Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Internet Explorer und co öffnet ständig Seiten

Internet Explorer und co öffnet ständig Seiten


Log-Analyse und Auswertung: Internet Explorer und co öffnet ständig Seiten

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 06.06.2010, 13:32   #1
Bianca28
 
Internet Explorer und co öffnet ständig Seiten - Standard

Internet Explorer und co öffnet ständig Seiten


und der andere. Ich mach auch gleich was du grad gesagt hast.

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 06.06.2010 14:26:03 - Run 2
OTL by OldTimer - Version 3.2.5.3     Folder = C:\Users\bianca\Desktop\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 50,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 9,38 Gb Free Space | 12,59% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 73,06 Gb Total Space | 28,99 Gb Free Space | 39,69% Space Free | Partition Type: NTFS
Drive F: | 612,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: BIANCAS-PC
Current User Name: bianca
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\bianca\Desktop\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
PRC - C:\Programme\IncrediMail\bin\ImApp.exe (IncrediMail, Ltd.)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programme\Google\Update\1.2.183.23\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avcenter.exe (Avira GmbH)
PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - E:\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Synaptics\SynTP\SynToshiba.exe (Synaptics, Inc.)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\WEB.DE\WEB.DE SmartSurfer\SmurfService.exe (United Internet AG)
PRC - C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Programme\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Windows\vsnp325.exe ()
PRC - C:\Windows\tsnp325.exe ()
PRC - C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\Utilities\KeNotify.exe ()
PRC - C:\Windows\Pixart\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
PRC - C:\Windows\System32\BrmfRsmg.exe (Brother Industries, Ltd.)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\bianca\Desktop\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll (Microsoft Corporation)
MOD - C:\Windows\System32\WindowsCodecs.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll (Microsoft Corporation)
MOD - C:\Programme\Common Files\microsoft shared\ink\tiptsf.dll (Microsoft Corporation)
MOD - C:\Windows\System32\SLC.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msshsq.dll (Microsoft Corporation)
MOD - C:\Windows\System32\mssprxy.dll (Microsoft Corporation)
MOD - C:\Windows\System32\EhStorShell.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cscapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\rsaenh.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - E:\Office12\GrooveUtil.dll (Microsoft Corporation)
MOD - E:\Office12\GrooveSystemServices.dll (Microsoft Corporation)
MOD - E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
MOD - E:\Office12\GrooveNew.dll (Microsoft Corporation)
MOD - C:\Windows\System32\thumbcache.dll (Microsoft Corporation)
MOD - C:\Windows\System32\duser.dll (Microsoft Corporation)
MOD - C:\Windows\System32\actxprxy.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (TOSHIBA Bluetooth Service) --  File not found
SRV - (Automatisches LiveUpdate - Scheduler) --  File not found
SRV - (GameConsoleService) -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- E:\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (SmartSurferManager) -- C:\Program Files\WEB.DE\WEB.DE SmartSurfer\SmurfService.exe (United Internet AG)
SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (CFSvcs) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (brmfrsmg) -- C:\Windows\System32\BrmfRsmg.exe (Brother Industries, Ltd.)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (AF15BDA) -- C:\Windows\System32\drivers\AF15BDA.sys (AfaTech                  )
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (mf) -- C:\Windows\System32\drivers\mf.sys (Microsoft Corporation)
DRV - (SVKP) -- C:\Windows\System32\SVKP.sys (AntiCracking)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (PAC7302) -- C:\Windows\System32\drivers\PAC7302.SYS (PixArt Imaging Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (SNP325) USB PC Camera (SNPSTD325) -- C:\Windows\System32\drivers\snp325.sys (Sonix Co. Ltd.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (motmodem) -- C:\Windows\System32\drivers\motmodem.sys (Motorola)
DRV - (motccgp) -- C:\Windows\System32\drivers\motccgp.sys (Motorola)
DRV - (CplIR) -- C:\Windows\system32\DRIVERS\CplIR.SYS (COMPAL ELECTRONIC INC.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
DRV - (motccgpfl) -- C:\Windows\System32\drivers\motccgpfl.sys (Motorola)
DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
DRV - (MotoSwitchService) -- C:\Windows\System32\drivers\motswch.sys (Motorola)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrUsbScn) Brother MFC-Scannertreiber (USB) -- C:\Windows\System32\drivers\BrUsbScn.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) Brother WDM-Treiber (seriell) -- C:\Windows\System32\drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) Brother MFC-nur-Fax-Modem (USB) -- C:\Windows\System32\drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (brfilt) -- C:\Windows\System32\drivers\BrFilt.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV - (sfsync02) StarForce Protection Synchronization Driver (version 2.x) -- C:\Windows\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://alice.aol.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://msn.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 E6 7D F0 A5 F6 CA 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Google Powered Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://go.microsoft.com/fwlink/?LinkId=69157"
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: quickstores@quickstores.de:1.0.0
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.11.19 15:48:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010.03.06 10:02:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.03 09:55:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.30 20:09:08 | 000,000,000 | ---D | M]
 
[2008.06.18 19:01:52 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\mozilla\Extensions
[2010.06.05 19:56:52 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\mozilla\Firefox\Profiles\fgkslinf.default\extensions
[2010.04.28 19:37:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\bianca\AppData\Roaming\mozilla\Firefox\Profiles\fgkslinf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.31 13:10:14 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\bianca\AppData\Roaming\mozilla\Firefox\Profiles\fgkslinf.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2009.10.26 10:12:55 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\mozilla\Firefox\Profiles\fgkslinf.default\extensions\anycolor.pavlos256@gmail.com
[2009.09.07 18:05:26 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\mozilla\Firefox\Profiles\fgkslinf.default\extensions\moveplayer@movenetworks.com
[2010.04.14 09:36:01 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\mozilla\Firefox\Profiles\fgkslinf.default\extensions\personas@christopher.beard
[2010.03.31 14:05:27 | 000,000,903 | ---- | M] () -- C:\Users\bianca\AppData\Roaming\Mozilla\FireFox\Profiles\fgkslinf.default\searchplugins\conduit.xml
[2008.12.12 20:23:54 | 000,002,158 | ---- | M] () -- C:\Users\bianca\AppData\Roaming\Mozilla\FireFox\Profiles\fgkslinf.default\searchplugins\MySpace.xml
[2010.06.05 19:56:52 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.06.02 18:46:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.06.02 21:20:19 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\quickstores@quickstores.de
[2010.06.02 18:45:23 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.03.12 15:17:29 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.12 15:17:29 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.12 15:17:29 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.12 15:17:29 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.12 15:17:29 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Programme\Vuze_Remote\tbVuze.dll (Conduit Ltd.)
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [GrooveMonitor] E:\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe File not found
O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup]  File not found
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe File not found
O4 - HKLM..\Run: [KeNotify] C:\Programme\TOSHIBA\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NDSTray.exe]  File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\Windows\Pixart\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe File not found
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [snp325] C:\Windows\vsnp325.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [tsnp325] C:\Windows\tsnp325.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [MSServer] C:\Users\bianca\AppData\Local\Temp\efcBusQh.DLL File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Users\bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Die Siedler II - Die nächste Generation.LNK = C:\Program Files\Ubisoft\Funatics\Die Siedler II - Die nächste Generation\bin\RegistrationReminder.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - E:\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\bianca\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O24 - Desktop BackupWallPaper: C:\Users\bianca\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006.08.23 15:07:39 | 000,778,240 | R--- | M] (Funatics Studio alpha Ltd. & Co. KG) - F:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2006.07.17 15:52:00 | 000,000,068 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{bc85d363-b254-11dc-8fdf-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bc85d363-b254-11dc-8fdf-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2006.08.23 15:07:39 | 000,778,240 | R--- | M] (Funatics Studio alpha Ltd. & Co. KG)
O33 - MountPoints2\{c0ab97d1-d48b-11dc-977f-001b38ab7ce6}\Shell - "" = AutoRun
O33 - MountPoints2\{c0ab97d1-d48b-11dc-977f-001b38ab7ce6}\Shell\AutoRun\command - "" = D:\autorun.exe -- File not found
O33 - MountPoints2\{c0ab97db-d48b-11dc-977f-001b38ab7ce6}\Shell - "" = AutoRun
O33 - MountPoints2\{c0ab97db-d48b-11dc-977f-001b38ab7ce6}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.06.06 13:06:31 | 000,000,000 | ---D | C] -- C:\Users\bianca\AppData\Roaming\Malwarebytes
[2010.06.06 13:05:38 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.06.06 13:05:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.06.06 13:05:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.06.06 13:05:33 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.06.03 11:54:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TASKMGR.COM
[2010.06.03 11:54:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\T.COM
[2010.06.03 11:54:38 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\REGEDIT.COM
[2010.06.03 11:54:38 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\R.COM
[2010.06.02 21:41:29 | 000,000,000 | ---D | C] -- C:\Windows\VDLL.DLL
[2010.06.02 21:41:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\runouce.exe
[2010.06.02 21:41:29 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE
[2010.06.02 21:41:29 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2010.06.02 21:38:32 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2010.06.02 21:38:31 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2010.06.02 21:38:30 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\System32\eEmpty.exe
[2010.06.02 21:38:26 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\MicroWorld
[2010.06.02 21:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2010.06.02 21:20:18 | 000,000,000 | ---D | C] -- C:\Users\bianca\AppData\Roaming\QuickStoresToolbar
[2010.06.02 21:20:16 | 000,000,000 | ---D | C] -- C:\Programme\ClearProg
[2010.06.02 20:55:04 | 000,000,000 | ---D | C] -- C:\Users\bianca\AppData\Roaming\Avira
[2010.06.02 18:45:57 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.06.02 18:45:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.06.02 18:45:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.06.02 18:16:19 | 000,000,000 | ---D | C] -- C:\Users\bianca\Documents\Settlers7
[2010.06.02 17:39:15 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010.06.02 17:39:14 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010.06.02 17:39:14 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010.06.02 17:39:13 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010.06.02 17:39:13 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.06.02 17:39:13 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010.06.02 17:39:11 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.06.02 17:39:10 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.06.02 17:39:10 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010.06.02 17:39:10 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010.06.02 17:39:09 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010.06.02 17:39:09 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010.06.02 17:39:09 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010.06.02 17:39:09 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010.06.02 17:39:09 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.06.02 17:39:09 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010.06.02 17:39:08 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010.06.02 17:39:08 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010.06.02 17:39:08 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010.06.02 17:39:07 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010.06.02 17:39:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010.06.02 17:39:07 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010.06.02 17:39:07 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010.06.02 17:39:07 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010.06.02 17:39:06 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010.06.02 17:39:06 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010.06.02 17:39:06 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010.06.01 15:48:56 | 000,000,000 | ---D | C] -- C:\Users\bianca\AppData\Local\S2
[2010.06.01 14:44:27 | 000,000,000 | ---D | C] -- C:\Programme\Ubisoft
[2010.05.31 21:13:47 | 000,000,000 | ---D | C] -- C:\Programme\Games
[2010.05.30 20:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.05.28 19:25:35 | 000,000,000 | ---D | C] -- C:\ProgramData\FarmFrenzy3_Russia
[2010.05.28 19:25:02 | 000,000,000 | ---D | C] -- C:\Programme\Alawar Entertainment
[2010.05.26 10:46:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.05.16 20:14:53 | 000,000,000 | ---D | C] -- C:\Programme\bigup16
[2010.05.16 16:09:52 | 000,000,000 | ---D | C] -- C:\ProgramData\FarmFrenzy3
[2010.05.16 16:09:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AlawarWrapper
[2010.05.16 16:09:47 | 000,000,000 | ---D | C] -- C:\ProgramData\AlawarWrapper
[2010.05.16 12:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\FarmFrenzy-PizzaParty
[2010.05.10 12:51:41 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Microsoft Games
[2010.05.09 23:18:12 | 000,000,000 | ---D | C] -- C:\Users\bianca\AppData\Roaming\Microsoft Games
[2010.05.09 23:18:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Games
[2008.01.19 17:58:34 | 000,147,456 | ---- | C] ( ) -- C:\Windows\System32\rsnp325.dll
[2008.01.19 17:58:34 | 000,057,344 | ---- | C] ( ) -- C:\Windows\System32\vsnp325.dll
[2008.01.19 17:58:34 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp325.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.06.06 14:20:33 | 005,767,168 | -HS- | M] () -- C:\Users\bianca\NTUSER.DAT
[2010.06.06 14:06:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.06 13:38:23 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.06.06 13:35:58 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.06.06 13:35:55 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.06 13:35:55 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.06 13:35:54 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.06 13:35:52 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.06 13:35:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.06 13:34:08 | 000,524,288 | -HS- | M] () -- C:\Users\bianca\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.06.06 13:34:08 | 000,065,536 | -HS- | M] () -- C:\Users\bianca\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.06.06 13:33:31 | 000,004,616 | ---- | M] () -- C:\Users\bianca\AppData\Local\mutbihpv_navps.dat
[2010.06.06 13:33:19 | 003,656,409 | -H-- | M] () -- C:\Users\bianca\AppData\Local\IconCache.db
[2010.06.06 13:33:00 | 000,003,442 | ---- | M] () -- C:\Users\bianca\AppData\Local\mutbihpv.dat
[2010.06.06 13:05:41 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.06 10:39:20 | 000,000,092 | ---- | M] () -- C:\Users\bianca\AppData\Local\ecmkjc.bat
[2010.06.04 19:24:50 | 000,000,680 | ---- | M] () -- C:\Users\bianca\AppData\Local\d3d9caps.dat
[2010.06.04 00:27:13 | 000,242,503 | ---- | M] () -- C:\Users\bianca\AppData\Local\mutbihpv_nav.dat
[2010.06.03 17:36:33 | 000,493,613 | ---- | M] () -- C:\Users\bianca\Documents\pinfect.zip
[2010.06.03 11:55:09 | 000,000,052 | ---- | M] () -- C:\Windows\Lic.xxx
[2010.06.02 21:38:31 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2010.06.02 21:38:30 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2010.06.02 21:38:29 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\System32\eEmpty.exe
[2010.06.02 21:20:19 | 000,000,187 | ---- | M] () -- C:\Users\bianca\Desktop\QuickStores.url
[2010.06.02 21:20:16 | 000,000,821 | ---- | M] () -- C:\Users\Public\Desktop\ClearProg.lnk
[2010.06.02 18:45:21 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.06.02 18:45:21 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.06.02 18:45:21 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.06.02 18:45:21 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.06.01 14:46:29 | 000,001,519 | ---- | M] () -- C:\Users\bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Die Siedler II - Die nächste Generation.LNK
[2010.05.31 21:13:51 | 000,002,010 | ---- | M] () -- C:\Users\bianca\Desktop\Farm Frenzy Pizza Party.lnk
[2010.05.30 20:06:43 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.05.28 19:25:12 | 000,001,226 | ---- | M] () -- C:\Users\bianca\Desktop\Farm Frenzy 3 Russian Roulette.lnk
[2010.05.24 23:36:55 | 001,418,612 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.24 23:36:55 | 000,618,442 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.05.24 23:36:55 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.24 23:36:55 | 000,122,648 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.05.24 23:36:55 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.24 23:12:29 | 000,082,944 | ---- | M] () -- C:\Users\bianca\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.21 11:12:45 | 000,002,078 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.05.16 20:15:30 | 000,001,272 | ---- | M] () -- C:\Users\bianca\Desktop\Diner Dash 5 Boom Collector's Edition.lnk
[2010.05.10 15:25:28 | 000,000,575 | ---- | M] () -- C:\Windows\win.ini
[2010.05.10 13:01:21 | 000,001,019 | ---- | M] () -- C:\Users\bianca\Desktop\Spielen.lnk
[2010.05.09 18:01:07 | 000,001,638 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.06.06 13:05:41 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.03 11:52:41 | 000,493,613 | ---- | C] () -- C:\Users\bianca\Documents\pinfect.zip
[2010.06.02 21:39:16 | 000,000,052 | ---- | C] () -- C:\Windows\Lic.xxx
[2010.06.02 21:38:30 | 000,000,522 | ---- | C] () -- C:\Windows\System32\Microsoft.VC80.CRT.manifest
[2010.06.02 21:20:19 | 000,000,187 | ---- | C] () -- C:\Users\bianca\Desktop\QuickStores.url
[2010.06.02 21:20:16 | 000,000,821 | ---- | C] () -- C:\Users\Public\Desktop\ClearProg.lnk
[2010.06.02 14:13:28 | 000,242,503 | ---- | C] () -- C:\Users\bianca\AppData\Local\mutbihpv_nav.dat
[2010.06.02 14:13:28 | 000,004,616 | ---- | C] () -- C:\Users\bianca\AppData\Local\mutbihpv_navps.dat
[2010.06.02 14:13:28 | 000,003,442 | ---- | C] () -- C:\Users\bianca\AppData\Local\mutbihpv.dat
[2010.06.01 14:46:29 | 000,001,519 | ---- | C] () -- C:\Users\bianca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Die Siedler II - Die nächste Generation.LNK
[2010.05.31 21:13:51 | 000,002,010 | ---- | C] () -- C:\Users\bianca\Desktop\Farm Frenzy Pizza Party.lnk
[2010.05.30 20:06:43 | 000,001,976 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.05.28 19:25:12 | 000,001,226 | ---- | C] () -- C:\Users\bianca\Desktop\Farm Frenzy 3 Russian Roulette.lnk
[2010.05.21 11:12:45 | 000,002,078 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.05.16 20:15:30 | 000,001,272 | ---- | C] () -- C:\Users\bianca\Desktop\Diner Dash 5 Boom Collector's Edition.lnk
[2010.05.10 13:01:21 | 000,001,019 | ---- | C] () -- C:\Users\bianca\Desktop\Spielen.lnk
[2010.01.28 20:41:23 | 000,307,200 | ---- | C] () -- C:\Windows\System32\AscSQLite.dll
[2009.10.05 11:44:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.11.06 18:34:00 | 000,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008.07.19 17:47:14 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.05.30 08:44:21 | 000,042,982 | ---- | C] () -- C:\Windows\System32\pddsladp.dll
[2008.04.16 17:35:01 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2008.02.26 12:28:46 | 000,000,027 | ---- | C] () -- C:\Windows\BRMFBIDI.INI
[2008.02.06 10:14:24 | 000,611,064 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008.02.06 10:14:24 | 000,142,904 | ---- | C] () -- C:\Windows\System32\drivers\sptddrv1.sys
[2008.01.30 17:58:52 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008.01.30 17:58:52 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008.01.19 17:58:34 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini
[2007.12.30 19:56:01 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP7302.INI
[2007.12.29 13:56:37 | 000,000,008 | RHS- | C] () -- C:\Windows\System32\CE6AF3E6A1.sys
[2007.12.27 12:16:36 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.12.25 02:18:30 | 000,278,728 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2007.12.25 02:18:30 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2007.07.12 10:54:33 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.07.12 10:26:24 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2007.04.16 08:35:21 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.04.16 08:02:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007.04.16 07:26:26 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007.04.16 07:26:26 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007.04.16 07:26:26 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007.04.16 07:26:26 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007.04.16 07:23:35 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007.04.16 06:38:28 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1227.dll
[2007.03.26 10:45:18 | 000,071,208 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2007.02.20 14:59:08 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.02.20 14:59:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.02.20 14:59:04 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2006.12.05 13:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.11.23 14:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005.07.22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2004.03.30 09:15:02 | 000,051,200 | ---- | C] () -- C:\Windows\System32\ThriXXX010205PNG.dll
[2004.03.30 09:15:01 | 000,056,832 | ---- | C] () -- C:\Windows\System32\ThriXXX015003JP2.dll
[2004.03.30 09:15:01 | 000,023,040 | ---- | C] () -- C:\Windows\System32\ThriXXX010104Z.dll
[2003.05.23 12:08:52 | 000,107,008 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2003.05.23 12:08:52 | 000,020,992 | ---- | C] () -- C:\Windows\System32\ogg.dll
 
========== LOP Check ==========
 
[2008.12.10 14:17:04 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\.wyzo
[2008.11.21 19:11:29 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Ancient Quest of Saqqarah_msn
[2010.06.02 19:58:40 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Azureus
[2009.01.23 20:18:23 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\BeachPartyCraze
[2009.04.05 17:37:09 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Boolat Games
[2007.12.25 01:56:35 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\DesktopSMS
[2009.10.29 15:19:31 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\FILEminimizerPictures
[2008.11.13 22:07:53 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Flood Light Games
[2008.04.24 21:18:00 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Gaijin Ent
[2009.03.09 22:48:57 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Gamelab
[2009.03.12 13:44:01 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Go Go Gourmet
[2008.11.12 16:03:55 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Go-Go Gourmet Chef of the Year
[2010.05.30 20:09:40 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\ICQ
[2009.01.12 19:11:58 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\iWin
[2008.07.28 10:49:39 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\LimeWire
[2008.06.01 13:10:20 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Meridian93
[2009.04.09 14:44:24 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\My Games
[2009.03.20 18:45:52 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\MysteryStudio
[2009.01.11 18:05:32 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Oberon Games
[2007.12.25 13:34:49 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\PeerNetworking
[2009.01.12 22:34:17 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\PetShowCraze
[2010.05.16 20:15:44 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\PlayFirst
[2009.01.25 00:02:31 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Pogo Games
[2010.06.02 21:20:19 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\QuickStoresToolbar
[2009.01.02 12:50:02 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Sandlot Games
[2008.05.17 20:54:09 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Sierra Entertainment
[2008.11.07 21:15:46 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\SmartSurfer
[2007.12.30 22:07:19 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\SoundSpectrum
[2007.12.25 00:31:23 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Toshiba
[2010.03.31 13:25:20 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\uTorrent
[2008.11.27 21:01:22 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Valusoft
[2009.01.25 22:31:32 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\ViquaSoft
[2010.03.31 13:42:21 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\WEB.DE
[2008.01.09 16:42:01 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\WEBDE
[2010.03.14 17:08:06 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Wild Tangent
[2009.03.20 17:52:24 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\WildTangent
[2008.06.03 09:37:14 | 000,000,000 | ---D | M] -- C:\Users\bianca\AppData\Roaming\Zylom
[2010.06.06 13:34:30 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:51387F29
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:3B3A35EC
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:05816AFA
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:753B0F80
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:3AE22B1A
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:38849DE5
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:965253AF
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:E98C5DD9
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:E54FA796
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:41099CE9
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:273A8657
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:61E5F0F7
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E1982A23
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:4D066AD2
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:87FA5E8A
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:37CE0F2E
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:F65733F1
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:8EEE3BBB
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:765C6A14
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:DAFD38AE
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:92D18A5E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:0207454C
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:45FE2B4E
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:A42A9F39
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:3447AB86
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:A94968B5
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:1CB8D545
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:F50F1555
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:8C458D50
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:20DB61D6
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:18AE7C5A
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:A73B0434
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:E1F04E8D
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:1D6686D8
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:C4A1F01E
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:D26DD363
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:26C3D553
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:997E6AF4
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:588B60C7
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:5EBA4934
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:33A7CC67
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:E71141D2
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D88D995C
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:5216CD26
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:B14B4A95
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:74699137
< End of report >
--- --- ---
Alt 06.06.2010, 13:52   #2
MalwareHero
 
Internet Explorer und co öffnet ständig Seiten - Standard

Internet Explorer und co öffnet ständig Seiten


Zitat:
Zitat von Bianca28 Beitrag anzeigen
und der andere. Ich mach auch gleich was du grad gesagt hast.
um in den abgesicherten Modus zu kommen musst du offline gehen und beim Reboot dir F8 taste drücken. wird auch in der anleitung beschrieben. (abgesicherter modus ohne netzwerkverbindung/treiber)

-----------------
__________________

__________________
Antwort

Themen zu Internet Explorer und co öffnet ständig Seiten
adware, antivir, antivirus, avira, browser, c:\windows\system32\rundll32.exe, clean.bat, desktop, error, firefox, installation, internet, internet explorer, load.exe, local\temp, log file, pop ups, problem, programdata, programm, registry, registry key, rundll, software, spielen, sptd.sys, spyware, start menu, svchost.exe, symantec, system, virus, vista, windows


« Systemabstürze - Blackscreen - Windwos7 Build 7600 | GMER Scan Windows 7 Rootkit auf meinem PC? »


Ähnliche Themen: Internet Explorer und co öffnet ständig Seiten


  1. Chrome und Internet Explorer öffnen ständig neue Seiten
    Plagegeister aller Art und deren Bekämpfung - 17.01.2015 (5)
  2. Internet Explorer öffnet sich ständig
    Plagegeister aller Art und deren Bekämpfung - 09.08.2013 (9)
  3. Internet Explorer öffnet ständig Werbefenster
    Log-Analyse und Auswertung - 23.10.2012 (16)
  4. Internet Explorer öffnet sich ständig
    Plagegeister aller Art und deren Bekämpfung - 06.01.2011 (4)
  5. Trojaner öffnen ständig Seiten/Werbung über den Internet Explorer
    Plagegeister aller Art und deren Bekämpfung - 06.11.2010 (34)
  6. Explorer öffnet ständig seiten -> hier HiJack Protokoll
    Log-Analyse und Auswertung - 09.06.2010 (8)
  7. Internet Explorer öffnet ständig Werbung?!?
    Log-Analyse und Auswertung - 02.05.2010 (19)
  8. internet explorer öffnet ständig werbungen
    Plagegeister aller Art und deren Bekämpfung - 08.02.2010 (3)
  9. Internet Explorer öffnet sich ständig
    Log-Analyse und Auswertung - 02.02.2010 (1)
  10. Internet Explorer öffnet sich ständig!
    Log-Analyse und Auswertung - 04.12.2009 (1)
  11. Internet Explorer öffnet ständig Werbung
    Plagegeister aller Art und deren Bekämpfung - 03.06.2009 (6)
  12. internet explorer öffnet ständig werbung
    Log-Analyse und Auswertung - 26.04.2009 (13)
  13. Internet Explorer öffnet sich ständig
    Mülltonne - 02.09.2008 (0)
  14. Internet explorer öffnet ständig Werbung
    Plagegeister aller Art und deren Bekämpfung - 01.07.2008 (5)
  15. Internet Explorer öffnet ständig Werbefenster!
    Log-Analyse und Auswertung - 30.11.2007 (1)
  16. Internet Explorer öffnet ständig falsche Seiten
    Log-Analyse und Auswertung - 18.10.2007 (7)
  17. Internet Explorer öffnet ständig Werbung?!?
    Log-Analyse und Auswertung - 22.12.2006 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Internet Explorer und co öffnet ständig Seiten - und der andere. Ich mach auch gleich was du grad gesagt hast. OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 06.06.2010 14:26:03 - Run 2 OTL by - Internet Explorer und co öffnet ständig Seiten...
Archiv
Du betrachtest: Internet Explorer und co öffnet ständig Seiten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131