Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojaner oder so etwas . Help .

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.05.2011, 11:28   #1
Rancher18
 
Trojaner oder so etwas . Help . - Beitrag

Trojaner oder so etwas . Help .



Hallo und ! Da ich neu hier bin möchete ich euch erstmal Herzlich Begrüßen .

Und jetz zu meinem Problem : Ich weis nich was es ist aber ich glaube es ist ein vir oder trojaner nach runderladen von eine zip datei entpacken und draufklickien war es vorbei Blauer Skreen und gehts nichts mehr , sogar Windows Vista Look also ich meine windows vista schaut aus wie win 95. Kann mir bitte Jemand Helfen den Trojana zu finden und Löschen . ?

Alt 08.05.2011, 11:38   #2
Rancher18
 
Trojaner oder so etwas . Help . - Standard

Trojaner oder so etwas . Help .



HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:32:33, on 08.05.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19019)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Users\Arek\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\AVG\AVG9\avgui.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\AVG\AVG9\avgscanx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Windows\system32\conime.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Arek\Desktop\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! Deutschland
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! Deutschland
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ALaunch] C:\Acer\ALaunch\AlaunchClient.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Onet.pl AutoUpdate] "C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexetsr
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Arek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix: 
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E920766-3676-416A-88F1-7BA4C953F573}: NameServer = 139.7.30.125 139.7.30.126
O17 - HKLM\System\CS1\Services\Tcpip\..\{0E920766-3676-416A-88F1-7BA4C953F573}: NameServer = 139.7.30.125 139.7.30.126
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\Windows\system32\dgdersvc.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11498 bytes
         
--- --- ---
__________________


Alt 08.05.2011, 12:09   #3
markusg
/// Malware-holic
 
Trojaner oder so etwas . Help . - Standard

Trojaner oder so etwas . Help .



hi, hast du die datei noch? falls ja, lade sie mal hoch:
dateiupload:
http://www.trojaner-board.de/54791-a...ner-board.html

falls du einen link hast wo du die datei geladen hast, sende ihn mir als private nachicht.
__________________
__________________

Alt 10.05.2011, 17:20   #4
Rancher18
 
Trojaner oder so etwas . Help . - Standard

Trojaner oder so etwas . Help .



leider kann ich es nicht weil ich die daten nicht mehr habe . können sie bitte mir trotzdem helfen bei der log file zu auswerten

Alt 10.05.2011, 17:48   #5
markusg
/// Malware-holic
 
Trojaner oder so etwas . Help . - Standard

Trojaner oder so etwas . Help .



Systemscan mit OTL
download otl:
http://filepony.de/download-otl/

Doppelklick auf die OTL.exe
(user von Windows 7 und Vista: Rechtsklick als Administrator ausführen)
1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
2. Hake an "scan all users"
3. Unter "Extra Registry wähle:
"Use Safelist" "LOP Check" "Purity Check"
4. Kopiere in die Textbox:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
5. Klicke "Scan"
6. 2 reporte werden erstellt:
OTL.Txt
Extras.Txt
beide posten

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.05.2011, 18:21   #6
Rancher18
 
Trojaner oder so etwas . Help . - Standard

Trojaner oder so etwas . Help .



Schon dabei. Wie Lange dauert der scan ?

Alt 10.05.2011, 18:30   #7
markusg
/// Malware-holic
 
Trojaner oder so etwas . Help . - Standard

Trojaner oder so etwas . Help .



kann schon n bissel dauern.
schalte alle aktieven programme aus und arbeite nicht am pc
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.05.2011, 18:39   #8
Rancher18
 
Trojaner oder so etwas . Help . - Standard

Trojaner oder so etwas . Help .



Es war aber nur 1 report
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 10.05.2011 19:08:16 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Arek\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,29 Gb Total Space | 73,71 Gb Free Space | 51,08% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 134,34 Gb Free Space | 93,27% Space Free | Partition Type: NTFS
Drive G: | 36,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: KATJA-PC | User Name: Arek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Arek\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avscan.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Windows\System32\dgdersvc.exe (Devguru Co., Ltd.)
PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10i_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation)
PRC - C:\Users\Arek\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
PRC - C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
PRC - C:\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Programme\Acer Arcade Deluxe\Play Movie\PMVService.exe (CyberLink Corp.)
PRC - c:\Programme\Windows Defender\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Acer\Mobility Center\MobilityService.exe ()
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
PRC - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
PRC - C:\Acer\ALaunch\ALaunchSvc.exe ()
PRC - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
PRC - C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Arek\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (dgdersvc) -- C:\Windows\System32\dgdersvc.exe (Devguru Co., Ltd.)
SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)
SRV - (sftvsa) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (HauppaugeTVServer) -- C:\Programme\WinTV\HCWTVServer.exe (Hauppauge Computer Works)
SRV - (VMCService) -- C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
SRV - (eDataSecurity Service) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (eNet Service) -- C:\Acer\Empowering Technology\eNet\eNet Service.exe (Acer Inc.)
SRV - (eSettingsService) -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe ()
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (eLockService) -- C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe (Acer Inc.)
SRV - (WMIService) -- C:\Acer\Empowering Technology\ePower\ePowerSvc.exe (acer)
SRV - (ALaunchService) -- C:\Acer\ALaunch\ALaunchSvc.exe ()
SRV - (eRecoveryService) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (Acer Inc.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (AvgTdiX) --  File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (dgderdrv) -- C:\Windows\System32\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (FlashUSB) -- C:\Windows\System32\drivers\FlashUSB.sys (Danish Wireless Design A/S)
DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation)
DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation)
DRV - (ezplay) -- C:\Windows\System32\drivers\ezplay.sys (VSO Software)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (npf) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (pavboot) -- C:\Windows\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (hcw95rc) -- C:\Windows\System32\drivers\hcw95rc.sys (Hauppauge Computer Works, Inc.)
DRV - (hcw95bda) -- C:\Windows\System32\drivers\hcw95bda.sys (Hauppauge Computer Works, Inc.)
DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\Acer Arcade Deluxe\Play Movie\000.fcl (Cyberlink Corp.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (int15) -- C:\Acer\Empowering Technology\eRecovery\int15.sys (Acer, Inc.)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (nmwcd) -- C:\Windows\System32\drivers\nmwcd.sys (Nokia)
DRV - (nmwcdcm) -- C:\Windows\System32\drivers\nmwcdcm.sys (Nokia)
DRV - (nmwcdcj) -- C:\Windows\System32\drivers\nmwcdcj.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\nmwcdc.sys (Nokia)
DRV - (ElbyDelay) -- C:\Windows\System32\drivers\ElbyDelay.sys (Elaborate Bytes AG)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (DritekPortIO) -- C:\Programme\Launch Manager\DPortIO.sys (Dritek System Inc.)
DRV - (WSVD) -- C:\Windows\System32\drivers\WSVD.sys (Wasay)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.intl.acer.yahoo.com
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3383825707-3237043923-2490184305-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-3383825707-3237043923-2490184305-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-3383825707-3237043923-2490184305-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3383825707-3237043923-2490184305-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3383825707-3237043923-2490184305-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 20 8F 3B 97 5E 0B CC 01  [binary data]
IE - HKU\S-1-5-21-3383825707-3237043923-2490184305-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: finder@meingutscheincode.de:1.0.2
FF - prefs.js..extensions.enabledItems: {40c3cc16-7269-4b32-9531-17f2950fb06f}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
 
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.05.08 11:20:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.08 11:36:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.08 11:36:29 | 000,000,000 | ---D | M]
 
[2010.12.22 09:39:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arek\AppData\Roaming\mozilla\Extensions
[2011.05.10 18:26:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Arek\AppData\Roaming\mozilla\Firefox\Profiles\n10panq3.default\extensions
[2010.12.22 10:19:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Arek\AppData\Roaming\mozilla\Firefox\Profiles\n10panq3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.01.09 18:36:26 | 000,000,000 | ---D | M] (Winload Toolbar) -- C:\Users\Arek\AppData\Roaming\mozilla\Firefox\Profiles\n10panq3.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
[2011.01.09 18:36:23 | 000,000,000 | ---D | M] (Mein Gutscheincode Finder) -- C:\Users\Arek\AppData\Roaming\mozilla\Firefox\Profiles\n10panq3.default\extensions\finder@meingutscheincode.de
[2011.02.27 18:10:07 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.09.11 08:51:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.05.08 11:35:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2010.04.12 12:39:25 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2010.09.11 08:51:59 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.05.08 11:35:45 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.03.20 09:35:31 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.03.20 09:35:31 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.03.20 09:35:31 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.03.20 09:35:32 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.03.20 09:35:32 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Programme\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-3383825707-3237043923-2490184305-1001\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3383825707-3237043923-2490184305-1001\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Acer Tour Reminder]  File not found
O4 - HKLM..\Run: [ALaunch]  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [eAudio] C:\Acer\Empowering Technology\eAudio\eAudio.exe (CyberLink)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [hpqSRMon]  File not found
O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Onet.pl AutoUpdate]  File not found
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Programme\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Incorporated)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3383825707-3237043923-2490184305-1001..\Run: [LG LinkAir]  File not found
O4 - HKU\S-1-5-21-3383825707-3237043923-2490184305-1001..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O7 - HKU\S-1-5-21-3383825707-3237043923-2490184305-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Arek\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Arek\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.03.13 21:39:50 | 000,000,070 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{39e8bd5b-1dd0-11dd-8348-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{39e8bd5b-1dd0-11dd-8348-806e6f6e6963}\Shell\AutoRun\command - "" = E:\0data\cbs.exe
O33 - MountPoints2\{66b845e9-a381-11dd-93b0-001b38e1b2b1}\Shell - "" = AutoRun
O33 - MountPoints2\{66b845e9-a381-11dd-93b0-001b38e1b2b1}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{73f9b0fc-e305-11dd-bff5-001b38e1b2b1}\Shell - "" = AutoRun
O33 - MountPoints2\{73f9b0fc-e305-11dd-bff5-001b38e1b2b1}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{99c0a141-1201-11e0-a750-a4713d03838c}\Shell - "" = AutoRun
O33 - MountPoints2\{99c0a141-1201-11e0-a750-a4713d03838c}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe
O33 - MountPoints2\{ff533577-a41e-11dd-af60-001b38e1b2b1}\Shell - "" = AutoRun
O33 - MountPoints2\{ff533577-a41e-11dd-af60-001b38e1b2b1}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LGAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Reg Error: Value error.
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mkdmp3enc - C:\PROGRA~1\ACERAR~1\DVWIZA~1\Kernel\Burner\MKDMP3Enc.ACM File not found
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)
 
CREATERESTOREPOINT
Error creating restore point.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.10 19:05:43 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Arek\Desktop\OTL.exe
[2011.05.10 18:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011.05.10 18:35:37 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\Avira
[2011.05.10 18:29:09 | 166,955,472 | ---- | C] (AVG Technologies) -- C:\Users\Arek\Desktop\avg_free_x86_all_2011_1325a3589.exe
[2011.05.10 18:29:03 | 119,414,180 | ---- | C] (AVG Technologies) -- C:\Users\Arek\Desktop\avg_free_x86_all_2011_1325a3589.exe.part
[2011.05.10 18:26:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.05.10 18:25:55 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.05.10 18:25:54 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.05.10 18:25:54 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.05.10 18:25:51 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2011.05.10 18:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.05.10 17:45:32 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.05.08 12:16:08 | 000,000,000 | ---D | C] -- C:\Users\Arek\Desktop\HiJackThis
[2011.05.08 12:05:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.05.08 12:05:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.05.08 12:05:10 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy
[2011.05.08 11:57:24 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys
[2011.05.08 11:56:28 | 000,000,000 | ---D | C] -- C:\Programme\Panda Security
[2011.04.27 21:00:13 | 000,000,000 | ---D | C] -- C:\Programme\Agatha Christie - Death on the Nile
[2011.04.27 20:57:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Big Fish Games
[2011.04.27 20:56:44 | 000,000,000 | ---D | C] -- C:\BigFishGamesCache
[2011.04.27 10:13:07 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\PlayFirst
[2011.04.26 20:09:22 | 000,000,000 | ---D | C] -- C:\Users\Arek\Desktop\JADMaker
[2011.04.23 12:19:29 | 000,000,000 | ---D | C] -- C:\Users\Arek\{2e12e2a1-d6fc-47d6-92f0-f9e4d703c3bb}
[2011.04.18 18:56:14 | 000,000,000 | ---D | C] -- C:\Users\Arek\AppData\Roaming\FloodLightGames
[2008.05.09 16:16:02 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[2008.05.09 16:14:19 | 000,172,032 | ---- | C] ( ) -- C:\Windows\System32\rsnp2uvc.dll
[2008.05.09 16:14:19 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.20 01:16:44 | 002,431,661 | ---- | M] () -- C:\Users\Arek\Desktop\SN150383.JPG
[2011.05.10 19:10:04 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.10 19:05:46 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Arek\Desktop\OTL.exe
[2011.05.10 19:03:05 | 166,955,472 | ---- | M] (AVG Technologies) -- C:\Users\Arek\Desktop\avg_free_x86_all_2011_1325a3589.exe
[2011.05.10 18:55:40 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.10 18:55:40 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.10 18:51:08 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3383825707-3237043923-2490184305-1001UA.job
[2011.05.10 18:35:13 | 119,414,180 | ---- | M] (AVG Technologies) -- C:\Users\Arek\Desktop\avg_free_x86_all_2011_1325a3589.exe.part
[2011.05.10 18:30:18 | 000,000,000 | ---- | M] () -- C:\Users\Arek\AppData\Local\prvlcl.dat
[2011.05.10 18:26:20 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.05.10 18:24:32 | 052,718,176 | ---- | M] () -- C:\Users\Arek\Desktop\avira_antivir_personal_de.exe
[2011.05.10 18:20:17 | 001,215,906 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.10 18:20:17 | 000,776,936 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.10 18:20:17 | 000,316,540 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.10 18:20:17 | 000,277,714 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.10 18:13:49 | 000,103,336 | ---- | M] () -- C:\Users\Arek\AppData\Roaming\nvModes.001
[2011.05.10 18:13:01 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.10 18:12:21 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2011.05.10 18:12:07 | 3219,996,672 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.10 17:58:09 | 000,008,268 | ---- | M] () -- C:\Users\Arek\AppData\Local\d3d9caps.dat
[2011.05.10 17:45:17 | 268,981,162 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.05.08 12:05:31 | 000,001,059 | ---- | M] () -- C:\Users\Arek\Desktop\Spybot - Search & Destroy.lnk
[2011.05.08 11:56:21 | 000,178,640 | ---- | M] () -- C:\Users\Arek\Desktop\activescan2_de.exe
[2011.05.08 10:16:44 | 000,001,616 | ---- | M] () -- C:\Users\Arek\AppData\Roaming\wklnhst.dat
[2011.04.30 14:12:55 | 000,106,521 | ---- | M] () -- C:\Users\Arek\Desktop\Scannen0002.jpg
[2011.04.30 14:02:01 | 000,104,889 | ---- | M] () -- C:\Users\Arek\Desktop\Scannen0001.jpg
[2011.04.29 10:39:31 | 000,017,920 | ---- | M] () -- C:\Users\Arek\Desktop\Trennung Wohnung.wps
[2011.04.29 10:39:12 | 000,017,920 | ---- | M] () -- C:\Users\Arek\Documents\Trennung Wohnung.wps
[2011.04.27 10:13:29 | 000,103,336 | ---- | M] () -- C:\Users\Arek\AppData\Roaming\nvModes.dat
[2011.04.25 10:05:19 | 000,297,060 | ---- | M] () -- C:\Users\Arek\Desktop\Michelle.jpg
[2011.04.22 13:42:00 | 000,123,236 | ---- | M] () -- C:\Users\Arek\Desktop\Trinkverkhalten.jpg
[2011.04.22 13:42:00 | 000,007,697 | ---- | M] () -- C:\Users\Arek\.recently-used.xbel
[2011.04.18 22:07:53 | 000,021,237 | ---- | M] () -- C:\Users\Arek\Desktop\03749e97c4.jpeg
[2011.04.18 19:37:42 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\00000B88.LCS
[2011.04.18 18:48:52 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\000017B4.LCS
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.05.10 18:26:20 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.05.10 18:22:35 | 052,718,176 | ---- | C] () -- C:\Users\Arek\Desktop\avira_antivir_personal_de.exe
[2011.05.10 18:12:07 | 3219,996,672 | -HS- | C] () -- C:\hiberfil.sys
[2011.05.10 17:45:17 | 268,981,162 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.05.08 12:05:31 | 000,001,059 | ---- | C] () -- C:\Users\Arek\Desktop\Spybot - Search & Destroy.lnk
[2011.05.08 11:56:18 | 000,178,640 | ---- | C] () -- C:\Users\Arek\Desktop\activescan2_de.exe
[2011.04.30 14:12:55 | 000,106,521 | ---- | C] () -- C:\Users\Arek\Desktop\Scannen0002.jpg
[2011.04.30 14:02:01 | 000,104,889 | ---- | C] () -- C:\Users\Arek\Desktop\Scannen0001.jpg
[2011.04.29 10:39:31 | 000,017,920 | ---- | C] () -- C:\Users\Arek\Desktop\Trennung Wohnung.wps
[2011.04.29 10:36:55 | 000,017,920 | ---- | C] () -- C:\Users\Arek\Documents\Trennung Wohnung.wps
[2011.04.25 10:05:19 | 000,297,060 | ---- | C] () -- C:\Users\Arek\Desktop\Michelle.jpg
[2011.04.25 10:04:10 | 002,431,661 | ---- | C] () -- C:\Users\Arek\Desktop\SN150383.JPG
[2011.04.22 13:42:00 | 000,007,697 | ---- | C] () -- C:\Users\Arek\.recently-used.xbel
[2011.04.22 13:41:59 | 000,123,236 | ---- | C] () -- C:\Users\Arek\Desktop\Trinkverkhalten.jpg
[2011.04.18 22:08:03 | 000,021,237 | ---- | C] () -- C:\Users\Arek\Desktop\03749e97c4.jpeg
[2011.01.17 21:53:58 | 000,103,336 | ---- | C] () -- C:\Users\Arek\AppData\Roaming\nvModes.001
[2011.01.17 21:51:14 | 000,103,336 | ---- | C] () -- C:\Users\Arek\AppData\Roaming\nvModes.dat
[2011.01.14 23:45:14 | 000,005,120 | ---- | C] () -- C:\Users\Arek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.28 00:50:01 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2010.12.28 00:50:01 | 000,002,413 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2010.12.26 21:47:09 | 000,008,268 | ---- | C] () -- C:\Users\Arek\AppData\Local\d3d9caps.dat
[2010.12.26 20:38:31 | 000,000,000 | ---- | C] () -- C:\Users\Arek\AppData\Local\prvlcl.dat
[2010.12.22 18:20:05 | 000,001,616 | ---- | C] () -- C:\Users\Arek\AppData\Roaming\wklnhst.dat
[2010.12.22 16:43:47 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.12.22 16:43:47 | 000,036,640 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.11.13 23:16:49 | 000,000,027 | ---- | C] () -- C:\Windows\ZigarettenS.ini
[2010.11.13 23:16:31 | 000,000,253 | ---- | C] () -- C:\Windows\Zigarettenschachtel-Spruch.ini
[2010.11.07 10:18:10 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.11.07 10:18:10 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.10.25 11:09:56 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2010.10.25 11:09:56 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2010.10.25 11:09:56 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2010.10.25 11:09:56 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2010.10.05 01:59:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\StarOpen.sys
[2010.05.13 11:38:34 | 000,007,168 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2010.05.08 11:20:35 | 000,023,686 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010.05.08 11:14:53 | 000,078,185 | ---- | C] () -- C:\Windows\hpqins05.dat
[2010.04.30 19:03:30 | 000,179,780 | ---- | C] () -- C:\Windows\hpoins29.dat
[2010.04.02 18:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.02.13 12:53:03 | 000,001,515 | ---- | C] () -- C:\Windows\vtplus32.ini
[2010.02.13 12:52:57 | 000,149,504 | ---- | C] () -- C:\Windows\System32\UNWISE.EXE
[2010.02.13 12:52:10 | 000,032,295 | ---- | C] () -- C:\Windows\Irremote.ini
[2010.02.13 12:51:59 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll
[2010.02.13 12:50:49 | 000,000,526 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.02.13 12:50:49 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.02.13 12:50:47 | 000,163,840 | ---- | C] () -- C:\Windows\System32\hcwChDB.dll
[2010.02.13 12:50:01 | 000,006,235 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2009.11.16 18:33:38 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009.09.13 11:48:21 | 000,000,257 | ---- | C] () -- C:\Windows\Lexstat.ini
[2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll
[2008.09.17 15:46:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.05.10 01:53:56 | 000,000,030 | ---- | C] () -- C:\Windows\SETPANEL.INI
[2008.05.10 01:53:55 | 000,000,092 | ---- | C] () -- C:\Windows\CLEANUP.INI
[2008.05.09 16:16:02 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2008.05.09 16:14:20 | 001,749,376 | ---- | C] () -- C:\Windows\System32\snp2uvc.sys
[2008.05.09 16:14:19 | 000,028,032 | ---- | C] () -- C:\Windows\System32\sncduvc.sys
[2008.05.09 16:14:19 | 000,000,131 | ---- | C] () -- C:\Windows\System32\PidList.ini
[2008.05.09 16:13:31 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2008.05.09 16:13:31 | 000,200,704 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2008.04.04 04:59:21 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN4.dll
[2008.04.04 02:30:51 | 001,749,376 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008.04.04 02:30:51 | 000,028,032 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008.04.04 02:30:51 | 000,000,131 | ---- | C] () -- C:\Windows\PidList.ini
[2008.04.03 18:31:05 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008.04.03 18:30:15 | 000,065,536 | ---- | C] () -- C:\Windows\System32\NATTraversal.dll
[2008.04.03 18:04:40 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008.04.03 17:52:51 | 000,003,636 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008.03.07 17:43:56 | 000,084,734 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008.03.07 14:47:30 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
[2008.02.19 06:36:13 | 000,000,986 | ---- | C] () -- C:\Windows\hpomdl29.dat
[2008.01.21 09:15:58 | 001,215,906 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.01.21 09:15:58 | 000,316,540 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.01.21 09:15:58 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.01.21 09:15:58 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.03.29 12:42:38 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2007.02.07 17:57:50 | 000,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2006.11.02 14:57:28 | 000,067,584 | ---- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,312,768 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,776,936 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,277,714 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005.09.13 16:27:10 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbkcnv5.dll
[2001.12.26 15:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001.09.03 22:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 15:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 21:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.12.22 16:06:02 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Adobe
[2011.03.27 23:32:02 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Ashampoo Cover Studio 2
[2011.03.19 14:38:32 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\AutoUpdate
[2011.05.10 18:35:37 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Avira
[2010.12.22 10:06:54 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Canneverbe Limited
[2011.04.18 18:56:14 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\FloodLightGames
[2011.03.04 14:36:41 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Grand Ages Rome
[2011.01.29 00:46:58 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\HP
[2010.02.21 20:59:25 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Identities
[2011.05.08 09:38:39 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Kamerzysta
[2010.02.21 20:59:53 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Media Center Programs
[2011.05.10 18:35:12 | 000,000,000 | --SD | M] -- C:\Users\Arek\AppData\Roaming\Microsoft
[2010.12.22 09:39:46 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Mozilla
[2011.03.03 18:07:56 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\MysteryStudio
[2011.04.27 10:13:07 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\PlayFirst
[2011.03.03 19:20:57 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\ProtectDISC
[2010.12.22 23:11:18 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Samsung
[2011.05.10 19:14:04 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\SoftGrid Client
[2010.12.22 18:20:08 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Template
[2011.04.18 19:25:12 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Ubisoft
[2011.05.08 11:36:33 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\vlc
[2010.02.21 20:59:54 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\Vodafone
[2010.12.22 16:05:21 | 000,000,000 | ---D | M] -- C:\Users\Arek\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
[2005.08.16 08:49:12 | 000,040,960 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\junction.exe
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2010.12.18 08:22:10 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:193426B4
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:E36F5B57
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:9E22BBE8
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:C95B63DA
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:8173A019
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:55F44B88
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:4CF61E54
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:4BB26BE9
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:8AB6C1D7
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:793F316E
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:2B99FE60
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:580E04D8

< End of report >
         
--- --- ---

Alt 10.05.2011, 18:42   #9
Rancher18
 
Trojaner oder so etwas . Help . - Standard

Trojaner oder so etwas . Help .



Sorry Da ist der 2 reportOTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 10.05.2011 19:08:16 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Arek\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144,29 Gb Total Space | 73,71 Gb Free Space | 51,08% Space Free | Partition Type: NTFS
Drive D: | 144,04 Gb Total Space | 134,34 Gb Free Space | 93,27% Space Free | Partition Type: NTFS
Drive G: | 36,31 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: KATJA-PC | User Name: Arek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{83C9AD52-05A3-47D7-BFA3-9C7C0EB8C515}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{B9134613-5BC5-48D6-957F-BBCE9F9447D9}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0333017E-4257-4561-A8B1-91518BBFBA3A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 
"{06CCB944-A600-4820-BF29-A1E1117A519D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 
"{1FABE9C4-98F7-41F1-8653-2DB0560715B5}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\pmvservice.exe | 
"{2EF02783-769A-431A-9253-CA17E838D5B0}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"{383FFD41-287D-40BB-9927-B53D4AB001C7}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{389C2211-4BA7-47DE-8CD5-B0A57F13DF03}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{3C0DB20A-D4D2-4B08-8D46-AED606E46AE3}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | 
"{404953C7-0E9C-4A7F-BA98-B5CDD3E79532}" = protocol=6 | dir=in | app=c:\program files\alarm für cobra 11 - das syndikat - demo\crashtime4hi.exe | 
"{4BADB57B-0DDE-4B8E-B4C2-1AE870E7820D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe | 
"{4F848915-5BA0-4063-B502-2F4A433E108A}" = dir=in | app=c:\program files\acer arcade deluxe\dvdivine\dvdivine.exe | 
"{535560CF-1F21-4AF6-BDE1-30A185E0E3EB}" = protocol=17 | dir=in | app=c:\windows\system32\lxbkcoms.exe | 
"{5431F7C2-CE51-4DF6-A416-9ACAB2B144A6}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{56408135-58D4-4C2C-97E1-C1EC5DB26A7F}" = dir=in | app=c:\program files\acer arcade deluxe\play movie\playmovie.exe | 
"{5931D0AD-D9C0-4796-8F4A-10F144C052E0}" = protocol=6 | dir=in | app=c:\windows\system32\lxbkcoms.exe | 
"{5A2F9BB5-B60A-493A-A47E-F31CE977710D}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe | 
"{7C704270-D47A-4592-A31B-E5B648718EC2}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{856D5FAD-F3F8-444D-B9F7-6F6ED06AF1E4}" = protocol=6 | dir=in | app=c:\program files\alarm für cobra 11 - das syndikat - demo\crashtime4low.exe | 
"{A1C952DB-615F-4BB1-A6A4-0D594EEB10C4}" = dir=in | app=c:\program files\acer arcade deluxe\videomagician\videomagician.exe | 
"{A6DAFDA8-ABB0-4DEA-9442-AE7E7B7CF70C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe | 
"{ABDEBEC4-E559-491F-84A0-CC07364A9CFF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 
"{B501C151-4ACE-4EB1-95A9-323A87664AD3}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe | 
"{BC16612D-9263-4425-AC26-EE4E5A0B042C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 
"{BE352FE0-A45F-4946-993A-47C3693D2A4D}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe | 
"{C4E328D2-764B-41F0-AFFE-D46AA368D1A3}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbkpswx.exe | 
"{CC70B40A-877A-43AC-811D-09F3A7D3D70A}" = protocol=17 | dir=in | app=c:\program files\alarm für cobra 11 - das syndikat - demo\crashtime4hi.exe | 
"{CCDD4061-B629-4776-B1E2-0F7E70C5A0C4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 
"{CDA041B1-F8CE-4F23-9CF7-0B4C47F39413}" = dir=in | app=c:\program files\acer arcade deluxe\dv wizard\dv wizard.exe | 
"{D2EE71FE-EDF7-40FA-82B7-DEB824C201DE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | 
"{D6760355-F6C8-4F08-8CC9-2BA45A54954A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{D87DBBB2-F4AE-476D-BACE-88C01EE6FEA6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 
"{D8DDD718-4009-4222-A58C-283AAFAC6003}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{DBF23798-E0B4-473B-B298-047A1EFF2709}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{DD69206F-808D-4298-B009-49E67B49ACDE}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{E510386F-B8E0-46C4-A345-B836041D8388}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe | 
"{F323AAB3-7D92-409D-A682-EE53B7A22336}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{F8042CE8-8566-4B9A-91C1-37B77C6D9F0D}" = protocol=17 | dir=in | app=c:\program files\alarm für cobra 11 - das syndikat - demo\crashtime4low.exe | 
"TCP Query User{0A29567C-1EC6-4B49-852F-02D27BEDDA9E}D:\novomatic\novomatic gaminator cf1 final\game.exe" = protocol=6 | dir=in | app=d:\novomatic\novomatic gaminator cf1 final\game.exe | 
"TCP Query User{15126DE4-FEDC-4522-8BC0-78A547FAAB2A}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{4405DE5D-13C0-4E96-9A88-E37FB54AECF1}C:\users\katja\desktop\arek alles\spiele1\gameunp.exe" = protocol=6 | dir=in | app=c:\users\katja\desktop\arek alles\spiele1\gameunp.exe | 
"TCP Query User{47CE8E54-1F56-470D-9A31-145110D2EBC2}D:\novomatic gaminator cf1 final\game.exe" = protocol=6 | dir=in | app=d:\novomatic gaminator cf1 final\game.exe | 
"TCP Query User{C5C0385D-0006-498D-842A-5EDA161500A9}C:\program files\dsnet corp\atube catcher 1.0\yct.exe" = protocol=6 | dir=in | app=c:\program files\dsnet corp\atube catcher 1.0\yct.exe | 
"TCP Query User{DA68D883-EADE-47E3-805C-A9D1F10E6EBA}C:\users\katja\desktop\arek alles\spiele2\gameunp.exe" = protocol=6 | dir=in | app=c:\users\katja\desktop\arek alles\spiele2\gameunp.exe | 
"UDP Query User{63580044-1A72-461D-A166-4827B1CD42A1}C:\users\katja\desktop\arek alles\spiele1\gameunp.exe" = protocol=17 | dir=in | app=c:\users\katja\desktop\arek alles\spiele1\gameunp.exe | 
"UDP Query User{7267D61F-5DC8-4D89-B657-69AFF1499671}C:\users\katja\desktop\arek alles\spiele2\gameunp.exe" = protocol=17 | dir=in | app=c:\users\katja\desktop\arek alles\spiele2\gameunp.exe | 
"UDP Query User{968FE95A-A448-4E8D-AA1C-9E2F39F2DF32}D:\novomatic gaminator cf1 final\game.exe" = protocol=17 | dir=in | app=d:\novomatic gaminator cf1 final\game.exe | 
"UDP Query User{99BB80CD-1196-4B47-8BE5-E0EE11A6793F}C:\program files\dsnet corp\atube catcher 1.0\yct.exe" = protocol=17 | dir=in | app=c:\program files\dsnet corp\atube catcher 1.0\yct.exe | 
"UDP Query User{A822AA7A-FE54-4167-83BC-2EB21686B103}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{E2103355-1950-486D-A8C7-0B40A173757D}D:\novomatic\novomatic gaminator cf1 final\game.exe" = protocol=17 | dir=in | app=d:\novomatic\novomatic gaminator cf1 final\game.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00D0200F-3B4D-4A2F-869E-533ED835A943}" = Hervorhebe-Funktion (Windows Live Toolbar)
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.4900
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}" = Acer eLock Management
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{218761F6-CBF6-4973-B910-A33E6563A1EA}" = Windows Live Toolbar-Erweiterung (Windows Live Toolbar)
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 24
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2DD6C198-FA9A-40B4-8DE5-CE5206E3EB34}" = Smart Menus (Windows Live Toolbar)
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32A3A4F4-B792-11D6-A78A-00B0D0160240}" = Java(TM) SE Development Kit 6 Update 24
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = Acer Crystal Eye Webcam Video Class Camera 
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E8DE1A6-B365-4FF6-B917-2892A34990E8}" = LG USB Modem Drivers
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{4F923F90-46D1-4492-9CC6-13FBBA00E7EC}" = C4400
"{4FAA9E03-B710-491F-82CB-8E9F9DA33DE6}" = Happy Farm
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6B407945-AE16-4A2A-BAAF-497FE62EDED3}" = PS_AIO_03_C4400_Software_Min
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70AA9B4F-64F7-4B0D-ADD8-05802D61AF72}" = Windows Live Toolbar
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites für Windows Live Toolbar
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140011-0062-0407-0000-0000000FF1CE}" = Microsoft Office Home and Business 2010 - Deutsch
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{954B7F64-D1D4-476F-8919-99585D0A6ABF}" = PS_AIO_03_C4400_Software
"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC1ACE88-C471-494E-B5FA-0B7C21F22E4F}" = Orion
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BF839132-BD43-4056-ACBF-4377F4A88E2A}" = Acer ePresentation Management
"{C06554A1-2C1E-4D20-B613-EE62C79927CC}" = Acer eNet Management
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C9CE9393-B568-428D-AD5B-55452B9748DB}" = PS_AIO_03_C4400_ProductContext
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{CE6F531A-92B0-474A-93EE-5DDA0B66F611}" = Samsung Theme Designer
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{EDCDB56B-123E-443A-B452-A371F609327D}" = ArtRage 2 Starter Edition
"{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}" = PL-2303 Vista Driver Installer
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Deluxe
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7B72805-2F58-4C04-AE9E-E7AD6A6EF62E}" = C4400_Help
"{F7C0163D-9CD8-4F5F-BAC8-3E45A0000AFF}" = Vodafone Mobile Connect Lite Huawei
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FB9A2BF4-3388-403F-ACE6-A412414329BA}" = LG SDK for Mobile Widgets
"{FF1F4E8E-A833-4c4b-A14A-45D5B841B5D8}" = HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Alarm für Cobra 11 - Das Syndikat - DEMO_is1" = Alarm für Cobra 11 - Das Syndikat - DEMO
"aTube Catcher" = aTube Catcher
"AutoScan8400" = AutoScan8400
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Black Mirror III - DEMO_is1" = Black Mirror III - DEMO
"Civitas3" = Grand Ages Rome 1.11
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"CSINYUbisoft" = CSI NY
"FastStone Photo Resizer" = FastStone Photo Resizer 2.4
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"Gray Matter - DEMO_is1" = Gray Matter - DEMO
"GridVista" = Acer GridVista
"Hauppauge German Help Files and Resources" = Hauppauge German Help Files and Resources
"Hauppauge WinTV" = Hauppauge WinTV
"Hauppauge WinTV Infrared Remote" = Hauppauge WinTV Infrared Remote
"Hauppauge WinTV Radio" = Hauppauge WinTV Radio
"Hauppauge WinTV Scheduler" = Hauppauge WinTV Scheduler
"Hauppauge WinTV TV Services" = Hauppauge WinTV TV Services
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"Infineon Mobile Phone Platform" = Infineon Mobile Phone Platform Software
"InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 2.8
"LG PC Suite IV" = LG PC Suite IV
"LManager" = Launch Manager
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Noki_is1" = Noki v2.1
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"RocketDock_is1" = RocketDock 1.3.5
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"Sandlot Games Client Services 1.2.2_is1" = Sandlot Games Client Services 1.2.2
"Shop for HP Supplies" = Shop for HP Supplies
"sPlan_60_Demo_is1" = sPlan 6.0 (Demo)
"Sweet Home 3D_is1" = Sweet Home 3D version 2.6
"VLC media player" = VLC media player 1.0.5
"VTPlus32 für WinTV (German)" = VTPlus32 für WinTV (German)
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR
"WorldUnlock Codes Calculator" = WorldUnlock Codes Calculator
"Zigarettenschachtel-Spruch" = Zigarettenschachtel-Spruch
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3383825707-3237043923-2490184305-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         
--- --- ---

Alt 10.05.2011, 18:46   #10
markusg
/// Malware-holic
 
Trojaner oder so etwas . Help . - Standard

Trojaner oder so etwas . Help .



bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.05.2011, 18:49   #11
Rancher18
 
Trojaner oder so etwas . Help . - Standard

Trojaner oder so etwas . Help .



wie soll ich es machen ? sorry keine ahnung von sowas

Alt 10.05.2011, 18:54   #12
markusg
/// Malware-holic
 
Trojaner oder so etwas . Help . - Standard

Trojaner oder so etwas . Help .



steht doch da, lesen musst du schon die links die ich dir gebe, dass kann ich ja wohl schlecht für dich machen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.05.2011, 18:56   #13
Rancher18
 
Trojaner oder so etwas . Help . - Standard

Trojaner oder so etwas . Help .



Zitat:
Zitat von markusg Beitrag anzeigen
steht doch da, lesen musst du schon die links die ich dir gebe, dass kann ich ja wohl schlecht für dich machen
Ia stimmts sorry mein fehler

Alt 10.05.2011, 19:49   #14
Rancher18
 
Trojaner oder so etwas . Help . - Standard

Trojaner oder so etwas . Help .



Windows ist abgesturzt und ich habe keine logfile soll ich es nochmal versuchen ?

Alt 10.05.2011, 19:51   #15
markusg
/// Malware-holic
 
Trojaner oder so etwas . Help . - Standard

Trojaner oder so etwas . Help .



starte im abgesicherten modus ohne netzwer, erreicht man bei den meisten pcs bei start mit f8
dann combofix versuchen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Trojaner oder so etwas . Help .
blauer, datei, entpacken, glaube, help, löschen, neu, nichts, problem, troja, trojana, trojaner, trojaner oder ??, vista, windows, windows vista




Ähnliche Themen: Trojaner oder so etwas . Help .


  1. Windows 8 - Datei oder Programm versucht etwas auszuführen
    Plagegeister aller Art und deren Bekämpfung - 05.06.2015 (11)
  2. Ist das ein Virus oder etwas anderes? Mit Bild.
    Plagegeister aller Art und deren Bekämpfung - 03.05.2015 (11)
  3. Keylogger oder etwas Anderes 2.0
    Plagegeister aller Art und deren Bekämpfung - 16.06.2014 (7)
  4. Keylogger oder etwas Anderes ?
    Plagegeister aller Art und deren Bekämpfung - 15.06.2014 (1)
  5. Java Sicherheitslücken oder etwas eingefangen
    Plagegeister aller Art und deren Bekämpfung - 15.10.2013 (4)
  6. Trojaner oder etwas anderes?
    Plagegeister aller Art und deren Bekämpfung - 03.07.2012 (11)
  7. Keylogger oder sonst etwas?
    Log-Analyse und Auswertung - 29.05.2011 (1)
  8. Etwas eingefangen oder nicht!?
    Plagegeister aller Art und deren Bekämpfung - 19.10.2009 (5)
  9. Virus, Wurm oder etwas anderes?
    Log-Analyse und Auswertung - 11.10.2009 (1)
  10. Virus/Trojaner oder von allem etwas?
    Log-Analyse und Auswertung - 10.08.2009 (82)
  11. Trojaner Vundo oder etwas anderes?
    Plagegeister aller Art und deren Bekämpfung - 18.10.2008 (8)
  12. Hardware defekt oder Virus? Bin etwas ratlos
    Plagegeister aller Art und deren Bekämpfung - 16.02.2008 (16)
  13. verseuchung oder doch etwas anderes?
    Log-Analyse und Auswertung - 06.12.2007 (5)
  14. problem mit tracking cookies (oder etwas anderem?)
    Log-Analyse und Auswertung - 10.03.2007 (11)
  15. WinFIX ?? oder etwas anderes??????
    Plagegeister aller Art und deren Bekämpfung - 22.01.2006 (7)
  16. Habe Dialer oder etwas anderes :(
    Log-Analyse und Auswertung - 28.04.2005 (6)
  17. Können Viren oder Trojaner so etwas tun...
    Plagegeister aller Art und deren Bekämpfung - 06.08.2003 (3)

Zum Thema Trojaner oder so etwas . Help . - Hallo und ! Da ich neu hier bin möchete ich euch erstmal Herzlich Begrüßen . Und jetz zu meinem Problem : Ich weis nich was es ist aber ich glaube - Trojaner oder so etwas . Help ....
Archiv
Du betrachtest: Trojaner oder so etwas . Help . auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.