Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
4221Dd01 - JS/Kryptik.AI Trojaner

4221Dd01 - JS/Kryptik.AI Trojaner


Plagegeister aller Art und deren Bekämpfung: 4221Dd01 - JS/Kryptik.AI Trojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 26.05.2011, 21:19   #1
HIAS234
 
4221Dd01 - JS/Kryptik.AI Trojaner - Standard

4221Dd01 - JS/Kryptik.AI Trojaner


Hallo zusammen,

bin neu hier und hoffe auf Hilfe bzw. Beratung.
Habe den oben genannten Trojaner mit ESET Smart Security gefunden und ihn dann aus der Quarantäne gelöscht.
Dannach habe ich gegoogelt was das überhaut war und bin auf diesen Beitrag in euerem Forum gestoßen
http://www.trojaner-board.de/98758-w...tml#post653852
Jetzt bin ich schon ein wenig beunruhigt, vor allem weil ich schon länger keinen Scann mehr durchgeführt hatte und nicht weiß wie lange der Trojaner schon drauf ist. Vor allem wegen dem Onlinebanking.

Das zeigt ESET beim Fund an:

C:\Users\****\AppData\Local\Mozilla\Firefox\Profiles\8svz5kw5.default\Cache\1\7F\4221Dd01 » GZIP » 4221Dd01 - JS/Kryptik.AI Trojaner


Nach einem Neustart und weiteren Scann habe ich aber keinen Fund mehr.

Malwarebytes findet auch nichts

mbam-log-2011-05-26(21-51-40):
Zitat:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6686

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

26.05.2011 21:51:40
mbam-log-2011-05-26 (21-51-40).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 165157
Laufzeit: 2 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

OTL.txt


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 26.05.2011 22:01:42 - Run 2
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\****\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,93 Gb Total Physical Memory | 5,19 Gb Available Physical Memory | 65,42% Memory free
15,85 Gb Paging File | 12,90 Gb Available in Paging File | 81,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 52,07 Gb Free Space | 44,72% Space Free | Partition Type: NTFS
Drive D: | 185,20 Gb Total Space | 108,86 Gb Free Space | 58,78% Space Free | Partition Type: NTFS
Drive F: | 232,87 Gb Total Space | 162,12 Gb Free Space | 69,62% Space Free | Partition Type: NTFS
Drive G: | 232,89 Gb Total Space | 115,69 Gb Free Space | 49,68% Space Free | Partition Type: NTFS
 
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\****\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - D:\Valve\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe (asus)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe (Boingo Wireless, Inc.)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\****\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe (Logitech, Inc.)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Sony Ericsson PCCompanion) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
DRV:64bit: - (Epfwndis) -- C:\Windows\SysNative\drivers\epfwndis.sys (ESET)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258) -- C:\Windows\SysNative\drivers\tdrpm258.sys (Acronis)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys ()
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\Windows\SysNative\drivers\s0017unic.sys (MCCI Corporation)
DRV:64bit: - (s0017obex) -- C:\Windows\SysNative\drivers\s0017obex.sys (MCCI Corporation)
DRV:64bit: - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\Windows\SysNative\drivers\s0017nd5.sys (MCCI Corporation)
DRV:64bit: - (s0017mdm) -- C:\Windows\SysNative\drivers\s0017mdm.sys (MCCI Corporation)
DRV:64bit: - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\drivers\s0017mgmt.sys (MCCI Corporation)
DRV:64bit: - (s0017mdfl) -- C:\Windows\SysNative\drivers\s0017mdfl.sys (MCCI Corporation)
DRV:64bit: - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\Windows\SysNative\drivers\s0017bus.sys (MCCI Corporation)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - ({B154377D-700F-42cc-9474-23858FBDF4BD}) -- C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl (CyberLink Corp.)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu"
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: "proxy.uni-erlangen.de"
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.http: "proxy.uni-erlangen.de"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "proxy.uni-erlangen.de"
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: "proxy.uni-erlangen.de"
FF - prefs.js..network.proxy.ssl_port: 80
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.05.18 02:16:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.05.18 02:16:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.04.29 21:15:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.06 18:34:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.04.30 13:49:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.04.06 18:34:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011.02.13 08:53:45 | 000,000,000 | ---D | M]
 
[2011.02.10 21:28:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions
[2011.02.10 21:28:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.05.24 13:58:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\8svz5kw5.default\extensions
[2011.04.27 01:22:59 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\8svz5kw5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.03 22:51:21 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\8svz5kw5.default\extensions\foxyproxy@eric.h.jung
[2011.04.06 16:30:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.30 19:27:06 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.02.10 19:20:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.24 14:13:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- 
() (No name found) -- C:\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8SVZ5KW5.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8SVZ5KW5.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8SVZ5KW5.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2011.04.29 21:15:04 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.12 22:03:50 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [Setwallpaper]  File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Boingo Wi-Fi] C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [Steam] D:\Valve\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 16
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.30.251.2
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.26 21:46:06 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Malwarebytes
[2011.05.26 21:45:50 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.26 21:45:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.26 21:45:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.26 21:45:47 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.26 21:45:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.05.24 23:06:06 | 000,000,000 | ---D | C] -- C:\Users\****\OpenOffice.org 3.2 (de) Installation Files\Documents\Audio Recorder for Free
[2011.05.24 23:06:06 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Audio Recorder for Free
[2011.05.24 23:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Recorder for Free
[2011.05.24 23:05:58 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\NCTAudioFile2.dll
[2011.05.24 23:05:58 | 001,212,416 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioInformation2.dll
[2011.05.24 23:05:58 | 000,880,640 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioEditor2.dll
[2011.05.24 23:05:58 | 000,835,584 | ---- | C] (NCT) -- C:\Windows\SysWow64\NCTAudioCDGrabber2.dll
[2011.05.24 23:05:58 | 000,602,112 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioTransform2.dll
[2011.05.24 23:05:58 | 000,479,232 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioVisualization2.dll
[2011.05.24 23:05:58 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioRecord2.dll
[2011.05.24 23:05:58 | 000,458,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioPlayer2.dll
[2011.05.24 23:05:58 | 000,417,792 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTTextToAudio2.dll
[2011.05.24 23:05:58 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\NCTWMAFile2.dll
[2011.05.24 23:05:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audio Recorder for Free
[2011.05.24 20:23:32 | 000,000,000 | ---D | C] -- C:\Users\****\OpenOffice.org 3.2 (de) Installation Files\Documents\ASUS
[2011.05.23 16:40:11 | 000,000,000 | ---D | C] -- C:\Users\****\Desktop\Neuer Ordner (2)
[2011.05.23 16:39:53 | 000,000,000 | ---D | C] -- C:\Users\****\Desktop\Neuer Ordner
[2011.05.18 02:48:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.05.18 02:21:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011.05.16 13:44:19 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.05.16 00:30:19 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\ApplicationHistory
[2011.05.16 00:29:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2011.05.16 00:28:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2011.05.16 00:27:39 | 000,000,000 | ---D | C] -- C:\StartUp
[2011.05.16 00:27:39 | 000,000,000 | ---D | C] -- C:\Setup_Shell
[2011.05.16 00:27:39 | 000,000,000 | ---D | C] -- C:\CommonStartUp
[2011.05.16 00:26:07 | 000,000,000 | ---D | C] -- C:\Users\****\OpenOffice.org 3.2 (de) Installation Files\Documents\ESItronic
[2011.05.16 00:25:31 | 001,388,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.000
[2011.05.16 00:25:31 | 001,046,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msjet35.dll
[2011.05.16 00:25:31 | 000,415,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrepl35.dll
[2011.05.16 00:25:31 | 000,252,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msrd2x35.dll
[2011.05.16 00:25:31 | 000,123,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSJINT35.DLL
[2011.05.16 00:25:31 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSJTER35.DLL
[2011.05.16 00:25:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spielberg DMS
[2011.05.16 00:25:27 | 002,060,288 | ---- | C] (Micrografx) -- C:\Windows\SysWow64\acgm.dll
[2011.05.16 00:25:19 | 000,606,208 | ---- | C] (Summit Software Company) -- C:\Windows\SysWow64\igsnrn22.dll
[2011.05.16 00:25:19 | 000,557,056 | ---- | C] (SnowBound Software Corporation (www.Snowbnd.com)) -- C:\Windows\SysWow64\snbd10dm.dll
[2011.05.16 00:25:19 | 000,531,968 | ---- | C] (SnowBound Software Corporation (www.Snowbnd.com)) -- C:\Windows\SysWow64\snbd9dm.dll
[2011.05.16 00:25:19 | 000,526,336 | ---- | C] (SnowBound Software Corporation (www.Snowbnd.com)) -- C:\Windows\SysWow64\snbd8w98.dll
[2011.05.16 00:25:19 | 000,385,536 | ---- | C] (Summit Software Company) -- C:\Windows\SysWow64\igsncm22.dll
[2011.05.16 00:25:19 | 000,125,952 | ---- | C] (Summit Software Company) -- C:\Windows\SysWow64\igsnpb22.dll
[2011.05.16 00:25:19 | 000,086,528 | ---- | C] (Summit Software Company) -- C:\Windows\SysWow64\Igsncx22.dll
[2011.05.16 00:25:19 | 000,038,400 | ---- | C] (Summit Software Company) -- C:\Windows\SysWow64\igsnol22.dll
[2011.05.16 00:25:19 | 000,033,280 | ---- | C] (Snowbound Software Corporation (www.Snowbnd.com)) -- C:\Windows\SysWow64\snbdpl1.dll
[2011.05.16 00:24:35 | 000,000,000 | ---D | C] -- C:\ESI
[2011.05.15 23:43:57 | 000,328,704 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe
[2011.05.15 23:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
[2011.05.15 23:07:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2011.05.11 23:16:30 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011.05.11 23:16:30 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011.05.11 23:16:28 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011.05.11 23:16:28 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011.05.11 14:59:49 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.05.11 14:59:47 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.05.11 14:59:46 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.05.10 17:21:18 | 000,000,000 | R--D | C] -- C:\Users\****\Dropbox
[2011.05.10 17:19:07 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2011.05.10 17:18:52 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Dropbox
[2011.05.02 03:45:44 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\MyPhoneExplorer
[2011.05.02 03:45:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
[2011.05.02 03:45:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPhoneExplorer
[2011.05.01 22:33:02 | 000,000,000 | ---D | C] -- C:\Users\****\OpenOffice.org 3.2 (de) Installation Files\Documents\My Photos
[2011.05.01 22:33:02 | 000,000,000 | ---D | C] -- C:\Users\****\OpenOffice.org 3.2 (de) Installation Files\Documents\My Documents
[2011.04.29 21:36:40 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011.04.29 21:36:32 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\HTC
[2011.04.29 21:35:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC Sync
[2011.04.29 21:34:24 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Downloaded Installations
[2011.04.29 21:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
[2011.04.29 21:34:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spirent Communications
[2011.04.29 21:33:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTC
[2011.04.29 20:35:43 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\SysWow64\devil.dll
[2011.04.29 20:35:42 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\SysWow64\avisynth.dll
[2011.04.29 20:35:42 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2011.04.29 20:35:42 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll
[2011.04.29 20:35:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2011.04.29 20:32:43 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2011.04.29 20:32:43 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\SysWow64\nbDX.dll
[2011.04.29 20:32:43 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLOgg.ax
[2011.04.29 20:32:43 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\DiracSplitter.ax
[2011.04.29 20:32:43 | 000,169,472 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\MatroskaDX.ax
[2011.04.29 20:32:43 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\flvDX.dll
[2011.04.29 20:32:43 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\SysWow64\RealMediaDX.ax
[2011.04.29 20:32:43 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\SysWow64\AVCDX.ax
[2011.04.29 20:32:43 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\SysWow64\RLVorbisDec.ax
[2011.04.29 20:32:43 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSSplitter.ax
[2011.04.29 20:32:43 | 000,090,112 | RHS- | C] (-) -- C:\Windows\SysWow64\TTADSDecoder.ax
[2011.04.29 20:32:43 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\SysWow64\RLTheoraDec.ax
[2011.04.29 20:32:43 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\SysWow64\msfDX.dll
[2011.04.29 20:32:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
[2011.04.29 20:31:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft
[2011.04.28 14:39:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Avanquest Bluetooth SDK
[2011.04.28 14:24:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avanquest update
[2011.04.28 14:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Avanquest
[2011.04.28 14:24:44 | 000,000,000 | ---D | C] -- C:\Users\****\OpenOffice.org 3.2 (de) Installation Files\Documents\Sony Ericsson
[2011.04.28 14:24:14 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\Sony Ericsson
[2011.04.28 14:24:14 | 000,000,000 | ---D | C] -- C:\ProgramData\BVRP Software
[2011.04.28 14:22:55 | 000,152,616 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017mdm.sys
[2011.04.28 14:22:55 | 000,145,960 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017unic.sys
[2011.04.28 14:22:55 | 000,133,160 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017mgmt.sys
[2011.04.28 14:22:55 | 000,128,552 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017obex.sys
[2011.04.28 14:22:55 | 000,113,704 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017bus.sys
[2011.04.28 14:22:55 | 000,034,856 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017nd5.sys
[2011.04.28 14:22:55 | 000,019,496 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017mdfl.sys
[2011.04.28 14:22:55 | 000,015,912 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017whnt.sys
[2011.04.28 14:22:55 | 000,015,912 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017wh.sys
[2011.04.28 14:22:55 | 000,014,888 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017cmnt.sys
[2011.04.28 14:22:55 | 000,014,888 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017cm.sys
[2011.04.28 14:22:55 | 000,013,864 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s0017cr.sys
[2011.04.28 14:22:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2011.04.28 14:22:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
[2011.04.28 14:22:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson
[2011.04.27 15:41:48 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011.04.27 15:41:48 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011.04.27 15:41:47 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011.04.27 15:41:47 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011.04.27 15:41:47 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011.04.27 15:41:47 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011.04.27 15:41:47 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011.04.27 15:41:33 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.04.27 15:41:33 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.04.27 15:41:32 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.04.27 15:41:31 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011.04.27 15:41:31 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.04.27 15:41:31 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.04.27 01:22:59 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.27 01:22:58 | 000,000,000 | ---D | C] -- C:\Users\****\OpenOffice.org 3.2 (de) Installation Files\Documents\DVDVideoSoft
[2011.04.27 01:22:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Plasmoo
[2011.04.27 01:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011.04.27 01:22:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2011.04.27 01:22:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.26 21:45:51 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.26 20:56:25 | 415,301,632 | ---- | M] () -- C:\Users\****\Desktop\ctbankix-2011.iso
[2011.05.26 19:13:52 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.26 19:13:52 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.26 19:06:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.26 19:06:32 | 2088,144,895 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.24 11:18:07 | 000,664,634 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.05.24 11:18:07 | 000,624,776 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.05.24 11:18:07 | 000,134,770 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.05.24 11:18:07 | 000,110,414 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.05.24 11:18:06 | 001,527,504 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.05.18 14:10:14 | 000,472,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.05.18 02:49:33 | 000,000,009 | ---- | M] () -- C:\Windows\ULEAD32.INI
[2011.05.16 21:17:00 | 000,001,316 | ---- | M] () -- C:\Windows\RBSystem.ini
[2011.05.16 21:17:00 | 000,000,551 | ---- | M] () -- C:\Windows\ESIDATA.ini
[2011.05.16 13:44:19 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.05.16 00:30:19 | 000,000,096 | ---- | M] () -- C:\Users\****\AppData\Local\fusioncache.dat
[2011.05.16 00:30:19 | 000,000,059 | ---- | M] () -- C:\Windows\~DDB_Setup.ini
[2011.05.16 00:30:09 | 001,554,122 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.16 00:25:03 | 000,004,017 | ---- | M] () -- C:\Windows\System\v9Sys_xx.vxd
[2011.05.16 00:00:09 | 000,001,520 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011.05.16 00:00:06 | 000,002,174 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011.05.15 23:07:54 | 000,868,848 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2011.05.10 17:19:12 | 000,001,029 | ---- | M] () -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011.05.07 17:47:26 | 020,177,567 | ---- | M] () -- C:\Users\****\OpenOffice.org 3.2 (de) Installation Files\Documents\VIDEO0002.3gp
[2011.05.02 03:45:42 | 000,002,063 | ---- | M] () -- C:\Users\****\MyPhoneExplorer.lnk
[2011.04.29 21:36:00 | 000,001,084 | ---- | M] () -- C:\Users\****\HTC Sync.lnk
[2011.04.28 14:52:22 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.04.28 14:29:55 | 000,002,270 | ---- | M] () -- C:\Users\****\Sony Ericsson PC Companion 2.0.lnk
[2011.04.27 01:23:01 | 000,001,245 | ---- | M] () -- C:\Users\****\DVDVideoSoft Free Studio.lnk
[2011.04.27 01:22:57 | 000,001,318 | ---- | M] () -- C:\Users\****\Free YouTube Download.lnk
 
========== Files Created - No Company Name ==========
 
[2011.05.26 21:45:51 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.26 20:25:17 | 415,301,632 | ---- | C] () -- C:\Users\****\Desktop\ctbankix-2011.iso
[2011.05.24 23:05:58 | 000,113,486 | ---- | C] () -- C:\Windows\SysWow64\NCTWMAProfiles.prx
[2011.05.16 00:30:19 | 000,000,096 | ---- | C] () -- C:\Users\****\AppData\Local\fusioncache.dat
[2011.05.16 00:29:31 | 001,554,122 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.16 00:28:45 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2011.05.16 00:27:39 | 000,000,059 | ---- | C] () -- C:\Windows\~DDB_Setup.ini
[2011.05.16 00:25:41 | 000,001,316 | ---- | C] () -- C:\Windows\RBSystem.ini
[2011.05.16 00:25:38 | 000,397,312 | ---- | C] () -- C:\Windows\esi_kl01.dat
[2011.05.16 00:25:19 | 000,006,967 | ---- | C] () -- C:\Windows\SysWow64\Browser.men
[2011.05.16 00:25:19 | 000,006,958 | ---- | C] () -- C:\Windows\SysWow64\browser.exa
[2011.05.16 00:25:03 | 000,004,017 | ---- | C] () -- C:\Windows\System\v9Sys_xx.vxd
[2011.05.15 23:43:58 | 000,000,551 | ---- | C] () -- C:\Windows\ESIDATA.ini
[2011.05.15 23:07:54 | 000,868,848 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2011.05.10 17:19:12 | 000,001,029 | ---- | C] () -- C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011.05.07 17:44:35 | 020,177,567 | ---- | C] () -- C:\Users\****\OpenOffice.org 3.2 (de) Installation Files\Documents\VIDEO0002.3gp
[2011.05.02 03:45:42 | 000,002,063 | ---- | C] () -- C:\Users\****\MyPhoneExplorer.lnk
[2011.04.29 21:36:00 | 000,001,084 | ---- | C] () -- C:\Users\****\HTC Sync.lnk
[2011.04.29 20:35:42 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011.04.29 20:32:43 | 000,227,328 | RHS- | C] () -- C:\Windows\SysWow64\ac3DX.ax
[2011.04.29 20:32:43 | 000,175,104 | RHS- | C] () -- C:\Windows\SysWow64\CoreAAC.ax
[2011.04.29 20:32:43 | 000,120,832 | RHS- | C] () -- C:\Windows\SysWow64\MPCDx.ax
[2011.04.29 20:32:43 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\RLMPCDec.ax
[2011.04.29 20:32:43 | 000,097,280 | RHS- | C] () -- C:\Windows\SysWow64\FLACDX.ax
[2011.04.29 20:32:43 | 000,081,920 | RHS- | C] () -- C:\Windows\SysWow64\aac_parser.ax
[2011.04.29 20:32:43 | 000,070,656 | RHS- | C] () -- C:\Windows\SysWow64\RLAPEDec.ax
[2011.04.29 20:32:43 | 000,051,712 | RHS- | C] () -- C:\Windows\SysWow64\RLSpeexDec.ax
[2011.04.28 14:52:22 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.04.28 14:29:55 | 000,002,270 | ---- | C] () -- C:\Users\****\Sony Ericsson PC Companion 2.0.lnk
[2011.04.27 01:23:01 | 000,001,245 | ---- | C] () -- C:\Users\****\DVDVideoSoft Free Studio.lnk
[2011.04.27 01:22:57 | 000,001,318 | ---- | C] () -- C:\Users\****\Free YouTube Download.lnk
[2011.04.21 21:03:50 | 000,000,009 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2011.03.14 22:15:52 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.12.21 04:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.05.30 20:13:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.05.30 20:08:30 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.05.30 03:49:21 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2010.04.21 01:08:41 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2010.04.21 01:06:22 | 000,000,735 | ---- | C] () -- C:\Windows\FF05_Render_Spk_Hp.ini
[2010.04.21 01:06:22 | 000,000,508 | ---- | C] () -- C:\Windows\FF05_not_Spk_Hp.ini
[2010.04.21 01:03:59 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.04.21 01:03:59 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010.04.21 00:59:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.04.21 00:48:32 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009.10.26 05:38:22 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009.08.19 10:33:09 | 000,020,480 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2009.08.19 10:33:09 | 000,000,232 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009.07.29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.12.02 03:32:32 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
 
========== LOP Check ==========
 
[2010.05.30 18:45:09 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Acronis
[2010.05.01 02:28:25 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Asus WebStorage
[2011.05.24 23:49:56 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Audio Recorder for Free
[2011.05.26 19:07:16 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Dropbox
[2011.04.27 01:22:59 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.02.21 01:20:34 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\elsterformular
[2010.05.30 04:47:06 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\ESET
[2011.05.24 11:16:06 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\FileZilla
[2011.05.25 19:19:24 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\HLSW
[2011.04.29 21:36:33 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\HTC
[2011.04.29 21:36:40 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011.02.23 01:45:17 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\IrfanView
[2011.02.10 20:27:56 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Leadertech
[2011.03.20 19:58:12 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Mumble
[2011.05.02 03:48:15 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\MyPhoneExplorer
[2011.02.14 21:29:35 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Notepad++
[2010.05.30 20:32:22 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\OpenOffice.org
[2011.02.10 21:28:35 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Thunderbird
[2010.05.30 11:04:27 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Trillian
[2011.05.13 13:13:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TS3Client
[2011.04.03 17:03:55 | 000,032,618 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---


Extras.txt

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 26.05.2011 22:01:42 - Run 2
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\****\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,93 Gb Total Physical Memory | 5,19 Gb Available Physical Memory | 65,42% Memory free
15,85 Gb Paging File | 12,90 Gb Available in Paging File | 81,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 52,07 Gb Free Space | 44,72% Space Free | Partition Type: NTFS
Drive D: | 185,20 Gb Total Space | 108,86 Gb Free Space | 58,78% Space Free | Partition Type: NTFS
Drive F: | 232,87 Gb Total Space | 162,12 Gb Free Space | 69,62% Space Free | Partition Type: NTFS
Drive G: | 232,89 Gb Total Space | 115,69 Gb Free Space | 49,68% Space Free | Partition Type: NTFS
 
Computer Name: ****-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel(R) Turbo Boost Technology Monitor
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software 7.00
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{88CD6A0C-1220-4CD3-9AF1-ADB1D888C39E}" = ESET Smart Security
"{8C69B19F-71DF-F80F-0C2F-56E9FE5C95CB}" = WMV9/VC-1 Video Playback
"{8E3ECAA6-4975-17E7-E443-960F8E3F9136}" = ccc-utility64
"{90A1F0ED-BC6F-EBD4-2101-885AB084499C}" = ATI Catalyst Install Manager
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F634E9C2-5D00-3A4B-5AB0-148C431BBDD5}" = ATI AVIVO64 Codecs
"0E74EB10C05C955C24243E6D3120CDC972FC5B1D" = Windows Driver Package - Broadcom HIDClass  (06/11/2009 6.2.0.9500)
"2AA10AB519DC7432D599A0E860206A7DDCC27764" = Windows Driver Package - Broadcom Bluetooth  (07/29/2009 6.1.7100.0)
"ASUS WebStorage" = ASUS WebStorage
"F9FD5BBF579A4BFD40D38BE291F731666B27DC28" = Windows Driver Package - Broadcom Bluetooth  (07/17/2009 6.2.0.9403)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"sp6" = Logitech SetPoint 6.20
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"USB 2.0 2.0M UVC WebCam" = USB 2.0 2.0M UVC WebCam
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 24
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{293F82CD-1BE8-03BC-DBAD-903388CFBB62}" = Catalyst Control Center Localization All
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{38F8D823-008D-4E5A-BBCE-867A86C2BF2B}" = Sound Blaster Audigy HD
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{5A4FB792-D98F-409C-24B6-BD2A80D30E3A}" = Catalyst Control Center Graphics Previews Common
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ED38A3-4882-448B-B44D-3428AB00D7D5}" = Acronis*True*Image*Home
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}" = Piggly FREE
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}" = Smileyville FREE
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{896C5024-AA39-12E8-D6C2-D818B7E3D58F}" = CCC Help English
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 Test
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{923E3957-F939-453A-BD55-41CFB8D7F211}" = HTC Sync
"{95120000-0120-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A22BB09-8086-691D-F409-3AF74D9E3BF0}" = ccc-core-static
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{ADEEF3E4-15A4-F286-38EE-675A8EF0212B}" = Catalyst Control Center InstallProxy
"{B5A5627C-0173-4DB2-ADA8-740479370F67}" = Express Gate
"{B653A2EC-D816-4498-A4FD-651047AB9DC9}" = Boingo Wi-Fi
"{B72E80DB-DF9B-DE1E-8899-CC74B6B9456A}" = Catalyst Control Center InstallProxy
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.48 (April 23, 2011) Version v2011.build.48
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C9991C9B-0783-452E-8954-AB93E2AB3B80}_is1" = Game Park Console
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.01.149
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F14B8ECC-BDA0-4987-9201-D7B7DBE11031}" = Nero 7 Ultra Edition
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"ASUS AP Bank_is1" = ASUS AP Bank
"ASUS_Notebook_G73" = ASUS_Notebook_G73 Screen Saver
"Audio Recorder for Free_is1" = Audio Recorder for Free 2010 v12.8.2
"DivX Setup.divx.com" = DivX-Setup
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"ElsterFormular für Privatanwender 12.1.0.6164p" = ElsterFormular für Privatanwender
"FileZilla Client" = FileZilla Client 3.4.0
"Free YouTube Download_is1" = Free YouTube Download version 2.10.34.421
"HLSW_is1" = HLSW v1.3.2.1
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Mozilla Thunderbird (3.1.10)" = Mozilla Thunderbird (3.1.10)
"MPE" = MyPhoneExplorer
"Mumble" = Mumble and Murmur
"Notepad++" = Notepad++
"SmartFTP Client 4.0 (x64) Setup Files" = SmartFTP Client Setup Files 4.0 (x64) (remove only)
"SprayR" = SprayR 1.0 RC7b
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 240" = Counter-Strike: Source
"Trillian" = Trillian
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.9
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Winamp Detect" = Winamp Anwendungserkennung
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 12.05.2011 07:13:29 | Computer Name = ****-PC | Source = Google Update | ID = 20
Description = 
 
Error - 12.05.2011 08:12:19 | Computer Name = ****-PC | Source = Google Update | ID = 20
Description = 
 
Error - 12.05.2011 08:13:27 | Computer Name = ****-PC | Source = Google Update | ID = 20
Description = 
 
Error - 12.05.2011 09:12:19 | Computer Name = ****-PC | Source = Google Update | ID = 20
Description = 
 
Error - 12.05.2011 09:13:27 | Computer Name = ****-PC | Source = Google Update | ID = 20
Description = 
 
Error - 12.05.2011 10:12:19 | Computer Name = ****-PC | Source = Google Update | ID = 20
Description = 
 
Error - 12.05.2011 10:13:28 | Computer Name = ****-PC | Source = Google Update | ID = 20
Description = 
 
Error - 12.05.2011 11:12:20 | Computer Name = ****-PC | Source = Google Update | ID = 20
Description = 
 
Error - 12.05.2011 11:13:27 | Computer Name = ****-PC | Source = Google Update | ID = 20
Description = 
 
Error - 12.05.2011 12:12:19 | Computer Name = ****-PC | Source = Google Update | ID = 20
Description = 
 
[ System Events ]
Error - 07.04.2011 17:22:41 | Computer Name = ****-PC | Source = iaStor | ID = 262153
Description = Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht
 geantwortet.
 
 
< End of report >
--- --- ---



Soll ich nun das System neu aufsetzten bzw ein Uralt-Backup einspielen?
Werde mir auf jeden fall diese Maßnahmen von "markusg" genauer anschauen falls sich das mit dem Trojaner schon erledigt haben sollte.

Vielen dank im voraus

HIAS234


Edit: Sehe gerade, dass seid einer halben Ewigkeit mein Mozilla-Thunderbird-Symbol in der Schnellstartleiste wieder richtig angezeigt wird. Kann das was damit zu tun haben?
Geändert von HIAS234 (26.05.2011 um 21:29 Uhr)

 

Themen zu 4221Dd01 - JS/Kryptik.AI Trojaner
.dll, adobe, adobe flash player, asus, bho, c:\windows\system32\rundll32.exe, call of duty, defender, error, eset smart security, explorer, extras.txt, firefox, flash player, format, gfnexsrv.exe, home, install.exe, installation, jdownloader, js/kryptik.ai trojaner, launch, logfile, maßnahme, mozilla, mozilla thunderbird, neustart, oldtimer, otl.txt, plug-in, port, realtek, registry, scan, searchplugins, security, shell32.dll, software, spielen, sptd.sys, start menu, super, system neu, syswow64, teamspeak, trojane, trojaner, usb 2.0, webcheck


« Trojan.Agent/Gen-Frauder | Problem mit java(Java/trojanerDownloader.....) »


Ähnliche Themen: 4221Dd01 - JS/Kryptik.AI Trojaner


  1. JS/Kryptik.ATB Trojaner/PUP.Optional.WebInstr/ Windows 8
    Plagegeister aller Art und deren Bekämpfung - 25.02.2015 (7)
  2. Email - Win32/Kryptik.CSHO Trojaner im Anhang - kritisch?
    Antiviren-, Firewall- und andere Schutzprogramme - 28.12.2014 (3)
  3. -js-kryptik-ai-trojaner entdeckt
    Plagegeister aller Art und deren Bekämpfung - 01.08.2014 (11)
  4. Windows 7 JS/Kryptik.I Trojaner
    Log-Analyse und Auswertung - 15.05.2014 (5)
  5. Windows7 64bit / Avira findet Trojaner TR/Mediyes.Gen6 und TR/Kryptik.avp.20
    Log-Analyse und Auswertung - 28.12.2013 (8)
  6. Anti Virus findet Trojaner TR/Vundo.A.852 und TR/Kryptik.2949125, was tun?
    Log-Analyse und Auswertung - 16.12.2013 (11)
  7. Infektion mit Trojaner Win32/Kryptik.BCOI von Firmenwebseite. Ist er noch auf dem PC vorhanden?
    Log-Analyse und Auswertung - 11.10.2013 (3)
  8. Auf Webspace JS/Kryptik.ALA Trojaner kommt immer wieder
    Log-Analyse und Auswertung - 02.06.2013 (3)
  9. JS/Kryptik.ABQ Trojaner und JS/Exploit.Pdfka.PVL Trojaner
    Log-Analyse und Auswertung - 16.11.2012 (7)
  10. Eset meldet Kryptik AMQ Trojaner
    Log-Analyse und Auswertung - 08.11.2012 (2)
  11. JS/Kryptik.LX Trojaner auf meinem webspace
    Plagegeister aller Art und deren Bekämpfung - 14.04.2012 (5)
  12. TR/ATRAPS.Gen2, TR/Kryptik.FYC, TR/Kazy.47207.1 und andere Trojaner gefunden.
    Log-Analyse und Auswertung - 09.12.2011 (5)
  13. Werbung hörbar, ohne Bild oder Prozess!/ NOD32 meldet: JS/Kryptik.AI Trojaner
    Log-Analyse und Auswertung - 17.05.2011 (10)
  14. kryptik.NIT-Trojaner in C:\Users\Alexander\AppData\Roaming\Yvap\ulnoa.exe
    Log-Analyse und Auswertung - 09.05.2011 (15)
  15. Variante von Win32/Kryptik.GYI Trojaner
    Plagegeister aller Art und deren Bekämpfung - 27.09.2010 (0)
  16. Variante von Win32/Kryptik.HY Trojaner - RECYCLER ?
    Plagegeister aller Art und deren Bekämpfung - 21.02.2009 (29)
  17. Kryptik.FX Trojaner
    Log-Analyse und Auswertung - 01.02.2009 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema 4221Dd01 - JS/Kryptik.AI Trojaner - Hallo zusammen, bin neu hier und hoffe auf Hilfe bzw. Beratung. Habe den oben genannten Trojaner mit ESET Smart Security gefunden und ihn dann aus der Quarantäne gelöscht. Dannach habe - 4221Dd01 - JS/Kryptik.AI Trojaner...
Archiv
Du betrachtest: 4221Dd01 - JS/Kryptik.AI Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131