| |
| |||||||
Log-Analyse und Auswertung: Festplattenproblem "Trojaner entdeckt"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
04.06.2011, 19:18
| #1 |
| |  Festplattenproblem "Trojaner entdeckt" hallo, ich habe windows 7 und heute morgen habe ich ploetzlich undendlich viele meldungen erhalten, dass meine festplatte nicht mehr erkannt wird ( critical hard disk error ), und daten verloren gehen, dass meine festplatte beschaedigt ist und das ein "cluster" oder "trojaner" festgestellt wurde es hat sich das " windows 7 recovery" geoeffnet das sich auch nicht schliessen laesst mein desktop ist schwarz ich habe leider gar keine ahnung was nun zu tun ist ich habe hier einen beitrag mit einem aehnlichen problem gefunden und mit OTL einen scan durchgefuehrt ich hoffe ihr koennt mir weiter helfen.  OTL.Txt - EditorOTL Logfile: Code:
ATTFilter OTL logfile created on: 04.06.2011 19:19:59 - Run 1 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Samira\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,75 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 52,56% Memory free 7,49 Gb Paging File | 5,26 Gb Available in Paging File | 70,29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 455,68 Gb Total Space | 403,33 Gb Free Space | 88,51% Space Free | Partition Type: NTFS Drive E: | 15,55 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: SAMIRA-VAIO | User Name: Samira | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Samira\Downloads\OTL.exe (OldTimer Tools) PRC - C:\ProgramData\39051000.exe (Microsoft Corporation) PRC - C:\ProgramData\KcGKxXpEJYTtjJY.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Iminent\IMBooster\IMBooster.exe (Iminent) PRC - C:\Program Files (x86)\Safari\Safari.exe (Apple Inc.) PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Care\VCSpt.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe () PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Windows\SysWOW64\attrib.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\Samira\Downloads\OTL.exe (OldTimer Tools) MOD - c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll (McAfee, Inc.) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.) SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe () SRV:64bit: - (McODS) -- C:\Program Files\mcafee\VirusScan\mcods.exe (McAfee, Inc.) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McOobeSv) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV:64bit: - (SpfService) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe (Sony Corporation) SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe (Sony Corporation) SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\collsvc.exe (Sony of America Corporation) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (mfevtp) -- C:\Programme\Common Files\mcafee\systemcore\mfevtps.exe (McAfee, Inc.) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions) SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions) SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.) DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.) DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.) DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.) DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.) DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.) DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.) DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\tbPHPN.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVED&bmod=EU01 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\tbPHPN.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "SearchTheWeb" FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.startup.homepage: "hxxp://search.iminent.com/?appId=21f68f9c-7263-4409-bece-2423fa3d7c12&ref=homepage" FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1 FF - prefs.js..extensions.enabledItems: {c9508125-4747-4733-b048-e4b82dc9716d}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2 FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011.05.21 15:59:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.08 14:01:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.08 14:01:08 | 000,000,000 | ---D | M] [2011.02.08 07:49:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samira\AppData\Roaming\mozilla\Extensions [2011.05.10 05:24:15 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Samira\AppData\Roaming\mozilla\Firefox\Profiles\0xy2w5rk.default\extensions [2011.05.10 05:24:13 | 000,000,000 | -H-D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Samira\AppData\Roaming\mozilla\Firefox\Profiles\0xy2w5rk.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.02.08 12:39:39 | 000,000,000 | -H-D | M] ("DVDVideoSoft Menu") -- C:\Users\Samira\AppData\Roaming\mozilla\Firefox\Profiles\0xy2w5rk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.05.10 05:24:14 | 000,000,000 | -H-D | M] (PHPNukeDE Community Toolbar) -- C:\Users\Samira\AppData\Roaming\mozilla\Firefox\Profiles\0xy2w5rk.default\extensions\{c9508125-4747-4733-b048-e4b82dc9716d} [2011.05.10 05:24:15 | 000,000,000 | -H-D | M] (softonic-de3 Community Toolbar) -- C:\Users\Samira\AppData\Roaming\mozilla\Firefox\Profiles\0xy2w5rk.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2011.05.10 05:24:12 | 000,000,000 | -H-D | M] (Conduit Engine) -- C:\Users\Samira\AppData\Roaming\mozilla\Firefox\Profiles\0xy2w5rk.default\extensions\engine@conduit.com [2010.12.08 16:47:52 | 000,000,927 | -H-- | M] () -- C:\Users\Samira\AppData\Roaming\Mozilla\Firefox\Profiles\0xy2w5rk.default\searchplugins\conduit.xml [2011.06.02 17:18:07 | 000,002,230 | -H-- | M] () -- C:\Users\Samira\AppData\Roaming\Mozilla\Firefox\Profiles\0xy2w5rk.default\searchplugins\SearchTheWeb.xml [2011.05.27 08:09:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.05.27 08:09:05 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Program Files (x86)\mozilla firefox\extensions\webbooster@iminent.com File not found (No name found) -- [2011.05.21 15:59:03 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR [2011.05.08 14:00:58 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2010.10.13 23:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll [2011.05.08 14:01:01 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.05.08 14:01:01 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.05.08 14:01:01 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.05.08 14:01:01 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.07.10 02:21:02 | 000,002,157 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml [2011.05.08 14:01:02 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.05.08 14:01:02 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho64.dll () O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20110209092734.dll (McAfee, Inc.) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.) O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho.dll () O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll () O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110209092734.dll (McAfee, Inc.) O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found. O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\IMBooster4Web\Iminent.WebBooster.dll (Iminent) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O2 - BHO: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\tbPHPN.dll (Conduit Ltd.) O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll () O3 - HKLM\..\Toolbar: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\tbPHPN.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll () O3 - HKCU\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Program Files (x86)\PHPNukeDE\tbPHPN.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [IMBooster] C:\Program Files (x86)\Iminent\IMBooster\imbooster.exe (Iminent) O4 - HKLM..\Run: [Iminent.Notifier] C:\Program Files (x86)\Iminent\SearchTheWeb\Iminent.Notifier.exe (Iminent) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [KcGKxXpEJYTtjJY] C:\ProgramData\KcGKxXpEJYTtjJY.exe (Microsoft Corporation) O4 - HKCU..\Run: [Mobile Partner] C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe () O4 - HKCU..\RunOnce: [.IMinentUpdate] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Samira\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Samira\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Free YouTube Download - C:\Users\Samira\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Samira\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll (Google Inc.) O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.08.24 04:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - E:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2008.09.19 03:12:34 | 000,000,045 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{09eb7956-32d0-11e0-b650-001e101fa1f5}\Shell - "" = AutoRun O33 - MountPoints2\{09eb7956-32d0-11e0-b650-001e101fa1f5}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.24 04:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{58c3b901-345c-11e0-bfb4-001e101f2500}\Shell - "" = AutoRun O33 - MountPoints2\{58c3b901-345c-11e0-bfb4-001e101f2500}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.24 04:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{b14eee2e-3581-11e0-a516-001e101faa49}\Shell - "" = AutoRun O33 - MountPoints2\{b14eee2e-3581-11e0-a516-001e101faa49}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.24 04:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{d4e41121-32c1-11e0-a9dc-5442492e7eb3}\Shell - "" = AutoRun O33 - MountPoints2\{d4e41121-32c1-11e0-a9dc-5442492e7eb3}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.24 04:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{d4e41130-32c1-11e0-a9dc-5442492e7eb3}\Shell - "" = AutoRun O33 - MountPoints2\{d4e41130-32c1-11e0-a9dc-5442492e7eb3}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.24 04:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.24 04:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.06.04 19:04:46 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{A054B5FA-5A81-4C40-8E63-722D9F4FA5EE} [2011.06.04 09:10:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2011.06.04 07:35:11 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery [2011.06.04 07:34:55 | 000,333,824 | -H-- | C] (Microsoft Corporation) -- C:\ProgramData\39051000.exe [2011.06.04 07:25:49 | 000,417,280 | -H-- | C] (Microsoft Corporation) -- C:\ProgramData\KcGKxXpEJYTtjJY.exe [2011.06.04 07:04:12 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{07250B0F-69D8-45BF-A51C-94157964B4C9} [2011.06.03 19:03:14 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{15418651-19C6-4CD8-8C29-BA3676B3977B} [2011.06.03 05:17:46 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{F32585C5-04CD-4B9C-B90F-C774F6B46953} [2011.06.02 17:17:07 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{6A6CF95A-C5E6-4B84-9B39-F323ABA6D584} [2011.06.02 03:21:49 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{37BCC482-AB79-44E5-BBE9-093E7FB9415D} [2011.06.01 14:02:45 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{AE4524D2-4D27-4FC1-BD58-1CFC69B6459A} [2011.06.01 05:21:20 | 000,000,000 | ---D | C] -- C:\output [2011.06.01 00:53:21 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{84A8E12C-0F4E-4EDA-AD6B-94A22C03E7CD} [2011.05.30 21:06:43 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{DE9B893E-F408-4D89-B395-489DCA33B5B6} [2011.05.29 14:46:39 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{4A17D1B5-8D63-46EC-A42A-2E39E7826394} [2011.05.29 02:59:21 | 000,000,000 | -H-D | C] -- C:\Users\Samira\Documents\gp_win_rc6.1 [2011.05.28 20:08:43 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{2DB9468C-9960-445E-A49E-F884359BB94C} [2011.05.28 08:07:59 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{0D6F60DF-8223-4F6A-8624-8448282353AF} [2011.05.28 06:29:06 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Roaming\go [2011.05.28 06:29:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\Easybits GO [2011.05.27 20:07:32 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{2AF34F0D-7DCF-476B-B187-B0F2730906D0} [2011.05.27 18:10:20 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{A54AF27F-D851-484F-850F-A5BECE38B683} [2011.05.27 18:04:01 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{ACD4BE52-F9E0-4877-AF93-7755E580AF09} [2011.05.27 08:15:18 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Roaming\PhotoScape [2011.05.27 08:12:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape [2011.05.27 08:12:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape [2011.05.27 08:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IMinent Toolbar [2011.05.27 08:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent [2011.05.27 08:08:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\IMinent [2011.05.27 08:08:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Iminent [2011.05.27 08:00:03 | 017,327,195 | -H-- | C] (Mooii) -- C:\Users\Samira\Documents\PhotoScapeSetup_V3.5.exe [2011.05.27 03:00:41 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{DA198D85-0047-4601-9B68-CF191C5B3307} [2011.05.26 05:12:37 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{E57C6C1D-D343-47B5-AD5C-43EA95C9578B} [2011.05.25 17:17:57 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2011.05.25 17:11:57 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{77162040-EA1B-4BF6-A15E-E47F9B042A3F} [2011.05.25 04:23:52 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{BE48FD38-0312-429E-A9C2-DA9089BCEA32} [2011.05.24 16:23:02 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{A68C38CE-A495-4B70-AD09-C83D20E16090} [2011.05.23 18:30:26 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{5382DDE9-8C31-4536-891A-70B765BDABF5} [2011.05.23 16:36:02 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{4B82CD98-303D-4506-920E-C4C1BB339D63} [2011.05.23 03:49:26 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{E614BCA6-8180-4D79-B3E6-BA31CCCF52C8} [2011.05.22 20:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch) [2011.05.22 20:27:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\VirtualizedApplications [2011.05.22 18:14:56 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\SoftGrid Client [2011.05.22 18:14:55 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Roaming\SoftGrid Client [2011.05.22 18:13:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2011.05.22 18:13:31 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office [2011.05.22 18:13:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client [2011.05.22 18:11:39 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Roaming\TP [2011.05.22 15:49:11 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{471DADA5-5E29-4A34-BD2F-146301B875F9} [2011.05.22 06:49:42 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{3E1F637C-EB50-449B-9675-F9C5F5818038} [2011.05.21 18:20:00 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{2F5B9C59-5F08-4E73-92E4-167540005443} [2011.05.21 06:18:37 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{78AB5B0A-D75A-4F31-9A67-0567566113BC} [2011.05.20 15:08:25 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{28006FC4-8ABA-4AA6-8891-23AFA2872FAB} [2011.05.20 03:07:59 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{011186A8-1A1C-4812-9830-25348C1D2CC5} [2011.05.19 15:07:33 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{3E725B74-A800-4BA9-A33B-07DE75388A17} [2011.05.19 03:07:05 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{0E96D3A6-E521-4377-94A0-B08C3D1EEF1C} [2011.05.18 15:06:52 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{0A887B75-8D12-4A35-AB6F-7EDEBC1BC11C} [2011.05.17 15:05:45 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{5C871EB0-EB71-436B-AFD6-569822D17662} [2011.05.17 01:07:37 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{8931A9F5-A670-4EF2-9F0D-00E9E7A6B0C5} [2011.05.14 16:43:43 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2011.05.14 16:43:43 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2011.05.14 15:06:21 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{ADE2037A-8B3D-43F4-987F-F3BD005BD554} [2011.05.13 02:07:35 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{2F81D0BE-CB8D-4A0E-99F4-8EB8854AF8A3} [2011.05.12 14:07:08 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{C8F62541-CD6E-4D08-B0EB-FC3BA83C5F3F} [2011.05.12 02:06:40 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{AED3A1CA-03DB-47E9-B5A7-B65F2DC111B0} [2011.05.12 00:35:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\Skype Extras [2011.05.12 00:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.05.12 00:34:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2011.05.11 14:05:09 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{BF70FC38-6351-457E-B4BE-6AFAF521FEE6} [2011.05.10 21:19:47 | 005,509,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2011.05.10 21:19:45 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2011.05.10 21:19:45 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2011.05.10 21:18:56 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2011.05.10 21:18:55 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2011.05.10 20:59:44 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{42B9F107-0C21-4024-A1D9-3F394BAC83D4} [2011.05.10 05:30:00 | 000,000,000 | -H-D | C] -- C:\Users\Samira\Documents\Amnesia [2011.05.10 05:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent Demo [2011.05.10 05:27:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amnesia - The Dark Descent Demo [2011.05.10 04:06:08 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{7C90343A-6002-4CFA-A561-9BAA7EE5FAEE} [2011.05.09 16:05:42 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{89E3B70E-0DDD-4CC4-878B-AA2D2EF5E1DF} [2011.05.09 04:04:50 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{385CD574-1FEA-4F0D-83EB-B65FB539C081} [2011.05.08 07:47:38 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{0CDFE779-DAC5-45CC-AC2B-31F84C4A6C20} [2011.05.07 15:17:46 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{FD5BCB55-5E55-4068-BEB2-167362606DC4} [2011.05.06 21:06:54 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{855CDDFB-F235-42D2-BFB1-0DDB8AADCFC1} [2011.05.06 05:03:36 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{8F29C608-1819-4AB4-A669-2B85F2AF0AE1} [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.06.04 19:21:30 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.06.04 19:01:07 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.06.04 09:16:06 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.04 09:16:06 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.04 09:08:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.04 09:08:06 | 3015,884,800 | -HS- | M] () -- C:\hiberfil.sys [2011.06.04 08:41:38 | 000,654,610 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.06.04 08:41:38 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.06.04 08:41:38 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.06.04 08:41:37 | 001,500,018 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.06.04 08:41:37 | 000,130,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.06.04 07:35:19 | 000,000,040 | -H-- | M] () -- C:\ProgramData\~39051000 [2011.06.04 07:35:11 | 000,000,635 | -H-- | M] () -- C:\Users\Samira\Desktop\Windows 7 Recovery.lnk [2011.06.04 07:34:55 | 000,333,824 | -H-- | M] (Microsoft Corporation) -- C:\ProgramData\39051000.exe [2011.06.04 07:25:49 | 000,417,280 | -H-- | M] (Microsoft Corporation) -- C:\ProgramData\KcGKxXpEJYTtjJY.exe [2011.06.03 02:20:44 | 000,093,478 | -H-- | M] () -- C:\Users\Samira\Desktop\björn.jpg [2011.06.03 02:19:11 | 000,081,432 | -H-- | M] () -- C:\Users\Samira\Desktop\harrow.jpg [2011.06.03 01:13:55 | 001,782,853 | -H-- | M] () -- C:\Users\Samira\Desktop\JHIKLJLKJMLÖ.png [2011.06.03 01:13:40 | 000,000,788 | -H-- | M] () -- C:\Users\Samira\Documents\Dokument.rtf [2011.06.02 22:54:10 | 000,027,942 | -H-- | M] () -- C:\Users\Samira\Desktop\47865_106117812781890_100001510162530_51958_4863272_n.jpg [2011.06.01 14:27:08 | 000,071,363 | -H-- | M] () -- C:\Users\Samira\Desktop\NEU.jpg [2011.06.01 14:26:59 | 000,076,292 | -H-- | M] () -- C:\Users\Samira\Desktop\kjn.nljlklllllllllllllllllllll.jpg [2011.06.01 05:22:04 | 000,185,539 | -H-- | M] () -- C:\Users\Samira\Desktop\ijklköö.jpg [2011.06.01 04:52:19 | 000,066,536 | -H-- | M] () -- C:\Users\Samira\Desktop\Bild338.jpg [2011.06.01 04:43:54 | 000,048,128 | -H-- | M] () -- C:\Users\Samira\Desktop\photothumb.db [2011.05.31 06:32:43 | 002,756,797 | -H-- | M] () -- C:\Users\Samira\18 Noir (Ulterior Motive Remix).mp3.part [2011.05.31 06:32:43 | 002,700,337 | -H-- | M] () -- C:\Users\Samira\19 Friendly Intentions.mp3.part [2011.05.31 06:32:43 | 002,612,577 | -H-- | M] () -- C:\Users\Samira\20 Kisses And Lies.mp3.part [2011.05.31 06:32:43 | 002,610,817 | -H-- | M] () -- C:\Users\Samira\16 Cracker.mp3.part [2011.05.31 06:32:43 | 002,558,271 | -H-- | M] () -- C:\Users\Samira\15 Gateway.mp3.part [2011.05.31 06:32:43 | 002,557,902 | -H-- | M] () -- C:\Users\Samira\13 Dreadnaught (ft. SP-MC).mp3.part [2011.05.31 06:32:43 | 002,545,261 | -H-- | M] () -- C:\Users\Samira\04 Nothing is older than yesterday.mp3.part [2011.05.31 06:32:43 | 002,483,283 | -H-- | M] () -- C:\Users\Samira\14 Things I Do (Spectrasoul Remix).mp3.part [2011.05.31 06:32:43 | 002,414,820 | -H-- | M] () -- C:\Users\Samira\01 Space Between (Official Video).mp3.part [2011.05.31 06:32:43 | 002,402,974 | -H-- | M] () -- C:\Users\Samira\12 The Music Makers VIP.mp3.part [2011.05.31 06:32:43 | 002,371,547 | -H-- | M] () -- C:\Users\Samira\17 Of Two Minds.mp3.part [2011.05.31 06:32:43 | 002,333,433 | -H-- | M] () -- C:\Users\Samira\11 The Rave.mp3.part [2011.05.31 06:32:43 | 002,321,471 | -H-- | M] () -- C:\Users\Samira\10 By Your Side (Logistics Remix).mp3.part [2011.05.31 06:32:43 | 002,320,486 | -H-- | M] () -- C:\Users\Samira\02 Lassitude.mp3.part [2011.05.31 06:32:43 | 002,265,895 | -H-- | M] () -- C:\Users\Samira\06 Beautiful Feat. Robert Owens.mp3.part [2011.05.31 06:32:43 | 002,190,133 | -H-- | M] () -- C:\Users\Samira\09 Bittersweet Part 2 (feat. Riya).mp3.part [2011.05.31 04:04:22 | 000,045,123 | -H-- | M] () -- C:\Users\Samira\Desktop\36051_1386120745233_1598471097_30821260_3502777_n.jpg [2011.05.31 04:03:58 | 000,071,693 | -H-- | M] () -- C:\Users\Samira\Desktop\33749_1456438766213_1090650390_31005397_1872755_n.jpg [2011.05.31 03:59:54 | 000,020,897 | -H-- | M] () -- C:\Users\Samira\Desktop\227698_142515925820671_100001867941809_271241_1309415_n.jpg [2011.05.31 02:46:50 | 000,071,062 | -H-- | M] () -- C:\Users\Samira\Desktop\Vollbildaufzeichnung 31.05.2011 024603.jpg [2011.05.31 02:45:18 | 000,890,608 | -H-- | M] () -- C:\Users\Samira\Desktop\Unbenannt.png [2011.05.31 01:00:06 | 002,507,582 | -H-- | M] () -- C:\Users\Samira\08 Strobot (Netsky Remix).mp3.part [2011.05.31 01:00:02 | 002,087,576 | -H-- | M] () -- C:\Users\Samira\07 Ill Behaviour feat I-Kay.mp3.part [2011.05.31 00:59:56 | 002,609,508 | -H-- | M] () -- C:\Users\Samira\05 Tonight (Feat. Netsky).mp3.part [2011.05.31 00:52:09 | 002,212,509 | -H-- | M] () -- C:\Users\Samira\03 Crush.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\20 Kisses And Lies.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\19 Friendly Intentions.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\18 Noir (Ulterior Motive Remix).mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\17 Of Two Minds.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\16 Cracker.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\15 Gateway.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\14 Things I Do (Spectrasoul Remix).mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\13 Dreadnaught (ft. SP-MC).mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\12 The Music Makers VIP.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\11 The Rave.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\10 By Your Side (Logistics Remix).mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\09 Bittersweet Part 2 (feat. Riya).mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\08 Strobot (Netsky Remix).mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\07 Ill Behaviour feat I-Kay.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\06 Beautiful Feat. Robert Owens.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\05 Tonight (Feat. Netsky).mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\04 Nothing is older than yesterday.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\02 Lassitude.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | M] () -- C:\Users\Samira\01 Space Between (Official Video).mp3 [2011.05.30 22:35:48 | 000,038,351 | -H-- | M] () -- C:\Users\Samira\Desktop\tumblr_li7pwhdriJ1qbirrfo1_500_large.jpg [2011.05.30 22:35:25 | 000,069,187 | -H-- | M] () -- C:\Users\Samira\Desktop\tumblr_l69e0vZtYU1qbgj7ko1_500_thumb.png [2011.05.30 22:35:18 | 000,061,750 | -H-- | M] () -- C:\Users\Samira\Desktop\tumblr_lfmerlWVhb1qgup53o1_500_large.jpg [2011.05.30 22:26:37 | 000,015,543 | -H-- | M] () -- C:\Users\Samira\Desktop\00293.jpg [2011.05.30 22:24:18 | 000,041,026 | -H-- | M] () -- C:\Users\Samira\Desktop\28qs1w0.jpg [2011.05.30 22:15:58 | 000,028,526 | -H-- | M] () -- C:\Users\Samira\Desktop\Tmills.jpg [2011.05.30 07:27:00 | 000,030,859 | -H-- | M] () -- C:\Users\Samira\Desktop\T+Mills+tmills01.jpg [2011.05.29 15:29:07 | 009,933,638 | -H-- | M] () -- C:\Users\Samira\03 Feel Your Pulse.mp3 [2011.05.29 15:27:53 | 008,966,408 | -H-- | M] () -- C:\Users\Samira\19 Tru Born Playa feat. MC Fats.mp3 [2011.05.29 15:27:39 | 008,420,727 | -H-- | M] () -- C:\Users\Samira\09 Shine In (Feat. Natalie Williams).mp3 [2011.05.29 15:27:36 | 008,555,871 | -H-- | M] () -- C:\Users\Samira\07 Let Me Be Your Fantasy (J Majik & Wickaman Remix).mp3 [2011.05.29 15:26:05 | 007,904,902 | -H-- | M] () -- C:\Users\Samira\08 Feel Good (The Prototypes Remix).mp3 [2011.05.29 15:23:19 | 007,083,215 | -H-- | M] () -- C:\Users\Samira\03 Fighting Fire (Feat. Jess Mills) (Loadstar Remix).mp3 [2011.05.29 15:21:09 | 005,914,440 | -H-- | M] () -- C:\Users\Samira\01 No Problem.mp3 [2011.05.29 15:20:56 | 006,391,886 | -H-- | M] () -- C:\Users\Samira\10 Mind Is Drifting Away (VIP Mix Dub).mp3 [2011.05.29 15:19:21 | 005,805,865 | -H-- | M] () -- C:\Users\Samira\12 Busta Move.mp3 [2011.05.29 15:19:08 | 005,933,842 | -H-- | M] () -- C:\Users\Samira\04 Me & You (Dirtyphonics Remix).mp3 [2011.05.29 15:18:04 | 005,655,028 | -H-- | M] () -- C:\Users\Samira\06 One Of These Days (.mp3 [2011.05.29 15:15:18 | 005,875,085 | -H-- | M] () -- C:\Users\Samira\18 Link To The Past.mp3 [2011.05.29 15:12:48 | 005,026,075 | -H-- | M] () -- C:\Users\Samira\17 Poon.mp3 [2011.05.29 15:05:23 | 003,984,964 | -H-- | M] () -- C:\Users\Samira\13 305.mp3 [2011.05.29 15:03:31 | 003,800,353 | -H-- | M] () -- C:\Users\Samira\05 My Feelings For You (The Prototypes Remix).mp3 [2011.05.29 15:00:48 | 003,761,700 | -H-- | M] () -- C:\Users\Samira\14 Moonwalker.mp3 [2011.05.29 15:00:11 | 003,882,893 | -H-- | M] () -- C:\Users\Samira\15 T-1000.mp3 [2011.05.29 14:58:33 | 003,969,063 | -H-- | M] () -- C:\Users\Samira\16 Corkscrew.mp3 [2011.05.29 14:58:27 | 002,936,637 | -H-- | M] () -- C:\Users\Samira\02 Space Time.mp3 [2011.05.28 21:52:42 | 003,125,665 | -H-- | M] () -- C:\Users\Samira\11 I Am Leg End.mp3 [2011.05.28 06:29:07 | 000,001,656 | -H-- | M] () -- C:\Users\Samira\Documents\Play games (EasyBits GO).lnk [2011.05.27 08:12:29 | 000,001,031 | -H-- | M] () -- C:\Users\Samira\Documents\PhotoScape.lnk [2011.05.27 08:03:42 | 017,327,195 | -H-- | M] (Mooii) -- C:\Users\Samira\Documents\PhotoScapeSetup_V3.5.exe [2011.05.26 16:23:15 | 000,078,988 | -H-- | M] () -- C:\Users\Samira\Documents\251337_220145124671691_100000286143365_886021_5056126_n.jpg [2011.05.25 18:03:01 | 000,036,181 | -H-- | M] () -- C:\Users\Samira\Documents\226322_121752697905535_100002124168566_180832_2644989_n.jpg [2011.05.25 06:53:51 | 000,549,517 | -H-- | M] () -- C:\Users\Samira\Documents\gratisreport.pdf [2011.05.25 02:44:42 | 000,060,718 | -H-- | M] () -- C:\Users\Samira\Documents\Bild254.jpg [2011.05.25 02:37:35 | 000,059,228 | -H-- | M] () -- C:\Users\Samira\Documents\Bild259.jpg [2011.05.25 01:11:54 | 000,118,072 | -H-- | M] () -- C:\Users\Samira\Documents\197345_1851822544608_1512105182_31977185_5867936_n.jpg [2011.05.24 20:50:20 | 000,076,659 | -H-- | M] () -- C:\Users\Samira\Documents\156377_168445999856456_122660121101711_387363_4822286_nhjkhhnjk.jpg [2011.05.24 20:48:54 | 000,089,649 | -H-- | M] () -- C:\Users\Samira\Documents\156377_168445999856456_122660121101711_387363_4822286_n.jpg [2011.05.24 19:12:33 | 000,485,942 | -H-- | M] () -- C:\Users\Samira\Documents\romeoandjuliet.jpg [2011.05.24 04:00:01 | 000,037,228 | -H-- | M] () -- C:\Users\Samira\Documents\228152_104785756280004_100002457408886_44920_3832985_n.jpg [2011.05.24 03:01:34 | 001,526,948 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.05.24 02:05:27 | 000,116,119 | -H-- | M] () -- C:\Users\Samira\Documents\Vollbildaufzeichnung 24.05.2011 020232.jpg [2011.05.24 00:08:23 | 000,053,020 | -H-- | M] () -- C:\Users\Samira\Documents\188642_147682558629335_100001627759078_296704_3691282_n.jpg [2011.05.23 23:54:53 | 000,772,693 | -H-- | M] () -- C:\Users\Samira\Documents\Capture10.jpg [2011.05.23 23:39:21 | 000,040,639 | -H-- | M] () -- C:\Users\Samira\Documents\Bild301.jpg [2011.05.18 21:21:51 | 004,735,142 | -H-- | M] () -- C:\Users\Samira\Documents\DSC00443.JPG [2011.05.18 21:19:48 | 003,953,713 | -H-- | M] () -- C:\Users\Samira\Documents\DSC00484.JPG [2011.05.14 06:47:47 | 000,205,842 | ---- | M] () -- C:\test.xml [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.06.04 07:35:19 | 000,000,040 | -H-- | C] () -- C:\ProgramData\~39051000 [2011.06.04 07:35:11 | 000,000,635 | -H-- | C] () -- C:\Users\Samira\Desktop\Windows 7 Recovery.lnk [2011.06.03 02:20:38 | 000,093,478 | -H-- | C] () -- C:\Users\Samira\Desktop\björn.jpg [2011.06.03 02:19:00 | 000,081,432 | -H-- | C] () -- C:\Users\Samira\Desktop\harrow.jpg [2011.06.03 01:13:55 | 001,782,853 | -H-- | C] () -- C:\Users\Samira\Desktop\JHIKLJLKJMLÖ.png [2011.06.03 01:13:40 | 000,000,788 | -H-- | C] () -- C:\Users\Samira\Documents\Dokument.rtf [2011.06.02 22:54:09 | 000,027,942 | -H-- | C] () -- C:\Users\Samira\Desktop\47865_106117812781890_100001510162530_51958_4863272_n.jpg [2011.06.01 14:27:08 | 000,071,363 | -H-- | C] () -- C:\Users\Samira\Desktop\NEU.jpg [2011.06.01 14:26:59 | 000,076,292 | -H-- | C] () -- C:\Users\Samira\Desktop\kjn.nljlklllllllllllllllllllll.jpg [2011.06.01 05:22:04 | 000,185,539 | -H-- | C] () -- C:\Users\Samira\Desktop\ijklköö.jpg [2011.06.01 04:52:19 | 000,066,536 | -H-- | C] () -- C:\Users\Samira\Desktop\Bild338.jpg [2011.06.01 04:43:51 | 000,048,128 | -H-- | C] () -- C:\Users\Samira\Desktop\photothumb.db [2011.05.31 04:04:21 | 000,045,123 | -H-- | C] () -- C:\Users\Samira\Desktop\36051_1386120745233_1598471097_30821260_3502777_n.jpg [2011.05.31 04:03:57 | 000,071,693 | -H-- | C] () -- C:\Users\Samira\Desktop\33749_1456438766213_1090650390_31005397_1872755_n.jpg [2011.05.31 03:59:50 | 000,020,897 | -H-- | C] () -- C:\Users\Samira\Desktop\227698_142515925820671_100001867941809_271241_1309415_n.jpg [2011.05.31 02:46:50 | 000,071,062 | -H-- | C] () -- C:\Users\Samira\Desktop\Vollbildaufzeichnung 31.05.2011 024603.jpg [2011.05.31 02:45:18 | 000,890,608 | -H-- | C] () -- C:\Users\Samira\Desktop\Unbenannt.png [2011.05.30 23:13:23 | 002,756,797 | -H-- | C] () -- C:\Users\Samira\18 Noir (Ulterior Motive Remix).mp3.part [2011.05.30 23:13:23 | 002,700,337 | -H-- | C] () -- C:\Users\Samira\19 Friendly Intentions.mp3.part [2011.05.30 23:13:23 | 002,612,577 | -H-- | C] () -- C:\Users\Samira\20 Kisses And Lies.mp3.part [2011.05.30 23:13:23 | 002,610,817 | -H-- | C] () -- C:\Users\Samira\16 Cracker.mp3.part [2011.05.30 23:13:23 | 002,609,508 | -H-- | C] () -- C:\Users\Samira\05 Tonight (Feat. Netsky).mp3.part [2011.05.30 23:13:23 | 002,558,271 | -H-- | C] () -- C:\Users\Samira\15 Gateway.mp3.part [2011.05.30 23:13:23 | 002,557,902 | -H-- | C] () -- C:\Users\Samira\13 Dreadnaught (ft. SP-MC).mp3.part [2011.05.30 23:13:23 | 002,545,261 | -H-- | C] () -- C:\Users\Samira\04 Nothing is older than yesterday.mp3.part [2011.05.30 23:13:23 | 002,507,582 | -H-- | C] () -- C:\Users\Samira\08 Strobot (Netsky Remix).mp3.part [2011.05.30 23:13:23 | 002,483,283 | -H-- | C] () -- C:\Users\Samira\14 Things I Do (Spectrasoul Remix).mp3.part [2011.05.30 23:13:23 | 002,414,820 | -H-- | C] () -- C:\Users\Samira\01 Space Between (Official Video).mp3.part [2011.05.30 23:13:23 | 002,402,974 | -H-- | C] () -- C:\Users\Samira\12 The Music Makers VIP.mp3.part [2011.05.30 23:13:23 | 002,371,547 | -H-- | C] () -- C:\Users\Samira\17 Of Two Minds.mp3.part [2011.05.30 23:13:23 | 002,333,433 | -H-- | C] () -- C:\Users\Samira\11 The Rave.mp3.part [2011.05.30 23:13:23 | 002,321,471 | -H-- | C] () -- C:\Users\Samira\10 By Your Side (Logistics Remix).mp3.part [2011.05.30 23:13:23 | 002,320,486 | -H-- | C] () -- C:\Users\Samira\02 Lassitude.mp3.part [2011.05.30 23:13:23 | 002,265,895 | -H-- | C] () -- C:\Users\Samira\06 Beautiful Feat. Robert Owens.mp3.part [2011.05.30 23:13:23 | 002,212,509 | -H-- | C] () -- C:\Users\Samira\03 Crush.mp3 [2011.05.30 23:13:23 | 002,190,133 | -H-- | C] () -- C:\Users\Samira\09 Bittersweet Part 2 (feat. Riya).mp3.part [2011.05.30 23:13:23 | 002,087,576 | -H-- | C] () -- C:\Users\Samira\07 Ill Behaviour feat I-Kay.mp3.part [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\20 Kisses And Lies.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\19 Friendly Intentions.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\18 Noir (Ulterior Motive Remix).mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\17 Of Two Minds.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\16 Cracker.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\15 Gateway.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\14 Things I Do (Spectrasoul Remix).mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\13 Dreadnaught (ft. SP-MC).mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\12 The Music Makers VIP.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\11 The Rave.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\10 By Your Side (Logistics Remix).mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\09 Bittersweet Part 2 (feat. Riya).mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\08 Strobot (Netsky Remix).mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\07 Ill Behaviour feat I-Kay.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\06 Beautiful Feat. Robert Owens.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\05 Tonight (Feat. Netsky).mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\04 Nothing is older than yesterday.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\02 Lassitude.mp3 [2011.05.30 23:13:23 | 000,000,000 | -H-- | C] () -- C:\Users\Samira\01 Space Between (Official Video).mp3 [2011.05.30 22:35:47 | 000,038,351 | -H-- | C] () -- C:\Users\Samira\Desktop\tumblr_li7pwhdriJ1qbirrfo1_500_large.jpg [2011.05.30 22:35:25 | 000,069,187 | -H-- | C] () -- C:\Users\Samira\Desktop\tumblr_l69e0vZtYU1qbgj7ko1_500_thumb.png [2011.05.30 22:35:16 | 000,061,750 | -H-- | C] () -- C:\Users\Samira\Desktop\tumblr_lfmerlWVhb1qgup53o1_500_large.jpg [2011.05.30 22:26:36 | 000,015,543 | -H-- | C] () -- C:\Users\Samira\Desktop\00293.jpg [2011.05.30 22:24:17 | 000,041,026 | -H-- | C] () -- C:\Users\Samira\Desktop\28qs1w0.jpg [2011.05.30 22:15:56 | 000,028,526 | -H-- | C] () -- C:\Users\Samira\Desktop\Tmills.jpg [2011.05.30 07:26:56 | 000,030,859 | -H-- | C] () -- C:\Users\Samira\Desktop\T+Mills+tmills01.jpg [2011.05.28 19:00:00 | 009,933,638 | -H-- | C] () -- C:\Users\Samira\03 Feel Your Pulse.mp3 [2011.05.28 19:00:00 | 008,966,408 | -H-- | C] () -- C:\Users\Samira\19 Tru Born Playa feat. MC Fats.mp3 [2011.05.28 19:00:00 | 008,555,871 | -H-- | C] () -- C:\Users\Samira\07 Let Me Be Your Fantasy (J Majik & Wickaman Remix).mp3 [2011.05.28 19:00:00 | 008,420,727 | -H-- | C] () -- C:\Users\Samira\09 Shine In (Feat. Natalie Williams).mp3 [2011.05.28 19:00:00 | 007,904,902 | -H-- | C] () -- C:\Users\Samira\08 Feel Good (The Prototypes Remix).mp3 [2011.05.28 19:00:00 | 007,083,215 | -H-- | C] () -- C:\Users\Samira\03 Fighting Fire (Feat. Jess Mills) (Loadstar Remix).mp3 [2011.05.28 19:00:00 | 006,391,886 | -H-- | C] () -- C:\Users\Samira\10 Mind Is Drifting Away (VIP Mix Dub).mp3 [2011.05.28 19:00:00 | 005,933,842 | -H-- | C] () -- C:\Users\Samira\04 Me & You (Dirtyphonics Remix).mp3 [2011.05.28 19:00:00 | 005,914,440 | -H-- | C] () -- C:\Users\Samira\01 No Problem.mp3 [2011.05.28 19:00:00 | 005,875,085 | -H-- | C] () -- C:\Users\Samira\18 Link To The Past.mp3 [2011.05.28 19:00:00 | 005,805,865 | -H-- | C] () -- C:\Users\Samira\12 Busta Move.mp3 [2011.05.28 19:00:00 | 005,655,028 | -H-- | C] () -- C:\Users\Samira\06 One Of These Days (.mp3 [2011.05.28 19:00:00 | 005,026,075 | -H-- | C] () -- C:\Users\Samira\17 Poon.mp3 [2011.05.28 19:00:00 | 003,984,964 | -H-- | C] () -- C:\Users\Samira\13 305.mp3 [2011.05.28 19:00:00 | 003,969,063 | -H-- | C] () -- C:\Users\Samira\16 Corkscrew.mp3 [2011.05.28 19:00:00 | 003,882,893 | -H-- | C] () -- C:\Users\Samira\15 T-1000.mp3 [2011.05.28 19:00:00 | 003,800,353 | -H-- | C] () -- C:\Users\Samira\05 My Feelings For You (The Prototypes Remix).mp3 [2011.05.28 19:00:00 | 003,761,700 | -H-- | C] () -- C:\Users\Samira\14 Moonwalker.mp3 [2011.05.28 19:00:00 | 003,125,665 | -H-- | C] () -- C:\Users\Samira\11 I Am Leg End.mp3 [2011.05.28 19:00:00 | 002,936,637 | -H-- | C] () -- C:\Users\Samira\02 Space Time.mp3 [2011.05.28 06:29:07 | 000,001,686 | -H-- | C] () -- C:\Users\Samira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play games (EasyBits GO).lnk [2011.05.28 06:29:07 | 000,001,656 | -H-- | C] () -- C:\Users\Samira\Documents\Play games (EasyBits GO).lnk [2011.05.27 08:12:29 | 000,001,031 | -H-- | C] () -- C:\Users\Samira\Documents\PhotoScape.lnk [2011.05.26 16:23:14 | 000,078,988 | -H-- | C] () -- C:\Users\Samira\Documents\251337_220145124671691_100000286143365_886021_5056126_n.jpg [2011.05.25 18:03:00 | 000,036,181 | -H-- | C] () -- C:\Users\Samira\Documents\226322_121752697905535_100002124168566_180832_2644989_n.jpg [2011.05.25 06:53:51 | 000,549,517 | -H-- | C] () -- C:\Users\Samira\Documents\gratisreport.pdf [2011.05.25 02:44:42 | 000,060,718 | -H-- | C] () -- C:\Users\Samira\Documents\Bild254.jpg [2011.05.25 02:37:35 | 000,059,228 | -H-- | C] () -- C:\Users\Samira\Documents\Bild259.jpg [2011.05.25 01:09:08 | 000,118,072 | -H-- | C] () -- C:\Users\Samira\Documents\197345_1851822544608_1512105182_31977185_5867936_n.jpg [2011.05.24 20:50:20 | 000,076,659 | -H-- | C] () -- C:\Users\Samira\Documents\156377_168445999856456_122660121101711_387363_4822286_nhjkhhnjk.jpg [2011.05.24 20:48:53 | 000,089,649 | -H-- | C] () -- C:\Users\Samira\Documents\156377_168445999856456_122660121101711_387363_4822286_n.jpg [2011.05.24 19:12:32 | 000,485,942 | -H-- | C] () -- C:\Users\Samira\Documents\romeoandjuliet.jpg [2011.05.24 04:00:00 | 000,037,228 | -H-- | C] () -- C:\Users\Samira\Documents\228152_104785756280004_100002457408886_44920_3832985_n.jpg [2011.05.24 02:05:27 | 000,116,119 | -H-- | C] () -- C:\Users\Samira\Documents\Vollbildaufzeichnung 24.05.2011 020232.jpg [2011.05.24 00:08:21 | 000,053,020 | -H-- | C] () -- C:\Users\Samira\Documents\188642_147682558629335_100001627759078_296704_3691282_n.jpg [2011.05.23 23:54:51 | 000,772,693 | -H-- | C] () -- C:\Users\Samira\Documents\Capture10.jpg [2011.05.23 23:39:20 | 000,040,639 | -H-- | C] () -- C:\Users\Samira\Documents\Bild301.jpg [2011.05.22 18:13:52 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.05.18 23:38:31 | 000,037,471 | -H-- | C] () -- C:\Users\Samira\Documents\162949_483513833773_827823773_5709461_3934595_n.jpg [2011.05.18 21:21:49 | 004,735,142 | -H-- | C] () -- C:\Users\Samira\Documents\DSC00443.JPG [2011.05.18 21:19:46 | 003,953,713 | -H-- | C] () -- C:\Users\Samira\Documents\DSC00484.JPG [2011.02.11 18:19:19 | 000,003,584 | -H-- | C] () -- C:\Users\Samira\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.02.07 16:41:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.08.23 19:13:37 | 000,000,221 | ---- | C] () -- C:\ProgramData\MusicStation.xml [2010.08.23 19:03:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.04.07 09:43:12 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat < End of report > Extras.Txt - EditorOTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 04.06.2011 19:19:59 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Samira\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,75 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 52,56% Memory free
7,49 Gb Paging File | 5,26 Gb Available in Paging File | 70,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,68 Gb Total Space | 403,33 Gb Free Space | 88,51% Space Free | Partition Type: NTFS
Drive E: | 15,55 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: SAMIRA-VAIO | User Name: Samira | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery MergeModules x64
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F86416018FF}" = Java(TM) 6 Update 18 (64-bit)
"{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VMp MergeModule x64
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{93D17967-5683-C13A-618A-B3450604C49F}" = ccc-utility64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA57D9DF-BE05-416A-96E4-2BB4884308E7}" = MSI_SPF_x64
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F83779DF-E1F5-43A2-A7BE-732F856FADB7}" = Microsoft SQL Server Compact 3.5 SP1 x64 English
"{FED99701-A3A5-CE6B-4D04-DECF94784B89}" = ATI Catalyst Install Manager
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03FCC0F4-0999-4D8A-BA8D-CC1CB87FCD9B}" = VAIO Care
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{06104EB1-967F-B7FB-0462-7412FC41FCB7}" = CCC Help Greek
"{07441A52-E208-478A-92B7-5C337CA8C131}" = Remote Play mit PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B8A74C0-67FF-955F-8875-0D3BFB3212B2}" = Catalyst Control Center Localization All
"{10E402DF-BF76-F1D8-FE5D-34BD0E3583C3}" = CCC Help Finnish
"{135F66BD-34FD-42A9-D673-81222A0894A3}" = CCC Help Japanese
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1DDCE98D-822A-70D5-E4C7-856EF821C7DA}" = CCC Help Czech
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21D1464A-1C54-451E-B780-3ECB3DF8BD4E}" = VAIO Content Monitoring Settings
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = Einstellungen für VAIO-Inhaltsüberwachung
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28407C82-2730-D107-606C-EAC5AB783EEA}" = Catalyst Control Center Graphics Full New
"{2BDD5DFD-9F1F-4754-8BEB-A780D49E8C73}" = Sony Home Network Library
"{31CE8192-EA0D-64FE-44A6-40D734E38EEC}" = CCC Help Chinese Traditional
"{33339326-BC0E-7C60-A791-12B4AB2A0400}" = CCC Help Dutch
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{35A752A8-0944-187D-6EFD-39EE0C55D72A}" = Catalyst Control Center Graphics Previews Common
"{35D112C4-9AB9-61DB-E0A4-F710F8D5325B}" = CCC Help Danish
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3F9CFC1F-6F82-EB76-D329-AA36B1B5B7D6}" = CCC Help English
"{44E0DB64-566D-4126-82E6-206B4D76E902}" = VAIO Original Function Settings
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"{5114A61F-F081-D40E-1C46-ECF0EF28A447}" = ccc-core-static
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{576CA494-F771-4B10-9AF0-8ED4A7AFB0CC}_is1" = Amnesia - The Dark Descent Demo
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data
"{5A59F3D7-4958-BA8C-452C-0C24EE70E9BB}" = CCC Help Hungarian
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update 5
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO-Support für Übertragungen
"{5EE48155-BD54-46E2-8D81-A57A69726A95}" = SearchTheWeb
"{641DD10E-47E0-4A1D-B858-EF507F948C50}" = VAIO Hardware Diagnostics
"{653B181B-1A7E-E83B-6F1C-E1857FF871E4}" = CCC Help Norwegian
"{679DDC2F-290E-48E0-B6D3-6972A0A09554}" = Iminent
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D423AE8-0E7D-4703-8EF7-500C5D36FD7F}" = Sony Home Network Library
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73552E64-2A9B-860C-1230-BD49FC5302A8}" = Catalyst Control Center Core Implementation
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2
"{7D0CA2AD-3A7D-AAC4-9485-C4A9CDEB9AA2}" = CCC Help Italian
"{7D556460-6E5A-4C53-BCDD-7A7EAEBC169A}" = VAIO Entertainment Platform
"{7FC5979A-DE2B-0000-DFE6-0B423C151F5B}" = CCC Help Russian
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Energie Verwaltung
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84FFB317-A08A-4AEE-95EA-7FBA69A3F924}" = VAIO Entertainment Platform
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{8594B956-55D6-DAA0-405D-A84D92198CBA}" = CCC Help Turkish
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{884498F9-3430-A5AD-E518-6CDBD1E2C2C6}" = CCC Help Thai
"{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94167E23-CADF-A30C-2962-C769FCAFCA00}" = CCC Help Korean
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{98F2FA0E-923A-48C2-8EC7-62BD97E38FC0}" = VAIO Data Restore Tool
"{9A86CB6C-B3AE-D212-7310-711CC4B72DE3}" = Catalyst Control Center Graphics Full Existing
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Funktion Einstellungen
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}" = IMinent Toolbar
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A8A4A406-4127-CCB2-7249-7E84F27B59E6}" = CCC Help Portuguese
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB259D46-F851-41B0-9AFA-AED8998AD68A}" = MusicStation
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B22615EE-2963-CB47-E043-B0BCC322A628}" = CCC Help Spanish
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"{B4320558-EC97-3860-9C25-E8E2E9D490C8}" = CCC Help French
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C416CBB4-00BA-4E78-878A-590C5FD4A7A1}" = VAIO Media plus
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO Manual
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C8A09003-7FAB-4D48-99DD-DC2A734EC9FA}" = Remote Play with PlayStation 3
"{CCCB84FD-C8EC-ECA1-70C3-A429CBD1E64E}" = Catalyst Control Center Graphics Previews Vista
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF214A6D-3290-1EAC-C33D-2CB0C867F551}" = CCC Help Swedish
"{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{DD2781E9-C64C-EC9D-3147-9D19495BDFD4}" = CCC Help Polish
"{DD6033FA-AA60-D93A-3E24-1787707C681B}" = Catalyst Control Center InstallProxy
"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery
"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4D0AD3B-0496-68DC-B093-2DF506988E99}" = CCC Help Chinese Standard
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E9FE79DA-E79B-A2DB-1178-74C6881C6521}" = CCC Help German
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EFBA1469-E0DA-4825-96AB-12B2988E9A28}" = Media Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F32B1F08-4042-08A6-DA31-FD3CF56F2A77}" = Catalyst Control Center Graphics Light
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"conduitEngine" = Conduit Engine
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube Download_is1" = Free YouTube Download version 2.10.31
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"Google Chrome" = Google Chrome
"IMBoosterARP" = Iminent
"InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer)
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc)
"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide
"InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story)
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"MSC" = McAfee Internet Security
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PhotoScape" = PhotoScape
"PHPNukeDE Toolbar" = PHPNukeDE Toolbar
"Picasa 3" = Picasa 3
"SearchTheWebARP" = SearchTheWeb
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Uninstall_is1" = Uninstall 1.0.0.1
"VAIO Help and Support" =
"VAIO Premium Partners" = VAIO Premium Partners
"VAIO screensaver" = VAIO screensaver
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 13.05.2011 09:08:26 | Computer Name = Samira-VAIO | Source = Google Update | ID = 20
Description =
Error - 13.05.2011 22:05:47 | Computer Name = Samira-VAIO | Source = Google Update | ID = 20
Description =
Error - 14.05.2011 00:45:50 | Computer Name = Samira-VAIO | Source = McLogEvent | ID = 5051
Description = Ein Thread in Vorgang C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
brauchte länger als 90000 ms, um eine Anfrage auszuführen. Der Vorgang wird beendet.
Thread-ID:
3056 (0xbf0) Thread-Adresse: 0x0000000076D6F72A Thread-Nachricht: Build VSCORE.14.2.0.794
/ 5400.1158 Object being scanned = \Device\HarddiskVolume3\Program Files (x86)\Mobile
Partner\Log\Func_trace.txt by C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
7011(9580785)(0) 93(9580785)(0) 5(9580785)(0) 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0)
7005(0)(0)
Error - 14.05.2011 00:46:32 | Computer Name = Samira-VAIO | Source = Google Update | ID = 20
Description =
Error - 14.05.2011 01:59:10 | Computer Name = Samira-VAIO | Source = Google Update | ID = 20
Description =
Error - 14.05.2011 09:02:53 | Computer Name = Samira-VAIO | Source = Google Update | ID = 20
Description =
Error - 17.05.2011 20:43:55 | Computer Name = Samira-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7600.16768,
Zeitstempel: 0x4d688122 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695,
Zeitstempel: 0x4cc7b325 Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000c6ab2
ID
des fehlerhaften Prozesses: 0xf9c Startzeit der fehlerhaften Anwendung: 0x01cc14930c341896
Pfad
der fehlerhaften Anwendung: C:\Windows\Explorer.EXE Pfad des fehlerhaften Moduls:
C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: e8765fc9-80e7-11e0-a758-001e101f2c0e
Error - 23.05.2011 15:10:16 | Computer Name = Samira-VAIO | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 2.0.1.4120 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1dbc Startzeit:
01cc197cfcae1719 Endzeit: 12 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
472df676-8570-11e0-8157-001e101f63cf
Error - 23.05.2011 15:29:36 | Computer Name = Samira-VAIO | Source = Application Hang | ID = 1002
Description = Programm Skype.exe, Version 5.3.0.111 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 3348 Startzeit:
01cc197e6c08a3ba Endzeit: 2530 Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe
Berichts-ID:
ef69dde8-8572-11e0-8157-001e101f63cf
Error - 23.05.2011 22:30:19 | Computer Name = Samira-VAIO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 5.3.0.111, Zeitstempel:
0x4dac4a84 Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7600.16385, Zeitstempel:
0x4a5bdb3b Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003b565 ID des fehlerhaften Prozesses:
0x1d2c Startzeit der fehlerhaften Anwendung: 0x01cc19a760c5899c Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Skype\Phone\Skype.exe Pfad des fehlerhaften Moduls:
C:\Windows\syswow64\RPCRT4.dll Berichtskennung: c3ec2dbf-85ad-11e0-9da1-001e101f21c1
[ System Events ]
Error - 12.05.2011 18:56:35 | Computer Name = Samira-VAIO | Source = DCOM | ID = 10010
Description =
Error - 14.05.2011 00:45:57 | Computer Name = Samira-VAIO | Source = Service Control Manager | ID = 7031
Description = Der Dienst "McShield" wurde unerwartet beendet. Dies ist bereits 1
Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 14.05.2011 09:06:11 | Computer Name = Samira-VAIO | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst VcmIAlzMgr erreicht.
Error - 14.05.2011 09:06:42 | Computer Name = Samira-VAIO | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst VcmINSMgr erreicht.
Error - 14.05.2011 09:08:56 | Computer Name = Samira-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 16.05.2011 19:07:57 | Computer Name = Samira-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 17.05.2011 09:06:00 | Computer Name = Samira-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 18.05.2011 08:11:42 | Computer Name = Samira-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
Error - 19.05.2011 05:17:09 | Computer Name = Samira-VAIO | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst VcmIAlzMgr erreicht.
Error - 19.05.2011 08:43:20 | Computer Name = Samira-VAIO | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Roxio Upnp Server 10 erreicht.
< End of report >
so ich habe es jetzt doch mit hilfe andere beitraege uber das "windows 7 recovery" und das wieder sichtbar machen meiner daten geschafft sehr aufwendig aber gut beschrieben und einfach  |
|
05.06.2011, 20:52
| #2 |
| /// TB-Ausbilder   | Festplattenproblem "Trojaner entdeckt" Mein Name ist M-K-D-B und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Ich bereite jetzt einen Fix vor und melde mich so bald als möglich mit weiteren Anweisungen. |
|
05.06.2011, 21:34
| #3 | |
| /// TB-Ausbilder | Festplattenproblem "Trojaner entdeckt" Hallo Samiraxo,
__________________Schritt # 1: rKill verwenden Downloade Dir bitte rKill ( by Grinler ) von einem dieser Downloadspiegel.und speichere die Datei auf dem Desktop.
Schritt # 2: Mehrere Anti-Virus-Programme Code:
ATTFilter McAfee Internet Security
Avira
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast. Zitat:
Schritt # 3: Deinstallation von Programmen
Schritt # 4: Fix mit OTL
Code:
ATTFilter :OTL
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.search.defaultenginename: "SearchTheWeb"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://search.iminent.com/?appId=21f68f9c-7263-4409-bece-2423fa3d7c12&ref=homepage"
FF - prefs.js..extensions.enabledItems: {c9508125-4747-4733-b048-e4b82dc9716d}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:3.2.5.2
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&q="
[2011.05.10 05:24:13 | 000,000,000 | -H-D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Samira\AppData\Roaming\mozilla\Firefox\Profiles\0xy2w5rk.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.05.10 05:24:14 | 000,000,000 | -H-D | M] (PHPNukeDE Community Toolbar) -- C:\Users\Samira\AppData\Roaming\mozilla\Firefox\Profiles\0xy2w5rk.default\extensions\{c9508125-4747-4733-b048-e4b82dc9716d}
[2011.05.10 05:24:15 | 000,000,000 | -H-D | M] (softonic-de3 Community Toolbar) -- C:\Users\Samira\AppData\Roaming\mozilla\Firefox\Profiles\0xy2w5rk.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
[2011.05.10 05:24:12 | 000,000,000 | -H-D | M] (Conduit Engine) -- C:\Users\Samira\AppData\Roaming\mozilla\Firefox\Profiles\0xy2w5rk.default\extensions\engine@conduit.com
[2010.12.08 16:47:52 | 000,000,927 | -H-- | M] () -- C:\Users\Samira\AppData\Roaming\Mozilla\Firefox\Profiles\0xy2w5rk.default\searchplugins\conduit.xml
[2010.07.10 02:21:02 | 000,002,157 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files (x86)\IMinent Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Program Files (x86)\PHPNukeDE\tbPHPN.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
O4 - HKCU..\Run: [KcGKxXpEJYTtjJY] C:\ProgramData\KcGKxXpEJYTtjJY.exe (Microsoft Corporation)
[2011.06.04 19:04:46 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{A054B5FA-5A81-4C40-8E63-722D9F4FA5EE}
[2011.06.04 07:35:11 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 Recovery
[2011.06.04 07:34:55 | 000,333,824 | -H-- | C] (Microsoft Corporation) -- C:\ProgramData\39051000.exe
[2011.06.04 07:04:12 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{07250B0F-69D8-45BF-A51C-94157964B4C9}
[2011.06.03 19:03:14 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{15418651-19C6-4CD8-8C29-BA3676B3977B}
[2011.06.03 05:17:46 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{F32585C5-04CD-4B9C-B90F-C774F6B46953}
[2011.06.02 17:17:07 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{6A6CF95A-C5E6-4B84-9B39-F323ABA6D584}
[2011.06.02 03:21:49 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{37BCC482-AB79-44E5-BBE9-093E7FB9415D}
[2011.06.01 14:02:45 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{AE4524D2-4D27-4FC1-BD58-1CFC69B6459A}
[2011.06.01 00:53:21 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{84A8E12C-0F4E-4EDA-AD6B-94A22C03E7CD}
[2011.05.30 21:06:43 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{DE9B893E-F408-4D89-B395-489DCA33B5B6}
[2011.05.29 14:46:39 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{4A17D1B5-8D63-46EC-A42A-2E39E7826394}
[2011.05.28 20:08:43 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{2DB9468C-9960-445E-A49E-F884359BB94C}
[2011.05.28 08:07:59 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{0D6F60DF-8223-4F6A-8624-8448282353AF}
[2011.05.27 20:07:32 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{2AF34F0D-7DCF-476B-B187-B0F2730906D0}
[2011.05.27 18:10:20 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{A54AF27F-D851-484F-850F-A5BECE38B683}
[2011.05.27 18:04:01 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{ACD4BE52-F9E0-4877-AF93-7755E580AF09}
[2011.05.27 08:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IMinent Toolbar
[2011.05.27 03:00:41 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{DA198D85-0047-4601-9B68-CF191C5B3307}
[2011.05.26 05:12:37 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{E57C6C1D-D343-47B5-AD5C-43EA95C9578B}
[2011.05.25 17:11:57 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{77162040-EA1B-4BF6-A15E-E47F9B042A3F}
[2011.05.25 04:23:52 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{BE48FD38-0312-429E-A9C2-DA9089BCEA32}
[2011.05.24 16:23:02 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{A68C38CE-A495-4B70-AD09-C83D20E16090}
[2011.05.23 18:30:26 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{5382DDE9-8C31-4536-891A-70B765BDABF5}
[2011.05.23 16:36:02 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{4B82CD98-303D-4506-920E-C4C1BB339D63}
[2011.05.23 03:49:26 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{E614BCA6-8180-4D79-B3E6-BA31CCCF52C8}
[2011.05.22 15:49:11 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{471DADA5-5E29-4A34-BD2F-146301B875F9}
[2011.05.22 06:49:42 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{3E1F637C-EB50-449B-9675-F9C5F5818038}
[2011.05.21 18:20:00 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{2F5B9C59-5F08-4E73-92E4-167540005443}
[2011.05.21 06:18:37 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{78AB5B0A-D75A-4F31-9A67-0567566113BC}
[2011.05.20 15:08:25 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{28006FC4-8ABA-4AA6-8891-23AFA2872FAB}
[2011.05.20 03:07:59 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{011186A8-1A1C-4812-9830-25348C1D2CC5}
[2011.05.19 15:07:33 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{3E725B74-A800-4BA9-A33B-07DE75388A17}
[2011.05.19 03:07:05 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{0E96D3A6-E521-4377-94A0-B08C3D1EEF1C}
[2011.05.18 15:06:52 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{0A887B75-8D12-4A35-AB6F-7EDEBC1BC11C}
[2011.05.17 15:05:45 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{5C871EB0-EB71-436B-AFD6-569822D17662}
[2011.05.17 01:07:37 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{8931A9F5-A670-4EF2-9F0D-00E9E7A6B0C5}
[2011.05.14 15:06:21 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{ADE2037A-8B3D-43F4-987F-F3BD005BD554}
[2011.05.13 02:07:35 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{2F81D0BE-CB8D-4A0E-99F4-8EB8854AF8A3}
[2011.05.12 14:07:08 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{C8F62541-CD6E-4D08-B0EB-FC3BA83C5F3F}
[2011.05.12 02:06:40 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{AED3A1CA-03DB-47E9-B5A7-B65F2DC111B0}
[2011.05.11 14:05:09 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{BF70FC38-6351-457E-B4BE-6AFAF521FEE6}
[2011.05.10 20:59:44 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{42B9F107-0C21-4024-A1D9-3F394BAC83D4}
[2011.05.10 04:06:08 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{7C90343A-6002-4CFA-A561-9BAA7EE5FAEE}
[2011.05.09 16:05:42 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{89E3B70E-0DDD-4CC4-878B-AA2D2EF5E1DF}
[2011.05.09 04:04:50 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{385CD574-1FEA-4F0D-83EB-B65FB539C081}
[2011.05.08 07:47:38 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{0CDFE779-DAC5-45CC-AC2B-31F84C4A6C20}
[2011.05.07 15:17:46 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{FD5BCB55-5E55-4068-BEB2-167362606DC4}
[2011.05.06 21:06:54 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{855CDDFB-F235-42D2-BFB1-0DDB8AADCFC1}
[2011.05.06 05:03:36 | 000,000,000 | -H-D | C] -- C:\Users\Samira\AppData\Local\{8F29C608-1819-4AB4-A669-2B85F2AF0AE1}
[2011.06.04 07:35:19 | 000,000,040 | -H-- | M] () -- C:\ProgramData\~39051000
[2011.06.04 07:35:11 | 000,000,635 | -H-- | M] () -- C:\Users\Samira\Desktop\Windows 7 Recovery.lnk
:files
C:\Program Files (x86)\ConduitEngine
C:\Program Files (x86)\DVDVideoSoftTB
C:\Program Files (x86)\PHPNukeDE
C:\Program Files (x86)\softonic-de3
:commands
[Purity]
[Emptytemp]
Schritt # 5: Kontrollscan mit Malwarebytes' Anti-Malware (MBAM) Downloade Dir bitte Malwarebytes' Anti-Malware
Schritt # 6: aswMBR.exe ausführen Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit. Schritt # 7: Benutzerdefinierter Scan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%PROGRAMFILES%\*.
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
explorer.exe
regedit.exe
winlogon.exe
wininit.exe
userinit.exe
/md5stop
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
CREATERESTOREPOINT
Schritt # 8: Deine Rückmeldung Zur weiteren Analyse benötige ich zusammen mit deiner nächsten Antwort
|
|
10.06.2011, 08:36
| #4 |
| /// TB-Ausbilder | Festplattenproblem "Trojaner entdeckt" Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
| Themen zu Festplattenproblem "Trojaner entdeckt" |
| 64-bit, antivir, avira, bho, bingbar, bonjour, c:\windows\system32\rundll32.exe, conduit, converter, data restore, desktop, error, extras.txt, festplatte, festplatte beschädigt, firefox, flash player, google chrome, hard disk, home, iminent, iminent toolbar, install.exe, logfile, microsoft office starter 2010, mp3, ntdll.dll, oldtimer, otl.txt, phishing, picasa, plug-in, problem, realtek, robot, scan, sched.exe, searchplugins, security, senden, server, shell32.dll, shortcut, siteadvisor, software, start menu, symantec, syswow64, trojaner, usb 2.0, webcheck, windows, windows7 |
Textbox.
Linear-Darstellung
