:09:20 | 000,002,171 | ---- | M] () -- C:\Users\Turgut\AppData\Roaming\Mozilla\FireFox\Profiles\fo49jvy5.default\searchplugins\bing.xml
[2010.02.24 23:09:05 | 000,002,055 | ---- | M] () -- C:\Users\Turgut\AppData\Roaming\Mozilla\FireFox\Profiles\fo49jvy5.default\searchplugins\daemon-search.xml
[2010.03.12 13:48:59 | 000,002,272 | ---- | M] () -- C:\Users\Turgut\AppData\Roaming\Mozilla\FireFox\Profiles\fo49jvy5.default\searchplugins\google-und-download-suche.xml
[2010.03.29 17:24:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009.09.13 23:10:06 | 000,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files (x86)\mozilla firefox\components\FFComm.dll
[2010.01.18 18:38:53 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\mozilla firefox\plugins\npPandoWebInst.dll
[2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010.01.05 00:38:06 | 000,371,326 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 Proben bei 1000Gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 12801 more lines...
O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4:64bit: - HKLM..\Run: [ATI Technologies] C:\Users\Turgut\AppData\Roaming\ATI_disp.exe ()
O4:64bit: - HKLM..\Run: [FujiKeyboard] c:\ACER\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe (Packard Bell BV)
O4:64bit: - HKLM..\Run: [PAC7302_Monitor] C:\Windows\Pixart\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [ATI Technologies] C:\Users\Turgut\AppData\Roaming\ATI_disp.exe ()
O4 - HKCU..\Run: [BitTorrent DNA] C:\Program Files (x86)\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-AT/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} hxxp://www.acclaim.com/cabs/acclaim_v4.cab (GameLauncher Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Users\Turgut\AppData\Roaming\ATI_disp.exe) - C:\Users\Turgut\AppData\Roaming\ATI_disp.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Creek.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Creek.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ab208af9-dcbc-11de-9fef-002268644e8b}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2008.01.21 05:06:38 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias [2008.01.21 05:08:35 | 000,000,000 | ---D | M]
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)
NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 14 Days ==========

[2010.03.29 21:29:32 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Users\Turgut\Desktop\OTL.exe
[2010.03.27 11:39:25 | 000,000,000 | ---D | C] -- C:\Users\Turgut\Documents\Mount&Blade Savegames
[2010.03.26 16:06:00 | 000,000,000 | ---D | C] -- C:\Users\Turgut\Documents\³Ø½¼ Ç÷¯±×
[2010.03.25 21:55:03 | 000,000,000 | ---D | C] -- C:\Users\Turgut\Desktop\CSS
[2010.03.25 21:19:29 | 000,000,000 | ---D | C] -- C:\Users\Turgut\AppData\Roaming\uTorrent
[2010.03.25 20:54:15 | 000,000,000 | ---D | C] -- C:\Download
[2010.03.25 20:54:07 | 000,000,000 | ---D | C] -- C:\Nexon
[2010.03.25 18:44:46 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.03.25 18:42:25 | 000,000,000 | ---D | C] -- C:\Users\Turgut\AppData\Local\Threat Expert
[2010.03.25 17:55:24 | 001,652,688 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010.03.25 17:55:24 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2010.03.25 17:55:24 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2010.03.25 17:53:29 | 000,306,648 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys
[2010.03.25 17:53:29 | 000,133,072 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys
[2010.03.25 17:53:19 | 000,230,904 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys
[2010.03.25 17:53:03 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys
[2010.03.25 17:52:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Doctor
[2010.03.25 17:52:53 | 000,000,000 | ---D | C] -- C:\Users\Turgut\AppData\Roaming\PC Tools
[2010.03.25 17:52:53 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010.03.25 17:52:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2010.03.25 00:08:10 | 000,000,000 | ---D | C] -- C:\Programme\Defraggler
[2010.03.24 22:50:21 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.03.24 22:50:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.03.24 21:56:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010.03.24 17:54:08 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010.03.24 15:12:08 | 000,000,000 | ---D | C] -- C:\Users\Turgut\Unigine Heaven
[2010.03.24 13:18:40 | 000,000,000 | ---D | C] -- C:\Users\Turgut\Desktop\Modified-Client_4.0
[2010.03.23 17:58:45 | 000,000,000 | -HSD | C] -- C:\found.000
[2010.03.21 20:53:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2010.03.21 20:31:13 | 000,000,000 | ---D | C] -- C:\Users\Turgut\AppData\Local\DNA
[2010.03.21 20:31:10 | 000,000,000 | ---D | C] -- C:\Users\Turgut\AppData\Roaming\DNA
[2010.03.21 20:31:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DNA
[2010.03.20 21:21:47 | 000,000,000 | ---D | C] -- C:\Users\Turgut\AppData\Roaming\TS3Client
[2010.03.19 15:36:17 | 000,000,000 | RH-D | C] -- C:\Users\Turgut\AppData\Roaming\SecuROM
[2010.03.19 15:36:14 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2010.03.19 15:31:09 | 000,000,000 | ---D | C] -- C:\Users\Turgut\Documents\FIFA 08
[2010.02.11 22:59:22 | 002,901,328 | ---- | C] (Valve Corporation) -- C:\Users\Turgut\AppData\Roaming\Steam.dll

========== Files - Modified Within 14 Days ==========

[2010.03.29 22:20:00 | 000,000,440 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E73809B7-42D2-46E2-AC36-0672233513F9}.job
[2010.03.29 22:19:06 | 009,175,040 | -HS- | M] () -- C:\Users\Turgut\ntuser.dat
[2010.03.29 22:00:01 | 000,000,534 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2010.03.29 21:44:13 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.03.29 21:29:45 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Turgut\Desktop\OTL.exe
[2010.03.29 21:02:58 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.29 21:02:58 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.29 20:55:41 | 000,150,430 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.03.29 19:09:50 | 001,418,806 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.03.29 19:09:50 | 000,618,204 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.03.29 19:09:50 | 000,586,980 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.03.29 19:09:50 | 000,122,636 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.03.29 19:09:50 | 000,101,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.03.29 19:03:19 | 000,150,430 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.03.29 19:03:11 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.03.29 19:03:07 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.03.29 19:02:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.03.29 19:01:36 | 000,524,288 | -HS- | M] () -- C:\Users\Turgut\ntuser.dat{cb3bdab4-15c2-11df-b80c-002268644e8b}.TMContainer00000000000000000001.regtrans-ms
[2010.03.29 19:01:36 | 000,065,536 | -HS- | M] () -- C:\Users\Turgut\ntuser.dat{cb3bdab4-15c2-11df-b80c-002268644e8b}.TM.blf
[2010.03.29 19:00:59 | 002,805,925 | -H-- | M] () -- C:\Users\Turgut\AppData\Local\IconCache.db
[2010.03.28 10:05:09 | 000,327,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.03.27 17:56:22 | 000,079,712 | ---- | M] () -- C:\Users\Turgut\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.03.27 12:20:25 | 000,310,984 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2010.03.27 12:20:23 | 000,042,696 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2010.03.26 15:40:31 | 000,001,588 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk
[2010.03.26 15:18:36 | 000,421,888 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe
[2010.03.25 23:08:13 | 000,000,638 | ---- | M] () -- C:\Users\Turgut\Desktop\Counter-Strike Source - Verknüpfung.lnk
[2010.03.25 17:53:11 | 000,001,807 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010.03.25 00:08:14 | 000,001,680 | ---- | M] () -- C:\Users\Turgut\Desktop\Defraggler.lnk
[2010.03.25 00:07:06 | 000,001,726 | ---- | M] () -- C:\Users\Turgut\Desktop\CCleaner.lnk
[2010.03.24 22:50:23 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.21 11:45:29 | 000,921,632 | ---- | M] () -- C:\PA7302.DAT
[2010.03.21 10:47:28 | 000,000,083 | ---- | M] () -- C:\Windows\CIV.INI
[2010.03.19 15:36:14 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2010.03.17 20:07:21 | 000,000,447 | ---- | M] () -- C:\Windows\win.ini

========== Files Created - No Company Name ==========

[2010.03.27 12:20:25 | 000,310,984 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2010.03.27 12:20:23 | 000,042,696 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2010.03.26 15:40:31 | 000,001,588 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk
[2010.03.25 23:08:13 | 000,000,638 | ---- | C] () -- C:\Users\Turgut\Desktop\Counter-Strike Source - Verknüpfung.lnk
[2010.03.25 17:55:25 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010.03.25 17:55:24 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2010.03.25 17:55:24 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2010.03.25 17:55:24 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2010.03.25 17:55:24 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2010.03.25 17:53:29 | 000,007,357 | ---- | C] () -- C:\Windows\SysNative\drivers\pctgntdi64.cat
[2010.03.25 17:53:19 | 000,007,353 | ---- | C] () -- C:\Windows\SysNative\drivers\pctcore64.cat
[2010.03.25 17:53:11 | 000,001,807 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010.03.25 17:53:03 | 000,007,353 | ---- | C] () -- C:\Windows\SysNative\drivers\pctplsg64.cat
[2010.03.25 17:52:58 | 000,012,986 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI4183.txt
[2010.03.25 17:52:57 | 000,367,252 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistMSI417A.txt
[2010.03.25 17:52:55 | 000,013,606 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI417A.txt
[2010.03.25 00:08:14 | 000,001,680 | ---- | C] () -- C:\Users\Turgut\Desktop\Defraggler.lnk
[2010.03.24 22:50:23 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.03.24 22:07:04 | 000,367,432 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistMSI35DC.txt
[2010.03.24 22:07:04 | 000,013,470 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI35DC.txt
[2010.03.24 22:07:04 | 000,012,850 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI35DD.txt
[2010.03.17 15:21:10 | 000,921,632 | ---- | C] () -- C:\PA7302.DAT
[2010.03.12 14:02:26 | 000,000,083 | ---- | C] () -- C:\Windows\CIV.INI
[2010.03.11 00:31:44 | 000,367,438 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistMSI5EB9.txt
[2010.03.11 00:31:44 | 000,015,162 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI5EB9.txt
[2010.03.10 22:58:13 | 000,406,064 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistMSI1723.txt
[2010.03.10 22:58:12 | 000,015,112 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI1723.txt
[2010.03.07 15:48:22 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\BReWErS.dll
[2010.03.07 13:45:30 | 000,370,626 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistMSI05B4.txt
[2010.03.07 13:45:29 | 000,011,474 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI05B4.txt
[2010.03.07 13:02:06 | 000,441,568 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistMSI6480.txt
[2010.03.07 13:02:06 | 000,011,714 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI6480.txt
[2010.03.06 18:34:35 | 000,000,088 | ---- | C] () -- C:\Windows\nfsc_patch.ini
[2010.02.10 22:00:26 | 000,093,696 | ---- | C] () -- C:\Users\Turgut\AppData\Roaming\ATI_disp.exe
[2010.02.10 21:28:01 | 000,404,326 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistMSI4663.txt
[2010.02.10 21:28:01 | 000,011,144 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI4663.txt
[2010.02.09 19:41:12 | 000,000,768 | ---- | C] () -- C:\Windows\SysWow64\Remover.ini
[2010.01.29 21:31:56 | 000,010,574 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI1FCA.txt
[2010.01.29 21:31:55 | 000,365,732 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistMSI1FC7.txt
[2010.01.29 21:31:55 | 000,011,162 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI1FC7.txt
[2010.01.29 21:24:22 | 000,010,654 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI1A00.txt
[2010.01.29 21:24:21 | 000,366,500 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistMSI19FC.txt
[2010.01.29 21:24:21 | 000,011,194 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI19FC.txt
[2010.01.29 21:04:12 | 000,355,648 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistMSI0A8A.txt
[2010.01.29 21:04:12 | 000,010,574 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI0A90.txt
[2010.01.29 21:04:10 | 000,011,418 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistUI0A8A.txt
[2009.12.29 21:47:58 | 000,026,624 | ---- | C] () -- C:\Users\Turgut\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.29 18:31:21 | 000,003,318 | ---- | C] () -- C:\Users\Turgut\AppData\Local\dd_vcredistMSI1E96.txt
[2009.12.24 12:36:04 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI
[2009.11.27 13:30:20 | 001,712,128 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2009.11.21 13:01:13 | 000,004,096 | ---- | C] () -- C:\Windows\SysWow64\drivers\nocashio.sys
[2009.11.11 00:00:10 | 000,000,028 | ---- | C] () -- C:\Windows\SysWow64\autoscan4.dll
[2009.11.10 22:28:00 | 001,073,152 | ---- | C] () -- C:\Windows\SysWow64\libmysql_c.dll
[2009.10.02 21:56:44 | 001,448,408 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.07.15 14:27:43 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.05.29 20:05:33 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.05.29 20:05:18 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.05.26 20:23:00 | 000,150,430 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.05.26 20:23:00 | 000,150,430 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.05.25 22:13:38 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.05.25 19:15:13 | 000,000,117 | ---- | C] () -- C:\Windows\wininit.ini
[2009.04.17 12:09:23 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2009.01.13 22:08:35 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\hidservice.ini
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007.03.20 17:44:02 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\SP7302.ini
[2006.10.27 14:52:34 | 000,000,518 | ---- | C] () -- C:\Windows\SysWow64\SP7311.ini
[1997.06.14 10:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll

========== LOP Check ==========

[2009.11.14 12:29:24 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\AeroSnapApp
[2010.02.14 19:04:58 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\Azureus
[2009.11.20 21:08:15 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\BitDefender
[2010.02.11 22:59:00 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\Canneverbe Limited
[2009.10.17 12:37:57 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\Canneverbe_Limited
[2009.12.26 13:35:04 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\Charles
[2010.02.24 23:14:34 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\DAEMON Tools Lite
[2009.11.11 00:16:02 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\DAEMON Tools Pro
[2010.03.29 22:14:04 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\DNA
[2010.02.28 16:42:26 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\Dreamlords
[2010.03.07 13:14:12 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\GetRightToGo
[2009.12.27 22:08:36 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\GrabPro
[2009.11.03 19:18:21 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\install
[2009.12.28 21:22:12 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\Leadertech
[2009.10.25 22:14:28 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\Mount&Blade
[2010.03.08 19:17:24 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\My Games
[2009.10.17 15:34:09 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\Nokia
[2010.01.24 20:36:47 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\Opera
[2009.12.28 00:54:43 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\Orbit
[2009.11.22 16:16:40 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\PC Suite
[2009.11.06 19:31:24 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\Sierra
[2010.02.10 22:02:32 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\Spy-Net
[2010.02.06 13:56:16 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\TeamViewer
[2010.03.20 21:22:03 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\TS3Client
[2009.10.17 17:36:46 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\TuneUp Software
[2010.03.13 11:00:59 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\Ubisoft
[2010.01.03 21:48:07 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\Uniblue
[2010.03.26 23:23:45 | 000,000,000 | ---D | M] -- C:\Users\Turgut\AppData\Roaming\uTorrent
[2010.03.29 22:00:01 | 000,000,534 | ---- | M] () -- C:\Windows\Tasks\1-Klick-Wartung.job
[2010.03.29 19:01:26 | 000,032,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.03.29 22:20:00 | 000,000,440 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E73809B7-42D2-46E2-AC36-0672233513F9}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.01.21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009.04.11 00:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Driver Backup 6-11-2009-134253\IDE-Kanal#1\atapi.sys
[2009.04.11 00:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Driver Backup 6-11-2009-134253\IDE-Kanal\atapi.sys
[2009.04.11 00:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Driver Backup 6-11-2009-134253\Standard-Zweikanal-PCI-IDE-Controller\atapi.sys
[2009.04.11 00:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Driver Backup 6-11-2009-143942\IDE-Kanal#1\atapi.sys
[2009.04.11 00:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Driver Backup 6-11-2009-143942\IDE-Kanal\atapi.sys
[2009.04.11 00:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Driver Backup 6-11-2009-143942\Standard-Zweikanal-PCI-IDE-Controller\atapi.sys
[2009.04.11 00:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2008.01.21 04:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.10 23:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 00:11:18 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.21 04:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 04:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 04:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.10 23:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 00:11:24 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

========== Alternate Data Streams ==========

@Alternate Data Stream - 287 bytes -> C:\ProgramData\TEMPFC5A2B2
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:671329E4
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
< End of report >

Alt 30.03.2010, 14:26   #22
Larusso
/// Selecta Jahrusso
 
fehler meldungen mit .exe datein - Standard

fehler meldungen mit .exe datein


Hm, ich finde da jz nichts.

schritt 1
Update Malwarebytes und lass es erneut laufen.


schritt 2
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
  • Unterstützte Betriebssysteme: Microsoft Windows 98/ME/NT 4.0/2000/XP und Windows Vista
  • Anmerkung für Vista-User: Bitte den Browser unbedingt als Administrator starten.
  • Dein Anti-Virus-Programm während des Scans deaktivieren.
  • Button "ESET Online Scanner" drücken.
  • Firefox-User müssen ein zusätzliches Addon (esetsmartinstaller_enu.exe) installieren.
  • Das Firefox-Addon auf dem Desktop speichern und dann installieren.
  • IE-User müssen das Installieren eines ActiveX Elements erlauben.
  • Einen Haken bei "Remove found threads" und "Scan archives" machen.
  • Start drücken.
  • Signaturen werden heruntergeladen.
  • Der Scan beginnt automatisch.
  • Finish drücken.
  • Browser schließen.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt suchen und mit Deinem Editor öffnen.
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset
  • IE-User zusätzlich: mit HJT folgenden Eintrag fixen:
  • O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control)
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie
Antwort
Seite 2 von 2 1 2

Themen zu fehler meldungen mit .exe datein
.exe datei, adobe, antivirus, autorun, avast, avast!, bho, cs3, explorer, fehler, firefox, free download, google, gupdate, hijack, hijackthis, internet, internet explorer, local\temp, mozilla, object, packard bell, pando media booster, plug-in, programdata, reagiert nicht, rundll, safer networking, security, senden, software, spyware, spyware terminator, system, syswow64, temp, vista, windows


« AVG 9.0 meldet ... | HJJACK FILES. nach USER PROTECTION DEINSTALLATION »


Ähnliche Themen: fehler meldungen mit .exe datein


  1. Firewall nicht aktiverbar Fehler 0x6D9 + Wlan symbol fehler
    Plagegeister aller Art und deren Bekämpfung - 27.07.2015 (11)
  2. Schwieriger Fehler! Pc sehr langsam bei sache und vermuteter Hardware fehler?
    Alles rund um Windows - 18.02.2014 (2)
  3. Windows 7 HP: Firewall Fehler Code : 0x6D9 und Rundll Fehler beim Start
    Log-Analyse und Auswertung - 23.09.2013 (22)
  4. datein von busa
    Mülltonne - 21.05.2013 (8)
  5. BSI Trojaner februar 2013, datein verschlüsselt mögliche rettung der Datein
    Log-Analyse und Auswertung - 25.02.2013 (9)
  6. NetLoc.wlt fehler nach FEHLER Win XP Anmeldung direkt danach Abmeldung
    Plagegeister aller Art und deren Bekämpfung - 23.01.2013 (1)
  7. Ist mein System noch sicher? Häufige Antivir-(Fehler?)Meldungen
    Log-Analyse und Auswertung - 22.12.2011 (16)
  8. PDF Datein öffnen?
    Netzwerk und Hardware - 19.07.2011 (3)
  9. Fehler Meldungen,Seiten lassen sich nicht öffnen,Task Manager geht nicht
    Plagegeister aller Art und deren Bekämpfung - 22.02.2011 (1)
  10. Es kommt die ganze zeit fehler Meldungen!!!
    Mülltonne - 21.03.2008 (1)
  11. MSN Verschickt *****.com.zip datein
    Log-Analyse und Auswertung - 16.10.2007 (5)
  12. HJT cross check / eScan Meldungen (35 fehler / 12 Viren)
    Log-Analyse und Auswertung - 06.09.2007 (1)
  13. Habe dauernd Fehler Meldungen nach neu inst. Viren oder ein anderer fehler ???
    Plagegeister aller Art und deren Bekämpfung - 07.05.2007 (17)
  14. Datein umbennen
    Alles rund um Windows - 02.02.2007 (3)
  15. Beim hochfahren und runterfahren fehler meldungen
    Log-Analyse und Auswertung - 31.03.2006 (8)
  16. temp Datein
    Alles rund um Windows - 01.02.2005 (2)
  17. Win Datein fehlen
    Alles rund um Windows - 01.09.2004 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema fehler meldungen mit .exe datein - danke arne. - fehler meldungen mit .exe datein...
Archiv
Du betrachtest: fehler meldungen mit .exe datein auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55