| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojan.Win32.AutoRun.sc löschenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
02.10.2010, 17:41
| #1 |
| |  Trojan.Win32.AutoRun.sc löschen Hallo, ich habe denn Trojan.Win32.AutoRun.sc auf meinem rechner gefunden wie bekomme ich ihn weg. Mein Kaspersky CBE 2010 sagt mir das löschen unmöglich wäre und unter Quarantäne setzten auch nicht ginge. 02.10.2010 15:37:41 Gefunden: Trojan.Win32.AutoRun.sc Host Process for Windows Services F:\AUTORUN.INF 02.10.2010 15:37:55 Löschen unmöglich: Trojan.Win32.AutoRun.sc Host Process for Windows Services F:\AUTORUN.INF Objekt nicht gefunden |
|
03.10.2010, 14:39
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Trojan.Win32.AutoRun.sc löschen Hallo und
__________________ Zitat:
Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
03.10.2010, 19:36
| #3 |
| | Trojan.Win32.AutoRun.sc löschen Hier:
__________________Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4736 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 03.10.2010 16:59:55 mbam-log-2010-10-03 (16-59-55).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 324686 Laufzeit: 1 Stunde(n), 11 Minute(n), 39 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) |
|
04.10.2010, 07:40
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Win32.AutoRun.sc löschenZitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.10.2010, 18:53
| #5 |
| | Trojan.Win32.AutoRun.sc löschen MHh das ist bei mir ein USB laufwerk |
|
04.10.2010, 19:05
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Win32.AutoRun.sc löschen Und was ist mit den anderen Logfiles?
__________________ --> Trojan.Win32.AutoRun.sc löschen |
|
05.10.2010, 08:14
| #7 |
| | Trojan.Win32.AutoRun.sc löschen Hier:OTL Logfile: Code:
ATTFilter OTL logfile created on: 03.10.2010 17:15:29 - Run 1 OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Julian\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 48,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 72,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 144,64 Gb Total Space | 105,67 Gb Free Space | 73,06% Space Free | Partition Type: NTFS Drive D: | 137,84 Gb Total Space | 77,35 Gb Free Space | 56,12% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: DAIGEND Current User Name: Julian Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: On Skip Microsoft Files: On File Age = 90 Days Output = Standard Quick Scan ========== Processes (SafeList) ========== PRC - [2010.10.03 16:01:18 | 001,487,360 | ---- | M] (Vertigo Games) -- D:\Spiele\BlackShot\eFusion\BlackShot\system\blackshot.exe PRC - [2010.10.03 15:48:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Julian\Downloads\OTL.exe PRC - [2010.08.20 21:45:26 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2010.07.17 18:59:14 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2010.05.06 09:10:22 | 000,361,120 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe PRC - [2009.11.26 22:23:34 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe PRC - [2009.10.29 03:47:34 | 000,419,112 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe PRC - [2009.10.22 19:34:56 | 000,200,488 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2009.10.21 18:53:42 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe PRC - [2009.10.07 09:49:50 | 001,157,640 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2009.09.30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009.09.30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009.09.24 04:37:56 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2009.09.24 04:37:44 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe PRC - [2009.09.10 15:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe PRC - [2009.09.05 10:17:56 | 003,450,368 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe PRC - [2009.09.05 10:17:52 | 003,567,616 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe PRC - [2009.09.05 10:17:40 | 003,358,720 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe PRC - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe PRC - [2009.08.07 15:29:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009.08.07 15:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2009.08.04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe PRC - [2009.07.26 16:44:14 | 003,883,840 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe PRC - [2009.07.11 01:18:18 | 000,708,608 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe PRC - [2009.07.10 22:03:24 | 006,201,344 | ---- | M] (Acer Incoporated) -- C:\Program Files (x86)\Acer\Acer VCM\Vc.exe PRC - [2009.07.10 12:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe PRC - [2009.07.04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2009.06.18 03:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe PRC - [2009.02.06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe ========== Modules (SafeList) ========== MOD - [2010.10.03 15:48:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Julian\Downloads\OTL.exe MOD - [2010.04.22 00:55:00 | 000,100,955 | ---- | M] (INCA Internet Co., Ltd.) -- D:\Spiele\BlackShot\eFusion\BlackShot\system\GameGuard\npggNT.des MOD - [2009.07.14 03:16:20 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll MOD - [2009.07.14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll MOD - [2009.07.14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Windows\SysNative\GameMon.des -- (npggsvc) SRV:64bit: - [2009.11.11 16:33:44 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2010.09.22 16:32:38 | 002,950,744 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai\netsession_win_062a651.dll -- (Akamai) SRV - [2010.09.19 17:14:19 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.05.06 09:10:22 | 000,361,120 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe -- (AVP) SRV - [2010.03.30 11:16:14 | 001,823,112 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2010.03.18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.11.13 02:08:00 | 003,403,420 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc) SRV - [2009.10.30 02:54:02 | 000,788,000 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc) SRV - [2009.09.30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2009.09.30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2009.09.24 04:37:56 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2009.09.10 15:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService) SRV - [2009.09.05 10:17:56 | 003,450,368 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe -- (IGBASVC) SRV - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009.08.07 15:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R) SRV - [2009.07.10 12:54:44 | 000,253,952 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2009.07.04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2009.06.18 03:31:58 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc) SRV - [2009.06.18 03:31:46 | 000,050,432 | ---- | M] (NewTech InfoSystems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\npptNT2.sys -- (NPPTNT2) DRV:64bit: - [2010.07.17 20:46:00 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2010.07.17 19:13:22 | 000,036,400 | ---- | M] (EgisTec) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor) EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys) DRV:64bit: - [2010.02.03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2009.11.11 18:31:44 | 006,106,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009.10.14 21:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG) DRV:64bit: - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2009.10.05 16:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.10.02 19:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2009.09.23 04:25:22 | 000,144,496 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2009.09.21 04:20:48 | 000,020,392 | ---- | M] (JMicron ) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\johci.sys -- (johci) DRV:64bit: - [2009.09.17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:64bit: - [2009.09.14 14:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2009.09.03 12:15:26 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.09.01 15:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1) DRV:64bit: - [2009.08.21 11:18:16 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009.08.07 15:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.08.05 14:15:00 | 000,694,272 | ---- | M] (LITEON) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Ltn_stk7770P.sys -- (Ltn_stk7770P) DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.29 04:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir) DRV:64bit: - [2009.06.24 12:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.07 10:36:46 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:64bit: - [2009.06.02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009.06.02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009.06.02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009.05.19 15:59:00 | 000,014,848 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\enecirhid.sys -- (enecirhid) DRV:64bit: - [2009.05.05 10:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009.05.05 10:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2008.04.24 12:16:00 | 000,006,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\enecirhidma.sys -- (enecirhidma) DRV:64bit: - [2007.07.26 03:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV - [2009.03.26 05:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\Drivers\DKbFltr.sys -- (DKbFltr) Dritek Keyboard Filter Driver (64-bit) DRV - [2005.01.02 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5942&r=27360710t315l0394z135t4912d530 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5942&r=27360710t315l0394z135t4912d530 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5942&r=27360710t315l0394z135t4912d530 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5942&r=27360710t315l0394z135t4912d530 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5942&r=27360710t315l0394z135t4912d530 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5942&r=27360710t315l0394z135t4912d530 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/|hxxp://www.youtube.com/" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.747 FF - prefs.js..extensions.enabledItems: corexplayer@l39studios.de:1.1 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.09.16 23:40:41 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.27 16:45:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\THBExt [2010.07.17 20:46:35 | 000,000,000 | ---D | M] [2010.07.17 19:35:54 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\mozilla\Extensions [2010.10.03 13:26:24 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\xk548yab.default\extensions [2010.09.07 23:59:14 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\xk548yab.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.08.02 11:28:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\xk548yab.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.08.01 16:47:23 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\xk548yab.default\extensions\corexplayer@l39studios.de [2010.09.05 16:14:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010.07.17 19:45:29 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.08.21 18:04:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.07.17 20:47:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru [2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2008.12.19 00:30:20 | 000,106,128 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npstrlnk.dll [2010.07.28 21:57:51 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.07.28 21:57:51 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.07.28 21:57:51 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.07.28 21:57:51 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.07.28 21:57:51 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\ievkbd.dll (Kaspersky Lab) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.) O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\ievkbd.dll (Kaspersky Lab) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [NapsterShell] C:\Program Files (x86)\Napster\napster.exe (Napster) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.) O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKCU..\Run: [Steam] D:\Spiele\Steam\Steam.exe (Valve Corporation) O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk = C:\Users\Julian\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe (GameRanger Technologies) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Julian\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Julian\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\ie_banner_deny.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Julian\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Julian\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.) O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\ie_banner_deny.htm () O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\klwtbbho.dll (Kaspersky Lab) O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\x64\klwtbbho.dll (Kaspersky Lab) O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin) O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {A21769F8-CEC5-4AFA-A6A4-CC921A15DF40} hxxp://62.146.151.157/atlas_activex.dll (ActiveXControl Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.11.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab) O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab) O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{eae8a929-91c1-11df-99b6-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{eae8a929-91c1-11df-99b6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 90 Days ========== [2010.10.03 17:15:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Te_mp_B_S!! [2010.10.03 15:47:33 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Malwarebytes [2010.10.03 15:47:25 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.10.03 15:47:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.10.03 15:47:23 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.10.03 15:47:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.09.14 21:38:23 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\LogMeIn Hamachi [2010.09.14 21:38:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2010.09.09 20:58:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Neffy [2010.09.01 20:32:32 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Roxio [2010.08.30 17:52:01 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\DVDVideoSoft [2010.08.29 16:02:58 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien [2010.08.29 15:43:07 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien [2010.08.29 11:57:11 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\vlc [2010.08.29 11:45:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2010.08.28 18:03:04 | 000,000,000 | ---D | C] -- C:\Python27 [2010.08.28 15:42:51 | 000,000,000 | -HSD | C] -- C:\Users\Julian\AppData\Roaming\.# [2010.08.27 19:19:30 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\iuwavdjdk [2010.08.22 01:53:41 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Garena [2010.08.21 23:44:23 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2010.08.21 18:04:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.08.21 18:00:01 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\kikin [2010.08.21 18:00:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\kikin [2010.08.21 17:59:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2010.08.16 16:32:42 | 000,000,000 | ---D | C] -- C:\Fraps [2010.08.15 20:32:40 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\GameRanger [2010.08.15 19:49:51 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Diagnostics [2010.08.02 11:28:55 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\DVDVideoSoftIEHelpers [2010.08.02 11:28:44 | 000,000,000 | ---D | C] -- C:\Users\Julian\Documents\DVDVideoSoft [2010.08.02 11:28:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2010.08.02 11:28:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2010.08.01 22:11:18 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\WinRAR [2010.08.01 22:11:08 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR [2010.07.25 00:18:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2010.07.25 00:17:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2010.07.25 00:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010.07.24 20:48:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2010.07.24 20:17:04 | 000,000,000 | ---D | C] -- C:\Users\Julian\Documents\My Games [2010.07.24 20:17:04 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Fallout3 [2010.07.24 19:55:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2010.07.19 18:54:48 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010.07.19 16:41:18 | 000,000,000 | R--D | C] -- C:\Users\Julian\Desktop\Bilder [2010.07.18 23:15:59 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\gtk-2.0 [2010.07.18 23:15:57 | 000,000,000 | ---D | C] -- C:\Users\Julian\.thumbnails [2010.07.18 23:12:18 | 000,000,000 | ---D | C] -- C:\Users\Julian\Documents\gegl-0.0 [2010.07.18 23:12:18 | 000,000,000 | ---D | C] -- C:\Users\Julian\.gimp-2.6 [2010.07.18 23:11:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0 [2010.07.18 23:02:27 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\CyberLink [2010.07.18 23:02:25 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\PowerCinema [2010.07.18 23:02:21 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\PowerCinema [2010.07.18 20:57:49 | 003,403,420 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des [2010.07.18 20:57:23 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys [2010.07.18 20:57:21 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\INCA Shared [2010.07.18 20:47:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai [2010.07.18 20:14:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared [2010.07.18 20:14:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared [2010.07.18 20:14:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2010.07.18 20:14:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Napster Shared [2010.07.18 20:13:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Napster [2010.07.18 20:13:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Napster [2010.07.18 19:51:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio [2010.07.18 19:38:26 | 000,000,000 | ---D | C] -- C:\Julian [2010.07.18 04:33:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer [2010.07.18 04:33:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE [2010.07.18 04:33:30 | 000,000,000 | ---D | C] -- C:\Windows\de-DE [2010.07.18 04:33:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407 [2010.07.18 04:33:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de [2010.07.18 04:33:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE [2010.07.18 04:33:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407 [2010.07.18 04:33:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de [2010.07.18 04:32:27 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui [2010.07.18 04:32:27 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui [2010.07.18 04:32:25 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui [2010.07.18 04:32:25 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui [2010.07.18 04:26:59 | 000,000,000 | ---D | C] -- C:\Windows\NAPP_Dism_Log [2010.07.18 03:03:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2010.07.17 22:55:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010.07.17 21:09:42 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp [2010.07.17 20:46:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2010.07.17 20:46:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab [2010.07.17 20:46:00 | 000,353,296 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2010.07.17 20:32:59 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\LolClient [2010.07.17 20:13:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2010.07.17 20:13:03 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\TS3Client [2010.07.17 20:12:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client [2010.07.17 20:09:25 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Adobe [2010.07.17 20:09:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2010.07.17 19:52:00 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\PMB Files [2010.07.17 19:51:58 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2010.07.17 19:51:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2010.07.17 19:46:06 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\skypePM [2010.07.17 19:45:38 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Skype [2010.07.17 19:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2010.07.17 19:45:14 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2010.07.17 19:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010.07.17 19:37:17 | 000,000,000 | R-SD | C] -- C:\Users\Julian\Documents\My Stationery [2010.07.17 19:35:34 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Mozilla [2010.07.17 19:35:34 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Mozilla [2010.07.17 19:35:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2010.07.17 19:32:49 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\EgisTec IPS [2010.07.17 19:18:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard [2010.07.17 19:17:39 | 000,000,000 | ---D | C] -- C:\Users\Julian\Tracing [2010.07.17 19:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink [2010.07.17 19:15:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2010.07.17 19:14:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Arcade Deluxe [2010.07.17 19:14:28 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink [2010.07.17 19:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp [2010.07.17 19:13:53 | 000,123,392 | ---- | C] (Egis Technology Inc.) -- C:\Windows\SysNative\VCryptAPI.dll [2010.07.17 19:13:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Bio Protection [2010.07.17 19:13:28 | 000,566,832 | ---- | C] (EgisTec) -- C:\Windows\SysNative\NBMatS1SDK.dll [2010.07.17 19:13:28 | 000,469,552 | ---- | C] (EgisTec) -- C:\Windows\SysWow64\NBMatS1SDK.dll [2010.07.17 19:13:22 | 000,036,400 | ---- | C] (EgisTec) -- C:\Windows\SysNative\drivers\FPSensor.sys [2010.07.17 19:11:49 | 000,000,000 | ---D | C] -- C:\ProgramData\EgisTec IPS [2010.07.17 19:11:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EgisTec IPS [2010.07.17 19:06:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2010.07.17 19:05:49 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Microsoft Help [2010.07.17 19:03:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2010.07.17 19:02:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2010.07.17 19:02:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2010.07.17 19:02:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive [2010.07.17 19:01:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2010.07.17 19:00:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2010.07.17 18:58:48 | 000,000,000 | ---D | C] -- C:\Programme\Synaptics [2010.07.17 18:58:36 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Adobe [2010.07.17 18:57:29 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\InstallShield [2010.07.17 18:57:23 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Google [2010.07.17 18:57:23 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Google [2010.07.17 18:57:21 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\ATI [2010.07.17 18:57:21 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\ATI [2010.07.17 18:57:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2010.07.17 18:56:38 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\EgisTec [2010.07.17 18:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\McQcModifier-5c47-a7b0 [2010.07.17 18:56:26 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Macromedia [2010.07.17 18:56:26 | 000,000,000 | ---D | C] -- C:\book [2010.07.17 18:56:11 | 000,000,000 | R--D | C] -- C:\Users\Julian\Searches [2010.07.17 18:56:02 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Identities [2010.07.17 18:55:57 | 000,000,000 | R--D | C] -- C:\Users\Julian\Contacts [2010.07.17 18:55:55 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\VirtualStore [2010.07.17 18:54:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM [2010.07.17 18:53:50 | 000,000,000 | ---D | C] -- C:\Programme\Acer Accessory Store [2010.07.17 18:53:33 | 000,000,000 | --SD | C] -- C:\Users\Julian\AppData\Roaming\Microsoft [2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Videos [2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Saved Games [2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Pictures [2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Music [2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Links [2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Favorites [2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Downloads [2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Documents [2010.07.17 18:53:33 | 000,000,000 | R--D | C] -- C:\Users\Julian\Desktop [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Vorlagen [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\AppData\Local\Verlauf [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\AppData\Local\Temporary Internet Files [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Startmenü [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\SendTo [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Recent [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Netzwerkumgebung [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Lokale Einstellungen [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Documents\Eigene Videos [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Documents\Eigene Musik [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Eigene Dateien [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Documents\Eigene Bilder [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Druckumgebung [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Cookies [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\AppData\Local\Anwendungsdaten [2010.07.17 18:53:33 | 000,000,000 | -HSD | C] -- C:\Users\Julian\Anwendungsdaten [2010.07.17 18:53:33 | 000,000,000 | -H-D | C] -- C:\Users\Julian\AppData [2010.07.17 18:53:33 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Temp [2010.07.17 18:53:33 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Microsoft [2010.07.17 18:53:33 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Media Center Programs [2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\Recovery [2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\Programme [2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien [2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2010.07.17 18:53:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2010.07.17 18:43:05 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010.07.17 18:43:03 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ATI Technologies [2010.07.17 18:42:51 | 000,000,000 | ---D | C] -- C:\Programme\ATI [2010.07.17 18:42:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2010.07.17 18:39:59 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2009.11.26 22:08:52 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 90 Days ========== [2010.10.03 17:17:29 | 001,835,008 | -HS- | M] () -- C:\Users\Julian\NTUSER.DAT [2010.10.03 16:22:02 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.10.03 15:47:27 | 000,001,017 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.10.02 19:22:01 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.10.02 18:30:47 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.10.02 18:30:47 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.10.02 18:30:02 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.10.02 18:30:02 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.10.02 18:30:02 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.10.02 18:30:02 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.10.02 18:30:02 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.10.02 18:22:34 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.10.02 18:22:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.10.02 18:22:24 | 3169,927,168 | -HS- | M] () -- C:\hiberfil.sys [2010.10.02 18:19:35 | 004,403,084 | -H-- | M] () -- C:\Users\Julian\AppData\Local\IconCache.db [2010.09.27 17:20:24 | 000,129,551 | ---- | M] () -- C:\Users\Julian\Pflanzenöl Referat.docx [2010.09.18 17:31:38 | 000,001,425 | ---- | M] () -- C:\Users\Julian\Desktop\FFE.lnk [2010.09.14 21:56:54 | 000,000,839 | ---- | M] () -- C:\Users\Public\Desktop\Aufstieg des Hexenkönigs™.lnk [2010.09.14 21:38:05 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2010.09.09 21:13:00 | 000,000,619 | ---- | M] () -- C:\Users\Julian\Desktop\Flyff.lnk [2010.09.04 14:00:44 | 000,003,945 | ---- | M] () -- C:\Users\Julian\.recently-used.xbel [2010.08.29 15:22:24 | 000,000,865 | ---- | M] () -- C:\Users\Public\Desktop\Die Schlacht um Mittelerde™ II.lnk [2010.08.29 11:46:25 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2010.08.28 18:10:49 | 000,000,220 | ---- | M] () -- C:\Windows\wininit.ini [2010.08.21 17:51:28 | 004,098,176 | ---- | M] () -- C:\Users\Julian\Manian - Welcome To The Club.mp3 [2010.08.16 16:35:17 | 000,000,208 | ---- | M] () -- C:\Users\Julian\Desktop\Call of Duty Modern Warfare 2.url [2010.08.16 16:35:17 | 000,000,208 | ---- | M] () -- C:\Users\Julian\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url [2010.08.16 16:32:42 | 000,000,566 | ---- | M] () -- C:\Users\Julian\Desktop\Fraps.lnk [2010.08.16 12:34:10 | 000,002,951 | ---- | M] () -- C:\Users\Julian\Desktop\Dawn of War.lnk [2010.08.16 12:34:10 | 000,002,945 | ---- | M] () -- C:\Users\Julian\Desktop\Winter Assault.lnk [2010.08.15 20:32:49 | 000,001,088 | ---- | M] () -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2010.08.15 20:32:49 | 000,001,074 | ---- | M] () -- C:\Users\Julian\Desktop\GameRanger.lnk [2010.08.15 20:32:01 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\Dark Crusade.lnk [2010.08.14 15:22:26 | 000,343,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.08.01 22:18:11 | 000,079,928 | ---- | M] () -- C:\Users\Julian\AppData\Local\GDIPFONTCACHEV1.DAT [2010.07.30 12:21:26 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat [2010.07.30 12:21:26 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat [2010.07.24 20:17:34 | 000,001,092 | ---- | M] () -- C:\Users\Julian\Desktop\Fallout 3.lnk [2010.07.19 18:54:45 | 550,576,578 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010.07.18 23:12:15 | 000,000,207 | ---- | M] () -- C:\Users\Julian\Desktop\Killing Floor.url [2010.07.18 23:12:14 | 000,001,103 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2010.07.18 20:55:16 | 000,000,731 | ---- | M] () -- C:\Users\Julian\Desktop\WolfTeam.lnk [2010.07.18 20:43:35 | 000,001,483 | ---- | M] () -- C:\Users\Julian\Desktop\Day of Defeat Source.lnk [2010.07.18 20:43:35 | 000,001,481 | ---- | M] () -- C:\Users\Julian\Desktop\Half-Life 2 Deathmatch.lnk [2010.07.18 20:43:34 | 000,001,481 | ---- | M] () -- C:\Users\Julian\Desktop\Counter-Strike Source.lnk [2010.07.18 20:43:31 | 000,000,798 | ---- | M] () -- C:\Users\Julian\Desktop\League of Legends.lnk [2010.07.18 20:36:47 | 000,000,459 | ---- | M] () -- C:\Users\Julian\Desktop\Steam.lnk [2010.07.18 20:15:00 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Napster.lnk [2010.07.18 17:52:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010.07.18 05:37:03 | 000,000,510 | ---- | M] () -- C:\Windows\win.ini [2010.07.18 04:33:13 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat [2010.07.18 04:33:13 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat [2010.07.18 04:32:27 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui [2010.07.18 04:32:27 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui [2010.07.18 04:32:25 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui [2010.07.18 04:32:25 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui [2010.07.18 04:26:58 | 000,011,453 | ---- | M] () -- C:\Windows\ChangeLang_Done.tag [2010.07.17 21:37:26 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010.07.17 20:46:00 | 000,353,296 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys [2010.07.17 20:12:16 | 000,001,170 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2010.07.17 19:46:08 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2010.07.17 19:35:35 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2010.07.17 19:29:53 | 000,524,288 | -HS- | M] () -- C:\Users\Julian\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010.07.17 19:29:53 | 000,524,288 | -HS- | M] () -- C:\Users\Julian\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010.07.17 19:29:53 | 000,065,536 | -HS- | M] () -- C:\Users\Julian\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010.07.17 19:13:28 | 000,566,832 | ---- | M] (EgisTec) -- C:\Windows\SysNative\NBMatS1SDK.dll [2010.07.17 19:13:28 | 000,469,552 | ---- | M] (EgisTec) -- C:\Windows\SysWow64\NBMatS1SDK.dll [2010.07.17 19:13:22 | 000,036,400 | ---- | M] (EgisTec) -- C:\Windows\SysNative\drivers\FPSensor.sys [2010.07.17 19:03:27 | 000,000,020 | ---- | M] () -- C:\Windows\(úí [2010.07.17 18:59:14 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe [2010.07.17 18:59:14 | 000,000,074 | ---- | M] () -- C:\Windows\PidList.ini [2010.07.17 18:58:53 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2010.07.17 18:53:33 | 000,000,020 | -HS- | M] () -- C:\Users\Julian\ntuser.ini [2010.07.17 18:47:39 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2010.07.17 18:47:39 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2010.07.17 18:44:46 | 000,000,006 | ---- | M] () -- C:\Windows\SysNative\PLD_Framework.cmd [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.10.03 15:47:27 | 000,001,017 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.09.27 17:21:23 | 000,129,551 | ---- | C] () -- C:\Users\Julian\Pflanzenöl Referat.docx [2010.09.18 17:31:39 | 000,001,425 | ---- | C] () -- C:\Users\Julian\Desktop\FFE.lnk [2010.09.14 21:56:54 | 000,000,839 | ---- | C] () -- C:\Users\Public\Desktop\Aufstieg des Hexenkönigs™.lnk [2010.09.14 21:38:05 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2010.09.09 21:13:00 | 000,000,619 | ---- | C] () -- C:\Users\Julian\Desktop\Flyff.lnk [2010.09.04 14:00:44 | 000,003,945 | ---- | C] () -- C:\Users\Julian\.recently-used.xbel [2010.08.29 15:22:24 | 000,000,865 | ---- | C] () -- C:\Users\Public\Desktop\Die Schlacht um Mittelerde™ II.lnk [2010.08.29 11:46:25 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2010.08.21 18:20:45 | 000,000,220 | ---- | C] () -- C:\Windows\wininit.ini [2010.08.21 18:03:07 | 000,008,704 | -HS- | C] () -- C:\Users\Julian\Thumbs.db [2010.08.21 18:03:06 | 004,098,176 | ---- | C] () -- C:\Users\Julian\Manian - Welcome To The Club.mp3 [2010.08.16 16:32:42 | 000,000,566 | ---- | C] () -- C:\Users\Julian\Desktop\Fraps.lnk [2010.08.16 15:42:40 | 000,000,208 | ---- | C] () -- C:\Users\Julian\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url [2010.08.16 15:33:59 | 000,000,208 | ---- | C] () -- C:\Users\Julian\Desktop\Call of Duty Modern Warfare 2.url [2010.08.16 12:34:10 | 000,002,951 | ---- | C] () -- C:\Users\Julian\Desktop\Dawn of War.lnk [2010.08.16 12:34:10 | 000,002,945 | ---- | C] () -- C:\Users\Julian\Desktop\Winter Assault.lnk [2010.08.15 20:32:49 | 000,001,088 | ---- | C] () -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameRanger.lnk [2010.08.15 20:32:49 | 000,001,074 | ---- | C] () -- C:\Users\Julian\Desktop\GameRanger.lnk [2010.08.15 20:32:01 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\Dark Crusade.lnk [2010.07.24 20:17:36 | 000,001,092 | ---- | C] () -- C:\Users\Julian\Desktop\Fallout 3.lnk [2010.07.19 18:54:45 | 550,576,578 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010.07.18 23:12:14 | 000,001,103 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2010.07.18 23:12:11 | 000,000,207 | ---- | C] () -- C:\Users\Julian\Desktop\Killing Floor.url [2010.07.18 20:57:23 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd [2010.07.18 20:55:16 | 000,000,731 | ---- | C] () -- C:\Users\Julian\Desktop\WolfTeam.lnk [2010.07.18 20:43:35 | 000,001,483 | ---- | C] () -- C:\Users\Julian\Desktop\Day of Defeat Source.lnk [2010.07.18 20:43:35 | 000,001,481 | ---- | C] () -- C:\Users\Julian\Desktop\Half-Life 2 Deathmatch.lnk [2010.07.18 20:43:34 | 000,001,481 | ---- | C] () -- C:\Users\Julian\Desktop\Counter-Strike Source.lnk [2010.07.18 20:43:31 | 000,000,798 | ---- | C] () -- C:\Users\Julian\Desktop\League of Legends.lnk [2010.07.18 20:36:47 | 000,000,459 | ---- | C] () -- C:\Users\Julian\Desktop\Steam.lnk [2010.07.18 20:15:00 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Napster.lnk [2010.07.18 17:52:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010.07.18 04:37:55 | 000,011,453 | ---- | C] () -- C:\Windows\ChangeLang_Done.tag [2010.07.18 04:33:59 | 000,654,166 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat [2010.07.18 04:33:59 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat [2010.07.18 04:33:59 | 000,130,006 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat [2010.07.18 04:33:59 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat [2010.07.17 20:46:52 | 000,149,773 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat [2010.07.17 20:46:52 | 000,106,765 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat [2010.07.17 20:12:16 | 000,001,170 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2010.07.17 19:46:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.07.17 19:45:16 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010.07.17 19:35:35 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.07.17 19:17:06 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.07.17 19:17:06 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.07.17 19:14:27 | 000,008,470 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe3.log [2010.07.17 19:13:53 | 000,952,683 | ---- | C] () -- C:\Windows\SysNative\VMC3KAPI.dll [2010.07.17 19:03:27 | 000,000,020 | ---- | C] () -- C:\Windows\(úí [2010.07.17 18:59:34 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe [2010.07.17 18:59:34 | 000,000,074 | ---- | C] () -- C:\Windows\PidList.ini [2010.07.17 18:59:33 | 000,106,496 | ---- | C] () -- C:\Windows\FixUVC.exe [2010.07.17 18:58:53 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2010.07.17 18:53:33 | 001,835,008 | -HS- | C] () -- C:\Users\Julian\NTUSER.DAT [2010.07.17 18:53:33 | 000,524,288 | -HS- | C] () -- C:\Users\Julian\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010.07.17 18:53:33 | 000,524,288 | -HS- | C] () -- C:\Users\Julian\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010.07.17 18:53:33 | 000,262,144 | -HS- | C] () -- C:\Users\Julian\ntuser.dat.LOG1 [2010.07.17 18:53:33 | 000,065,536 | -HS- | C] () -- C:\Users\Julian\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010.07.17 18:53:33 | 000,000,020 | -HS- | C] () -- C:\Users\Julian\ntuser.ini [2010.07.17 18:53:33 | 000,000,000 | -HS- | C] () -- C:\Users\Julian\ntuser.dat.LOG2 [2010.07.17 18:40:00 | 3169,927,168 | -HS- | C] () -- C:\hiberfil.sys [2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009.11.26 22:08:31 | 000,192,484 | ---- | C] () -- C:\Program Files (x86)\Common Files\Acer GameZone online.ico [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll ========== LOP Check ========== [2010.08.28 15:42:51 | 000,000,000 | -HSD | M] -- C:\Users\Julian\AppData\Roaming\.# [2010.08.30 17:52:09 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\DVDVideoSoft [2010.08.30 17:52:31 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\DVDVideoSoftIEHelpers [2010.08.15 20:32:48 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\GameRanger [2010.09.04 14:00:44 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\gtk-2.0 [2010.08.28 21:46:35 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\kikin [2010.07.17 20:32:59 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\LolClient [2010.09.17 19:58:33 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien [2010.08.29 16:02:58 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien [2010.07.18 23:02:22 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\PowerCinema [2010.09.12 13:01:47 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\TS3Client [2009.07.14 07:08:49 | 000,028,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > |
|
05.10.2010, 18:14
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojan.Win32.AutoRun.sc löschen Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
[2010.08.28 15:42:51 | 000,000,000 | -HSD | C] -- C:\Users\Julian\AppData\Roaming\.#
[2010.08.27 19:19:30 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\iuwavdjdk
[2010.10.03 17:15:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Te_mp_B_S!!
[2010.07.17 19:03:27 | 000,000,020 | ---- | C] () -- C:\Windows\(úí
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Trojan.Win32.AutoRun.sc löschen |
| gefunde, kaspersky, löschen, nicht gefunden, objekt, objekt nicht gefunden, process, quarantäne, rechner, troja, unmöglich, windows |
Hybrid-Darstellung
