Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Und wieder mal Tabs mit Werbung - Trojaner Generic17.CNOG

Und wieder mal Tabs mit Werbung - Trojaner Generic17.CNOG


Log-Analyse und Auswertung: Und wieder mal Tabs mit Werbung - Trojaner Generic17.CNOG

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 09.06.2010, 21:02   #1
HH_Jack
 
Und wieder mal Tabs mit Werbung - Trojaner Generic17.CNOG - Standard

Und wieder mal Tabs mit Werbung - Trojaner Generic17.CNOG


Hallo,

es scheint ja momentan umzugehen das Problem:
Bei mir öffnen sich im Firefox in unregelmäßigen Abständen neue Tabs, die verschiedenen Seiten laden. Zudem war nach einen Neustart plötzlich ein Teil meiner Desktopicons weg und mein Soundtreiber ist auch abhanden gekommen.

Ein Virenscan mit AntiVir hat den Trojaner Generic17.CNOG bei C:\Windows\Temp\hjsr.tmp\svchost.exe gefunden. Dieser lies sich aber nicht in Quarantäne verschieben und tauchte noch ein Paar mal während dem Scan auf.

Ich habe HijackThis laufen lassen, danach Malwarebytes und schlussendlich habe ich OTL laufen lassen. Hier die Protokolle:

HiJackThis
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:57:41, on 09.06.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Virus\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.quotenmeter.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer bereitgestellt von Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [dscactivate] c:\dell\dsca.exe 3
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTXFIREG] CTxfiReg.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask .exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Hama Wireless LAN Utility.lnk = C:\Program Files\Hama\Common\RaUI.exe
O8 - Extra context menu item: Alles mit FDM herunterladen - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Datei mit FDM herunterladen - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Videos mit FDM herunterladen - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - hxxp://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - hxxp://www.navigram.com/engine/v911/Navigram.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - hxxp://www.creative.com/su/ocx/15030/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC7234AD-CCEB-4883-8770-5B5E681E0370}: NameServer = 192.168.2.1,145.253.2.11
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: AVGRSSTX.DLL C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL1 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Unknown owner - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Hama\Common\RalinkRegistryWriter.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
Malwarebytes Log:
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4183

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

09.06.2010 19:39:47
mbam-log-2010-06-09 (19-39-47).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 131306
Laufzeit: 5 Minute(n), 20 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ewrgetuj (Worm.Prolaco.M) -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
OTL.txt:
Code:
ATTFilter
OTL logfile created on: 09.06.2010 21:08:42 - Run 1
OTL by OldTimer - Version 3.2.6.0     Folder = C:\Windows\system32\config\systemprofile\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 49,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): c:\pagefile.sys 4000 5500 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,04 Gb Total Space | 30,82 Gb Free Space | 10,70% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,09 Gb Free Space | 60,88% Space Free | Partition Type: NTFS
Drive E: | 6,38 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: SVEN-PC
Current User Name: Sven
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Windows\System32\config\systemprofile\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Programme\Hama\Common\RalinkRegistryWriter.exe (Ralink Technology, Corp.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Windows\System32\config\systemprofile\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (GoogleDesktopManager-110309-193829) --  File not found
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (CTAudSvcService) -- C:\Programme\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (RalinkRegistryWriter) -- C:\Programme\Hama\Common\RalinkRegistryWriter.exe (Ralink Technology, Corp.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Creative ALchemy AL1 Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe (Creative Labs)
SRV - (WLSetupSvc) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe ()
SRV - (usnjsvc) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (AvgTdiX) -- C:\Windows\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\Windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\Windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ha20x2k) -- C:\Windows\System32\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\Windows\System32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\Windows\System32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\Windows\System32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\Windows\System32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\System32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\Windows\System32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTEXFIFX.SYS) -- C:\Windows\System32\drivers\CTEXFIFX.SYS (Creative Technology Ltd.)
DRV - (CTEXFIFX) -- C:\Windows\System32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTHWIUT.SYS) -- C:\Windows\System32\drivers\CTHWIUT.SYS (Creative Technology Ltd.)
DRV - (CTHWIUT) -- C:\Windows\System32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT.SYS) -- C:\Windows\System32\drivers\CT20XUT.SYS (Creative Technology Ltd.)
DRV - (CT20XUT) -- C:\Windows\System32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (s816mdm) -- C:\Windows\System32\drivers\s816mdm.sys (MCCI Corporation)
DRV - (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s816mgmt.sys (MCCI Corporation)
DRV - (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM) -- C:\Windows\System32\drivers\s816unic.sys (MCCI)
DRV - (s816obex) -- C:\Windows\System32\drivers\s816obex.sys (MCCI Corporation)
DRV - (s816nd5) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS) -- C:\Windows\System32\drivers\s816nd5.sys (MCCI Corporation)
DRV - (s816mdfl) -- C:\Windows\System32\drivers\s816mdfl.sys (MCCI Corporation)
DRV - (s816bus) Sony Ericsson Device 816 driver (WDM) -- C:\Windows\System32\drivers\s816bus.sys (MCCI Corporation)
DRV - (dsunidrv) -- C:\Windows\System32\drivers\dsunidrv.sys (Gteko Ltd.)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (DSproct) -- C:\Programme\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (RT73) -- C:\Windows\System32\drivers\Dr71WU.sys (Ralink Technology, Corp.)
DRV - (ZD1211U(Wireless)) IEEE 802.11g USB Adapter Driver(Wireless) -- C:\Windows\System32\drivers\ZD1211U.sys (ZyDAS Technology Corporation)
DRV - (odysseyIM3) -- C:\Windows\System32\drivers\odysseyIM3.sys (Funk Software, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.quotenmeter.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.quotenmeter.de/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.2
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010.06.03 18:05:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.03 15:59:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.21 17:56:16 | 000,000,000 | ---D | M]
 
[2009.11.04 23:34:54 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\mozilla\Extensions
[2010.06.08 23:30:44 | 000,000,000 | ---D | M] -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\7a7i6kad.default\extensions
[2009.11.05 20:31:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sven\AppData\Roaming\mozilla\Firefox\Profiles\7a7i6kad.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.06.08 23:30:44 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.03.24 23:38:59 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.24 23:38:59 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.24 23:39:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.24 23:39:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.24 23:39:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.06.02 20:39:25 | 000,405,211 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1	hityou.com
O1 - Hosts: 127.0.0.1	www.hityou.com
O1 - Hosts: 127.0.0.1	180searchassistant.com
O1 - Hosts: 127.0.0.1	www.180searchassistant.com
O1 - Hosts: 127.0.0.1	180solutions.com
O1 - Hosts: 127.0.0.1	www.180solutions.com
O1 - Hosts: 127.0.0.1	bis.180solutions.com
O1 - Hosts: 127.0.0.1	config.180solutions.com
O1 - Hosts: 127.0.0.1	cts.180solutions.com
O1 - Hosts: 127.0.0.1	downloads.180solutions.com
O1 - Hosts: 127.0.0.1	installs.180solutions.com
O1 - Hosts: 127.0.0.1	nowhere.180solutions.com
O1 - Hosts: 127.0.0.1	ping.180solutions.com
O1 - Hosts: 127.0.0.1	tv.180solutions.com
O1 - Hosts: 127.0.0.1	uploads.180solutions.com
O1 - Hosts: 127.0.0.1	public.zangocash.com
O1 - Hosts: 127.0.0.1	www.public.zangocash.com
O1 - Hosts: 127.0.0.1	static.zangocash.com
O1 - Hosts: 127.0.0.1	www.static.zangocash.com
O1 - Hosts: 127.0.0.1	www.zangocash.com
O1 - Hosts: 127.0.0.1	zangocash.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 14017 more lines...
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [CTxfiHlp]  File not found
O4 - HKLM..\Run: [CTXFIREG]  File not found
O4 - HKLM..\Run: [dscactivate] c:\dell\dsca.exe ( )
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask .exe (Apple Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://a1540.g.akamai.net/7/1540/52/20070711/qtinstall.info.apple.com/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v911/Navigram.cab (Navigram Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://www.creative.com/su/ocx/15030/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1288.0816.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.8.5.1288.0816.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (AVGRSSTX.DLL) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Sven\wasserfall_Wall.jpg
O24 - Desktop BackupWallPaper: C:\Sven\wasserfall_Wall.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.03.21 11:47:05 | 000,000,000 | ---D | M] - C:\Autogramme -- [ NTFS ]
O32 - AutoRun File - [2008.03.06 20:00:54 | 000,131,720 | R--- | M] (InstallShield Software Corporation) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.02.22 17:08:27 | 000,058,601 | R--- | M] () - E:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2008.02.22 17:08:27 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008.02.22 17:08:44 | 000,000,382 | R--- | M] () - E:\autorun.ini -- [ UDF ]
O33 - MountPoints2\{640bb30c-5a71-11dc-a5d5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{640bb30c-5a71-11dc-a5d5-806e6f6e6963}\Shell\AutoRun\command - "" = E:\start.exe -- File not found
O33 - MountPoints2\{72a5207d-59af-11dd-8ee4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{72a5207d-59af-11dd-8ee4-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- [2008.03.06 20:00:54 | 000,131,720 | R--- | M] (InstallShield Software Corporation)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.06.09 19:40:18 | 000,000,000 | ---D | C] -- C:\Virus
[2010.06.09 19:32:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.06.09 19:32:23 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.06.09 19:32:23 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.06.09 19:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.06.08 19:34:54 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Desktop
[2010.05.21 19:51:06 | 000,000,000 | ---D | C] -- C:\Users\Sven\AppData\Roaming\Ubisoft
[2010.05.21 19:43:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2010.05.21 19:25:48 | 000,000,000 | ---D | C] -- C:\Programme\Ubisoft
[2010.05.13 19:19:03 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010.05.13 19:18:43 | 000,000,000 | R--D | C] -- C:\Windows\System32\config\systemprofile\Favorites
[2009.06.03 20:21:54 | 000,060,928 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.06.09 21:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At22.job
[2010.06.09 21:08:03 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{E0CBABAD-03E6-492D-8854-334038EB9930}.job
[2010.06.09 21:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At46.job
[2010.06.09 20:28:58 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.09 20:28:58 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.09 20:25:03 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.09 20:08:59 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At21.job
[2010.06.09 20:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At45.job
[2010.06.09 19:52:56 | 000,001,930 | ---- | M] () -- C:\Users\Sven\Desktop\HiJackThis.lnk
[2010.06.09 19:32:27 | 000,000,820 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.09 19:25:04 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.09 19:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At20.job
[2010.06.09 19:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At44.job
[2010.06.09 18:32:33 | 060,860,587 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010.06.09 18:29:13 | 000,079,216 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.06.09 18:29:13 | 000,079,216 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.06.09 18:28:59 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.09 18:28:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.09 18:28:52 | 3488,079,872 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.09 18:28:05 | 000,055,756 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000001-00000000-0000000A-00001102-00000005-60021102}.rfx
[2010.06.09 18:28:05 | 000,055,756 | ---- | M] () -- C:\Windows\System32\BMXState-{00000001-00000000-0000000A-00001102-00000005-60021102}.rfx
[2010.06.09 18:28:05 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000001-00000000-0000000A-00001102-00000005-60021102}.rfx
[2010.06.08 23:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At24.job
[2010.06.08 23:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At48.job
[2010.06.08 22:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At23.job
[2010.06.08 22:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At47.job
[2010.06.07 23:58:14 | 002,148,864 | -H-- | M] () -- C:\Users\Sven\AppData\Local\IconCache.db
[2010.06.07 23:43:29 | 000,189,952 | ---- | M] () -- C:\Users\Sven\Desktop\SunderedFrontier_Questline.doc
[2010.06.07 00:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1.job
[2010.06.06 18:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At19.job
[2010.06.06 18:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At43.job
[2010.06.06 17:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At18.job
[2010.06.06 17:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At42.job
[2010.06.06 16:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At17.job
[2010.06.06 16:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At41.job
[2010.06.06 15:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At16.job
[2010.06.06 15:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At40.job
[2010.06.06 14:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At15.job
[2010.06.06 14:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At39.job
[2010.06.06 13:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At14.job
[2010.06.06 13:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At38.job
[2010.06.06 00:37:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At25.job
[2010.06.05 12:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At13.job
[2010.06.03 01:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At26.job
[2010.06.02 20:39:25 | 000,405,211 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.06.02 19:05:27 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010.06.02 19:05:27 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010.06.02 00:45:21 | 000,001,080 | ---- | M] () -- C:\Windows\System32\settingsbkup.sfm
[2010.06.02 00:45:21 | 000,001,080 | ---- | M] () -- C:\Windows\System32\settings.sfm
[2010.05.31 01:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010.05.30 22:42:41 | 000,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.05.30 21:54:18 | 256,334,546 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.05.30 06:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At31.job
[2010.05.30 05:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At6.job
[2010.05.30 05:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At30.job
[2010.05.30 04:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At5.job
[2010.05.30 04:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At29.job
[2010.05.30 03:09:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At4.job
[2010.05.30 03:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At28.job
[2010.05.29 12:00:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At37.job
[2010.05.21 21:45:28 | 000,000,943 | ---- | M] () -- C:\Users\Sven\Desktop\AssassinsCreed_Game.exe - Verknüpfung.lnk
[2010.05.21 13:31:49 | 000,396,837 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100602-203925.backup
[2010.05.16 23:49:47 | 000,000,112 | ---- | M] () -- C:\ProgramData\72iA37vT.dat
[2010.05.16 21:43:58 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At36.job
[2010.05.16 21:43:58 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At35.job
[2010.05.16 21:43:58 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At34.job
[2010.05.16 21:43:58 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At9.job
[2010.05.16 21:43:58 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At8.job
[2010.05.16 21:43:58 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At7.job
[2010.05.16 21:43:57 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At33.job
[2010.05.16 21:43:57 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At32.job
[2010.05.16 21:43:57 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At27.job
[2010.05.16 21:43:57 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At3.job
[2010.05.16 21:43:57 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At12.job
[2010.05.16 21:43:57 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At11.job
[2010.05.16 21:43:57 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At10.job
[2010.05.13 18:16:16 | 000,000,000 | ---- | M] () -- C:\debug
[2010.05.13 14:31:40 | 000,396,739 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20100521-133149.backup
[2010.05.13 03:03:53 | 000,000,127 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2010.05.13 01:27:32 | 000,118,784 | ---- | M] () -- C:\Users\Sven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.06.09 19:52:56 | 000,001,930 | ---- | C] () -- C:\Users\Sven\Desktop\HiJackThis.lnk
[2010.06.09 19:32:27 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.02 00:45:21 | 000,001,080 | ---- | C] () -- C:\Windows\System32\settingsbkup.sfm
[2010.06.02 00:45:21 | 000,001,080 | ---- | C] () -- C:\Windows\System32\settings.sfm
[2010.05.24 16:39:16 | 000,189,952 | ---- | C] () -- C:\Users\Sven\Desktop\SunderedFrontier_Questline.doc
[2010.05.21 21:45:28 | 000,000,943 | ---- | C] () -- C:\Users\Sven\Desktop\AssassinsCreed_Game.exe - Verknüpfung.lnk
[2010.05.13 19:20:48 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.13 19:20:46 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.13 18:16:16 | 000,000,000 | ---- | C] () -- C:\debug
[2010.05.13 18:13:02 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At48.job
[2010.05.13 18:13:02 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At47.job
[2010.05.13 18:13:02 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At46.job
[2010.05.13 18:13:01 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At45.job
[2010.05.13 18:13:01 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At44.job
[2010.05.13 18:13:01 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At43.job
[2010.05.13 18:13:01 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At42.job
[2010.05.13 18:13:01 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At41.job
[2010.05.13 18:13:01 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At40.job
[2010.05.13 18:13:01 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At39.job
[2010.05.13 18:13:01 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At38.job
[2010.05.13 18:13:01 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At37.job
[2010.05.13 18:13:01 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At36.job
[2010.05.13 18:13:01 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At35.job
[2010.05.13 18:13:01 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At34.job
[2010.05.13 18:13:01 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At33.job
[2010.05.13 18:13:01 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At32.job
[2010.05.13 18:13:00 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At31.job
[2010.05.13 18:13:00 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At30.job
[2010.05.13 18:13:00 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At29.job
[2010.05.13 18:13:00 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At28.job
[2010.05.13 18:13:00 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At27.job
[2010.05.13 18:13:00 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At26.job
[2010.05.13 18:13:00 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At25.job
[2010.05.13 18:13:00 | 000,000,112 | ---- | C] () -- C:\ProgramData\72iA37vT.dat
[2010.05.13 18:09:33 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At24.job
[2010.05.13 18:09:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At23.job
[2010.05.13 18:09:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At22.job
[2010.05.13 18:09:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At21.job
[2010.05.13 18:09:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At20.job
[2010.05.13 18:09:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At19.job
[2010.05.13 18:09:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At18.job
[2010.05.13 18:09:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At17.job
[2010.05.13 18:09:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At16.job
[2010.05.13 18:09:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At15.job
[2010.05.13 18:09:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At14.job
[2010.05.13 18:09:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At13.job
[2010.05.13 18:09:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At12.job
[2010.05.13 18:09:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At9.job
[2010.05.13 18:09:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At8.job
[2010.05.13 18:09:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At7.job
[2010.05.13 18:09:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At6.job
[2010.05.13 18:09:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At5.job
[2010.05.13 18:09:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At4.job
[2010.05.13 18:09:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At3.job
[2010.05.13 18:09:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At2.job
[2010.05.13 18:09:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At11.job
[2010.05.13 18:09:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At10.job
[2010.05.13 18:09:28 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1.job
[2010.05.13 03:03:53 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.07.01 00:28:13 | 000,000,297 | ---- | C] () -- C:\Windows\System32\kill.ini
[2009.06.06 14:54:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.03 21:00:30 | 000,026,928 | ---- | C] () -- C:\Windows\System32\instwdm.ini
[2009.06.03 21:00:28 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2009.06.03 20:19:42 | 000,002,560 | ---- | C] () -- C:\Windows\System32\CtxfiRes.dll
[2009.03.05 23:48:10 | 000,015,360 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2007.09.29 18:09:25 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2007.09.16 13:46:19 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.09.10 11:48:17 | 000,003,072 | ---- | C] () -- C:\Windows\CTXFIRES.DLL
[2007.09.04 01:16:29 | 000,003,072 | ---- | C] () -- C:\Windows\CTXFIGER.DLL
[2007.09.04 01:16:23 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2007.09.04 01:16:23 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2007.03.19 06:04:58 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResES.dll
[2007.03.19 06:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResIT.dll
[2007.03.19 06:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResFR.dll
[2007.03.19 06:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResENG.dll
[2007.03.19 06:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResDE.dll
[2007.03.19 06:04:56 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResPTB.dll
[2007.03.19 06:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHC.dll
[2007.03.19 06:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResKO.dll
[2007.03.19 06:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResJA.dll
[2007.03.19 06:04:54 | 000,022,016 | ---- | C] () -- C:\Windows\System32\nam_page.dll
[2007.03.19 06:04:54 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHT.dll
[2006.11.07 21:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.09.17 00:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006.09.17 00:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 76 bytes -> C:\Users\Sven\Documents\Virtual Me:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sven\Documents\Updater5:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sven\Documents\Updater:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sven\Documents\Turbo Lister:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sven\Documents\Turbo Lister Backup:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sven\Documents\Red Kawa:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sven\Documents\My PSP8 Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sven\Documents\Meine empfangenen Dateien:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sven\Documents\ICQ:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sven\Documents\ICQ Lite:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sven\Documents\DVDVideoSoft:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Sven\Documents\AdobeStockPhotos:Roxio EMC Stream
< End of report >

 

Themen zu Und wieder mal Tabs mit Werbung - Trojaner Generic17.CNOG
0x00000001, alternate, antivir, avg free, bho, browser, components, corp./icp, error, excel, firefox, firefox 3.6.3, fontcache, free download, google, gupdate, hijack, hijackthis, home premium, intranet, location, logfile, malwarebytes' anti-malware, mozilla, neue tabs, nvlddmkm.sys, nvstor.sys, object, oldtimer, otl logfile, otl.exe, plug-in, problem, programdata, registry, safer networking, scan, searchplugins, security, software, svchost.exe, system, tabs mit werbung, trojaner, usb, virus, vista, werbung, windows, wireless lan


« Antimalware Doctor entfernt | Internetseiten öffnen ständig! Verdacht auf Trojaner! »


Ähnliche Themen: Und wieder mal Tabs mit Werbung - Trojaner Generic17.CNOG


  1. Mozilla Firefox öffnet ständig Werbung und neue Tabs mit Werbung
    Log-Analyse und Auswertung - 21.07.2015 (10)
  2. Neue Tabs und Werbung bei Internetbrowsern
    Log-Analyse und Auswertung - 05.07.2015 (3)
  3. Tabs mit Werbung im Browser und Steam
    Log-Analyse und Auswertung - 02.04.2015 (4)
  4. Trojan.BitcoinMiner, Werbung trotz AdBlocker, neue Tabs mit Werbung werden automatisch geöffnet und vieles mehr.
    Log-Analyse und Auswertung - 02.03.2015 (23)
  5. Firefox öffnet selbstständig Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 02.02.2015 (11)
  6. Chrome öffnet Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (11)
  7. Werbung und nervige Tabs die sich bei klick auf eine Seite öffnen sowie Blaue schricht im Brwoser mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 06.01.2015 (6)
  8. Öffnen von Tabs und Werbung
    Alles rund um Windows - 28.09.2014 (1)
  9. Chrome öffnet Tabs mit Werbung!
    Plagegeister aller Art und deren Bekämpfung - 04.09.2014 (16)
  10. Trojaner: Generic17.BAIP
    Plagegeister aller Art und deren Bekämpfung - 01.03.2011 (3)
  11. msnd.exe / Trojaner: Generic17.BAIM
    Plagegeister aller Art und deren Bekämpfung - 25.09.2010 (3)
  12. MSN Trojaner - Generic17 BAIP
    Log-Analyse und Auswertung - 22.09.2010 (1)
  13. Firefox öffnet Tabs mit Werbung / Anstelle einer verlinkten URL öffnet sich Werbung
    Plagegeister aller Art und deren Bekämpfung - 08.08.2010 (4)
  14. Firefox öffnet selbstständig Tabs mit Werbung
    Log-Analyse und Auswertung - 20.06.2010 (18)
  15. Trojaner Generic17.CNOG gefunden
    Log-Analyse und Auswertung - 14.06.2010 (22)
  16. Trojaner:Clicker & Generic17 im system32
    Log-Analyse und Auswertung - 30.05.2010 (1)
  17. Trojaner Generic17.CAKH & Fake Alert eingefangen?
    Log-Analyse und Auswertung - 20.05.2010 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Und wieder mal Tabs mit Werbung - Trojaner Generic17.CNOG - Hallo, es scheint ja momentan umzugehen das Problem: Bei mir öffnen sich im Firefox in unregelmäßigen Abständen neue Tabs, die verschiedenen Seiten laden. Zudem war nach einen Neustart plötzlich ein - Und wieder mal Tabs mit Werbung - Trojaner Generic17.CNOG...
Archiv
Du betrachtest: Und wieder mal Tabs mit Werbung - Trojaner Generic17.CNOG auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131