Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Host Process und ein Virus, der Tabs öffnet (https://www.trojaner-board.de/97522-host-process-virus-tabs-oeffnet.html)

Minako 15.04.2011 18:28
Host Process und ein Virus, der Tabs öffnet
 
Hallo liebe Community!
Ich wende mich nun an dieses Board, nachdem meine Freunde und ich uns keinen Reim darauf machen konnten, was denn mit meinem PC los ist. Auch Google Suchen brachten nichts, da ich dieses Fachchinesisch in den meisten Foren nicht verstanden habe und auf englisch sowieso nicht o_O Darum versuche ich hier mein Glück!

Zuerst etwas allgemeines zu meinem Betriebssystem:
Vista Home Premium, SP2, Version amerikanisch
Processor: Intel(R) Pentium(R) Dual CPU E2140 1.60 GHz
Memory RAM 1.00 GB
32Bit

So, nun zu meinen Problemen. Das erste ist nicht so schlimm und stört mich eigentlich kaum, dennoch fürchte ich, das es ein Virus ist, den ich gerne loswerden möchte: Wenn ich in Firefox bin und nichts tue, öffnen sich wie von selbst gern mal Werbetabs, oder Tabs mit anderem Bullshit (eventuell sogar Stuff, wo sich mehr unerwünschter Kram runterlädt) und ich absolut nicht weiß, was es ist o.O

Ob das zweite gravierende Problem nun in dieses Board gehört, weiß ich nicht, aber es nervt mich total und es behindert meinen PC auch totalst. Und gerade beim schreiben, kommt diese nette Meldung erneut. Ich screene sie mal für euch.

http://www7.pic-upload.de/15.04.11/oopxxxjfvbjd.jpg
Das wäre diese nette Meldung. Was danach passiert ist meist unterschiedlich, aber oft wird danach der Bildschirm kurz schwarz, die Vista Anzeige spinnt und wird entweder bei Programmen oder die ganze Taskleiste wird dann grau und altmodisch (also Designmäßig von XP und älter) und kurze Zeit ist dann auch das Internet langsam. Ich hab alles versucht, aber nichts hat geholfen. Ich überfordere das System nicht mit vielen offenen Programmen gleichzeitig und auch Internet Suchen haben nichts gebracht.
Ich hoffe, das mir hier jemand helfen kann!

Liebe Grüße
Minako

cosinus 15.04.2011 18:50
Zitat:
habe und auf englisch sowieso nicht
Version amerikanisch
Äh versteh ich dich richtig, englisch liegt dir nicht so gut, du nutzt aber eine "amerikanische" Windows -Version? :pfeiff:

markusg 15.04.2011 18:50
Systemscan mit OTL
download otl:
http://filepony.de/download-otl/

Doppelklick auf die OTL.exe
(user von Windows 7 und Vista: Rechtsklick als Administrator ausführen)
1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
2. Hake an "scan all users"
3. Unter "Extra Registry wähle:
"Use Safelist" "LOP Check" "Purity Check"
4. Kopiere in die Textbox:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
5. Klicke "Scan"
6. 2 reporte werden erstellt:
OTL.Txt
Extras.Txt
beide posten

Minako 15.04.2011 19:14
Zitat:
Zitat von cosinus (Beitrag 640976)
Äh versteh ich dich richtig, englisch liegt dir nicht so gut, du nutzt aber eine "amerikanische" Windows -Version? :pfeiff:
Äh doch englisch liegt mir, aber da ich in den Fachbegriffen der EDV ja nicht sonderlich gut bin, ist mir das ganze in englisch noch schwerer zu erfassen ^^ Ich kapier das ja auf deutsch schon kaum ^^ Und warum ich n amerikanisches BS hab ist sowieso eine lange Geschichte *abwink*

@Markusg:
Danke, hab das alles mal gemacht.
Also:

Bei Extras steht:
OTL Logfile:
Code:
OTL Extras logfile created on: 15.04.2011 19:53:34 - Run 1
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\Minako\Pictures
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.014,00 Mb Total Physical Memory | 122,00 Mb Available Physical Memory | 12,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 29,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,49 Gb Total Space | 31,74 Gb Free Space | 21,37% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 61,43 Mb Free Space | 61,43% Space Free | Partition Type: NTFS
Drive E: | 72,58 Gb Total Space | 22,43 Gb Free Space | 30,90% Space Free | Partition Type: NTFS
 
Computer Name: MINAKO-PC | User Name: Minako | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2379896403-3557715863-3817968929-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E09EE5B-9BC3-4B44-9E7F-ABFEDAB09A6C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{115DA4E6-E068-46A3-8047-93DCE833E598}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3B133E8E-BFDA-43B2-8BBF-3A492B448DCF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{51AA9513-919C-4FFD-BCE8-1753E19C68D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5A6333C5-D82F-4CD5-BFAE-EF8923D3E99B}" = rport=2869 | protocol=6 | dir=out | app=system |
"{90E6E29A-7D75-429B-A64B-87467C8CA70C}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{95D7B3C0-34F1-40FF-94BD-358E83F3DEA0}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D90F1DA8-E8DF-45CC-A229-DB13B7BF8DD1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EB16B927-8DF3-48BE-AC7A-7B425E99A19E}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F435E6B7-2FBD-4B6E-97C0-7182EE07AC52}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{067BB7CF-47E6-4E08-A835-E223BD39D868}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{095EC44D-09AC-4186-AC42-D7931A111E47}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{0BBAA132-1151-47CF-BF99-1FF35C1A5F7B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0F4CC72F-02B0-4CC5-A829-B275F69945D8}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{21966928-2102-492B-9C49-F1D726C04AE0}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{287A1A0F-77EA-4F54-9441-C5D68EF9381F}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{30EC5FD3-C526-40B0-B3D3-D2ED563D766A}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{5195B1ED-7CA0-409E-B7D6-85B8FF94FC7B}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{5A4AA73F-B1DE-4FD3-95E0-50B3AD7CA161}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5CAC70B5-9242-4A26-B356-C6335895145A}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{6098DA93-D24B-43C1-8299-0BF009935892}" = dir=in | app=c:\program files\wificonnector\nintendowfcreg.exe |
"{720CC2FA-BB87-4C74-B85D-A6FBF94A96B6}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer_service.exe |
"{7A5668A2-53FD-4077-B89F-9146492C1914}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{7BFFBA77-18C3-4D52-B949-DC2778AE9567}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{999C245E-D4F4-42D3-A4ED-E95A8B279858}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{9E5DF261-31F9-43D1-8626-4A66582A8B89}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{9EF209F0-A5F6-4997-B51C-2B96B817BA25}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{B14234DE-D36E-49BB-8CF7-875ABB2B855B}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{BC1F2791-1FE6-40EC-B598-BE2C167F7829}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version6\teamviewer.exe |
"{CF536A6E-83CC-46E0-A503-03410287E66B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{D243DC24-B5B4-46CB-890E-A1B13D21D4EB}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"TCP Query User{46E4ED1B-3656-434A-A3FC-650B3A945D6B}C:\program files\keyholetv\keyholetv.exe" = protocol=6 | dir=in | app=c:\program files\keyholetv\keyholetv.exe |
"TCP Query User{57688C0D-C300-4705-8C2D-CEE1A2DDA21E}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{720C989E-62B3-438A-88C6-12E8B76D78E9}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{8CCFF49F-3BBA-4DD4-884E-935766881E46}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{9EEA8807-2650-471A-A607-2020849DE208}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{E1B79362-8474-4F0C-B227-5992409550ED}C:\program files\keyholetv\keyholetv.exe" = protocol=6 | dir=in | app=c:\program files\keyholetv\keyholetv.exe |
"TCP Query User{E9B92BC7-E7EF-467A-BE5B-DB57D3A1EE43}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{ED64C6C2-079A-473B-A3FF-DEFDB30CA01C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{F9F25E5E-AC3D-4B69-93AB-2045AD04B3F8}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{0B625B63-D571-4368-B77E-9813B0B6052F}C:\program files\keyholetv\keyholetv.exe" = protocol=17 | dir=in | app=c:\program files\keyholetv\keyholetv.exe |
"UDP Query User{1B01D163-43A4-4766-A78C-5657D537B9D9}C:\program files\keyholetv\keyholetv.exe" = protocol=17 | dir=in | app=c:\program files\keyholetv\keyholetv.exe |
"UDP Query User{56E7F91F-4CFD-4CB4-B932-5FB71CF3C21C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{5771F1D4-1E37-4048-96B0-88E2AC325563}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{9187C805-FFC1-44EB-B69C-C5C29DCE4474}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{919EF24B-41DB-4CCA-81A8-CDB28F2BCF04}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{96E1A364-134B-4853-97C3-B9DD4D30BC17}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{9998D7D1-281F-4FD0-9113-06898A673E51}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{D2633EA2-CF86-41F0-833F-7C031A7761E4}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29042B1C-0713-4575-B7CA-5C8E7B0899D4}" = MySQL Connector/ODBC 5.1
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{46B34A3B-DC6E-43DC-9746-1D2C93C242EC}}_is1" = Nordschlacht Launcher 1.1
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = Die Sims 2: Open For Business
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C244239-ED8E-40f1-937F-51C706CD2160}" = Die Sims™ 2 Deluxe
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B3AEF776-7FFF-4C50-A402-9119E3849EE0}" = AVG 2011
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = v2011.build.46
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D4E53304-1F6C-4111-9872-1BCD2CF5B642}" = AVG 2011
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIDA32_is1" = AIDA32 v3.93
"AVG" = AVG 2011
"BSPlayerf" = BS.Player FREE
"conduitEngine" = Conduit Engine
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Video to JPG Converter_is1" = Free Video to JPG Converter version 1.8.7.305
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.31
"Grand Fantasia" = Grand Fantasia
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"JDownloader" = JDownloader
"KeyHoleTV" = KeyHoleTV
"Messenger Plus!" = Messenger Plus! 5
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MKV TO AVI CONVERTER_is1" = MKV TO AVI CONVERTER version 3.22
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"NewSelcouth" = NewSelcouth
"NirSoft WinUpdatesList" = NirSoft WinUpdatesList
"Orbit_is1" = Orbit Downloader
"PhotoScape" = PhotoScape
"RadarSync2 Toolbar" = RadarSync2 Toolbar
"RealPlayer 12.0" = RealPlayer
"RollerCoaster Tycoon Setup" = Roll
"Sims2Pack Clean Installer" = Sims2Pack Clean Installer
"Super_nude_patch_II_1.0" = Super nude patch II 2.8
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 6" = TeamViewer 6
"TVWiz" = Intel(R) TV Wizard
"UltraGet Video Downloader_is1" = UltraGet Video Downloader 3.0.1
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"WiFiConnector" = Registrierungsprogramm für den Nintendo Wi-Fi USB Connector
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Xilisoft MKV Converter 6" = Xilisoft MKV Converter 6
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2379896403-3557715863-3817968929-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre" = PhotoFiltre
"Tian'Anmen RO" = Tian'Anmen RO
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 14.04.2011 17:28:26 | Computer Name = Minako-PC | Source = Microsoft-Windows-CAPI2 | ID = 131077
Description =
 
Error - 14.04.2011 19:19:52 | Computer Name = Minako-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 6.0.6001.18000, time stamp
 0x47918b89, faulting module ntdll.dll, version 6.0.6002.18327, time stamp 0x4cb73436,
 exception code 0xc000071b, fault offset 0x00088d15,  process id 0xf20, application
 start time 0x01cbfade77dbbf14.
 
Error - 15.04.2011 10:51:56 | Computer Name = Minako-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 6.0.6001.18000, time stamp
 0x47918b89, faulting module ntdll.dll, version 6.0.6002.18327, time stamp 0x4cb73436,
 exception code 0xc000071b, fault offset 0x00088d15,  process id 0x4fc, application
 start time 0x01cbfb690d66979a.
 
Error - 15.04.2011 11:27:06 | Computer Name = Minako-PC | Source = SPP | ID = 16387
Description =
 
Error - 15.04.2011 11:27:06 | Computer Name = Minako-PC | Source = System Restore | ID = 8193
Description =
 
Error - 15.04.2011 11:27:06 | Computer Name = Minako-PC | Source = System Restore | ID = 8210
Description =
 
Error - 15.04.2011 13:21:15 | Computer Name = Minako-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 6.0.6001.18000, time stamp
 0x47918b89, faulting module ntdll.dll, version 6.0.6002.18327, time stamp 0x4cb73436,
 exception code 0xc000071b, fault offset 0x00088d15,  process id 0x500, application
 start time 0x01cbfb8eb13a31e0.
 
Error - 15.04.2011 13:42:46 | Computer Name = Minako-PC | Source = Application Error | ID = 1000
Description = Faulting application svchost.exe, version 6.0.6001.18000, time stamp
 0x47918b89, faulting module ntdll.dll, version 6.0.6002.18327, time stamp 0x4cb73436,
 exception code 0xc000071b, fault offset 0x00088d15,  process id 0x298, application
 start time 0x01cbfb9198325e6c.
 
Error - 15.04.2011 13:56:02 | Computer Name = Minako-PC | Source = SPP | ID = 16387
Description =
 
Error - 15.04.2011 13:56:02 | Computer Name = Minako-PC | Source = System Restore | ID = 8193
Description =
 
[ System Events ]
Error - 15.04.2011 13:01:57 | Computer Name = Minako-PC | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.1.1,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
 are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
 change the scope to include the IP address, or change the IP address to fall within
 the scope.
 
Error - 15.04.2011 13:05:21 | Computer Name = Minako-PC | Source = ipnathlp | ID = 34001
Description = The ICS_IPV6 failed to configure IPv6 stack.
 
Error - 15.04.2011 13:21:48 | Computer Name = Minako-PC | Source = Service Control Manager | ID = 7031
Description =
 
Error - 15.04.2011 13:23:45 | Computer Name = Minako-PC | Source = Service Control Manager | ID = 7032
Description =
 
Error - 15.04.2011 13:23:53 | Computer Name = Minako-PC | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.1.1,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
 are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
 change the scope to include the IP address, or change the IP address to fall within
 the scope.
 
Error - 15.04.2011 13:26:00 | Computer Name = Minako-PC | Source = ipnathlp | ID = 34001
Description = The ICS_IPV6 failed to configure IPv6 stack.
 
Error - 15.04.2011 13:45:11 | Computer Name = Minako-PC | Source = Service Control Manager | ID = 7032
Description =
 
Error - 15.04.2011 13:45:17 | Computer Name = Minako-PC | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.1.1,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
 are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
 change the scope to include the IP address, or change the IP address to fall within
 the scope.
 
Error - 15.04.2011 13:47:24 | Computer Name = Minako-PC | Source = ipnathlp | ID = 34001
Description = The ICS_IPV6 failed to configure IPv6 stack.
 
Error - 15.04.2011 13:48:11 | Computer Name = Minako-PC | Source = Service Control Manager | ID = 7032
Description =
 
 
< End of report >
--- --- ---

[/spoiler]

Und bei OTL:

OTL Logfile:
Code:
OTL logfile created on: 15.04.2011 19:53:34 - Run 1
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\Minako\Pictures
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.014,00 Mb Total Physical Memory | 122,00 Mb Available Physical Memory | 12,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 29,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,49 Gb Total Space | 31,74 Gb Free Space | 21,37% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 61,43 Mb Free Space | 61,43% Space Free | Partition Type: NTFS
Drive E: | 72,58 Gb Total Space | 22,43 Gb Free Space | 30,90% Space Free | Partition Type: NTFS
 
Computer Name: MINAKO-PC | User Name: Minako | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Minako\Pictures\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Orbitdownloader\orbitdm.exe (Orbitdownloader.com)
PRC - C:\Program Files\Orbitdownloader\orbitnet.exe (Orbitdownloader.com)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\PhotoFiltre\photofiltre.exe (Antonio Da Cruz)
PRC - C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Windows\System32\wermgr.exe (Microsoft Corporation)
PRC - C:\Program Files\WiFiConnector\NintendoWFCReg.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Minako\Pictures\OTL.exe (OldTimer Tools)
MOD - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll (RealNetworks, Inc.)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcr90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2\msvcp90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\powrprof.dll (Microsoft Corporation)
MOD - C:\Users\Minako\AppData\Local\ufecukalibiki.dll ()
MOD - C:\Windows\System32\dsound.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (TeamViewer6) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSEH) -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (RT25USBAP) -- C:\Windows\System32\drivers\RT25USBAP.SYS (Ralink Technology Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKLM\..\URLSearchHook: {6edc3889-b841-4127-a2bf-c5fc48f972c7} - C:\Program Files\RadarSync2\prxtbRad0.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2379896403-3557715863-3817968929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\S-1-5-21-2379896403-3557715863-3817968929-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2379896403-3557715863-3817968929-1000\..\URLSearchHook: {6edc3889-b841-4127-a2bf-c5fc48f972c7} - C:\Program Files\RadarSync2\prxtbRad0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2379896403-3557715863-3817968929-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2379896403-3557715863-3817968929-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.selectedEngine: "Facemoods Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.facemoods.com/?a=ddr"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {2DE66BE0-FCC5-4280-8FB1-C072806B8CF3}:1.9.1
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - prefs.js..extensions.enabledItems: {184AA5E6-741D-464a-820E-94B3ABC2F3B4}:1.0
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.02.26 03:23:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2DE66BE0-FCC5-4280-8FB1-C072806B8CF3}: C:\Users\Minako\AppData\Local\{2DE66BE0-FCC5-4280-8FB1-C072806B8CF3} [2011.03.29 03:35:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011.03.30 10:44:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Minako\AppData\Roaming\5015 [2011.04.10 22:41:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.24 14:40:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.24 14:40:37 | 000,000,000 | ---D | M]
 
[2011.02.05 18:38:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Minako\AppData\Roaming\Mozilla\Extensions
[2011.04.15 19:14:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\w9nn54q5.default\extensions
[2011.03.25 14:27:28 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\w9nn54q5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.03.25 14:27:16 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\w9nn54q5.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.02.12 02:17:40 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\w9nn54q5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.03.25 14:27:27 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\w9nn54q5.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.03.25 14:27:22 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\w9nn54q5.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011.03.25 14:27:07 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\w9nn54q5.default\extensions\engine@conduit.com
[2011.04.15 19:14:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.02.08 14:45:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.03.30 10:44:41 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011.02.28 02:31:48 | 000,000,000 | ---D | M] (OneClick YouTube Downloader) -- C:\PROGRAM FILES\ORBITDOWNLOADER\ADDONS\ONECLICKYOUTUBEDOWNLOADER
[2011.02.26 03:23:49 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2011.03.29 03:35:31 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\MINAKO\APPDATA\LOCAL\{2DE66BE0-FCC5-4280-8FB1-C072806B8CF3}
[2011.04.10 22:41:46 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\MINAKO\APPDATA\ROAMING\5015
[2011.02.08 14:45:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.03.03 14:14:50 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.03.03 14:14:50 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.02.25 03:32:30 | 000,002,046 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchddr.xml
[2011.03.03 14:14:50 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.03.03 14:14:50 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.03.03 14:14:50 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (RadarSync2 Toolbar) - {6edc3889-b841-4127-a2bf-c5fc48f972c7} - C:\Program Files\RadarSync2\prxtbRad0.dll (Conduit Ltd.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (RadarSync2 Toolbar) - {6edc3889-b841-4127-a2bf-c5fc48f972c7} - C:\Program Files\RadarSync2\prxtbRad0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKU\S-1-5-21-2379896403-3557715863-3817968929-1000\..\Toolbar\WebBrowser: (RadarSync2 Toolbar) - {6EDC3889-B841-4127-A2BF-C5FC48F972C7} - C:\Program Files\RadarSync2\prxtbRad0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2379896403-3557715863-3817968929-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2379896403-3557715863-3817968929-1000\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [TaskTray]  File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Txamabupic] C:\Users\Minako\AppData\Local\ufecukalibiki.dll ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2379896403-3557715863-3817968929-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-2379896403-3557715863-3817968929-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2379896403-3557715863-3817968929-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Minako\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Minako\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Minako\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: aux - wdmaud.drv (Microsoft Corporation)
Drivers32: midi - wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - midimap.dll (Microsoft Corporation)
Drivers32: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - sirenacm.dll (Microsoft Corporation)
Drivers32: vidc.cvid - iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iyuv - iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.yuy2 - msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - yv12vfw.dll (www.helixcommunity.org)
Drivers32: vidc.yvu9 - tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - msyuv.dll (Microsoft Corporation)
Drivers32: wave - wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - msacm32.drv (Microsoft Corporation)
 
CREATERESTOREPOINT
Error creating restore point.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.14 21:13:57 | 000,000,000 | -HSD | C] -- C:\found.000
[2011.04.10 22:41:50 | 000,236,496 | ---- | C] (Adobe Systems, Incorporated) -- C:\Users\Minako\AppData\Roaming\AcroIEHelpe.dll
[2011.04.10 22:41:32 | 000,000,000 | ---D | C] -- C:\Users\Minako\AppData\Roaming\5015
[2011.04.10 22:40:49 | 000,000,000 | ---D | C] -- C:\Users\Minako\AppData\Roaming\xmldm
[2011.04.10 14:17:00 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011.04.04 03:27:26 | 000,000,000 | ---D | C] -- C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tian'Anmen RO
[2011.04.04 03:19:18 | 000,000,000 | ---D | C] -- C:\TianRO
[2011.04.03 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\Minako\Desktop\RO
[2011.04.02 15:08:30 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2011.04.02 15:01:19 | 003,261,184 | ---- | C] (TeamViewer GmbH) -- C:\Users\Minako\Documents\TeamViewer_Setup_de.exe
[2011.04.02 14:57:24 | 000,000,000 | ---D | C] -- C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WinUpdatesList
[2011.04.02 14:57:24 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2011.04.02 02:54:49 | 000,000,000 | ---D | C] -- C:\Users\Minako\AppData\Roaming\Xilisoft
[2011.04.02 02:53:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
[2011.04.02 02:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Xilisoft
[2011.04.02 02:52:07 | 000,000,000 | ---D | C] -- C:\Program Files\Xilisoft
[2011.04.02 02:39:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKV TO AVI CONVERTER
[2011.04.02 02:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\mkvtoavi
[2011.04.01 23:02:36 | 000,000,000 | ---D | C] -- C:\Users\Minako\AppData\Local\Windows Live
[2011.04.01 23:01:00 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2011.04.01 22:31:20 | 000,000,000 | ---D | C] -- C:\58d6adcceca06f205c
[2011.04.01 22:29:09 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.01 22:29:09 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.04.01 22:29:08 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.01 22:29:08 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.01 22:29:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.01 22:29:07 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.01 22:29:07 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.01 22:29:07 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.01 22:29:06 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.01 22:29:05 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.01 22:29:04 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.01 22:29:03 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.01 22:29:03 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.01 22:29:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.01 22:29:02 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.01 22:29:02 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.01 22:29:01 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.01 22:26:31 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.04.01 22:26:31 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.04.01 22:26:31 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.04.01 22:26:31 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.04.01 22:26:31 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2011.04.01 22:26:30 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.04.01 22:26:30 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.04.01 22:26:30 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.04.01 22:26:29 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.01 22:26:29 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.04.01 22:26:29 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.04.01 22:26:29 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.04.01 22:26:29 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.04.01 22:26:28 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2011.04.01 22:26:28 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.04.01 22:26:27 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.01 22:26:27 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.01 22:26:27 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.01 22:26:27 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.04.01 22:26:25 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.04.01 22:26:25 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.04.01 22:26:25 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2011.04.01 22:26:25 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.04.01 22:26:25 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.04.01 22:26:25 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2011.03.30 13:31:50 | 000,000,000 | ---D | C] -- C:\Users\Minako\Desktop\Pokewalker
[2011.03.29 03:35:31 | 000,000,000 | ---D | C] -- C:\Users\Minako\AppData\Local\{2DE66BE0-FCC5-4280-8FB1-C072806B8CF3}
[2011.03.27 19:49:17 | 000,000,000 | ---D | C] -- C:\Users\Minako\AppData\Local\Conduit
[2011.03.23 11:28:36 | 000,000,000 | ---D | C] -- C:\Users\Minako\Wood_R4_v1.27
[2011.03.23 04:13:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro Interactive
[2011.03.23 04:12:43 | 000,000,000 | ---D | C] -- C:\Program Files\Hasbro Interactive
[2011.03.19 21:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Yuna Software
[2011.03.18 20:36:04 | 000,000,000 | ---D | C] -- C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sims2Pack Clean Installer
[2011.03.18 20:36:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sims2Pack Clean Installer
[2011.03.18 20:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\Sims2Pack Clean Installer
[2011.03.18 03:38:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super nude patch II
[2011.03.18 03:38:02 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2011.03.18 01:40:27 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\EA Games
[2011.03.18 01:00:05 | 000,000,000 | ---D | C] -- C:\Users\Minako\Documents\EA Games
[2011.03.18 01:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
[2011.03.18 00:45:31 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2011.03.18 00:45:30 | 000,442,368 | R--- | C] (On2.com) -- C:\Windows\System32\vp6vfw.dll
[2011.03.17 03:38:29 | 000,000,000 | ---D | C] -- C:\Users\Minako\AppData\Local\Microsoft Games
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Minako\AppData\Roaming\*.tmp files -> C:\Users\Minako\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.15 19:25:39 | 000,021,627 | ---- | M] () -- C:\Users\Minako\meldung.jpg
[2011.04.15 19:18:52 | 000,004,928 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.15 19:18:52 | 000,004,928 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.15 19:02:28 | 000,001,682 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Orbit.lnk
[2011.04.15 19:02:04 | 000,000,120 | ---- | M] () -- C:\Users\Minako\AppData\Local\Jhevucocaliroq.dat
[2011.04.15 19:00:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.15 19:00:51 | 1063,575,552 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.15 14:40:24 | 112,496,297 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011.04.15 14:32:51 | 000,000,000 | ---- | M] () -- C:\Users\Minako\AppData\Local\Sfecex.bin
[2011.04.10 22:41:50 | 000,236,496 | ---- | M] (Adobe Systems, Incorporated) -- C:\Users\Minako\AppData\Roaming\AcroIEHelpe.dll
[2011.04.09 22:24:56 | 111,581,355 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.04.09 20:21:52 | 000,032,574 | ---- | M] () -- C:\Users\Minako\Documents\Mina Posting.odt
[2011.04.04 23:54:55 | 093,444,576 | ---- | M] () -- C:\Users\Minako\Documents\LifeRO Small.exe
[2011.04.04 03:27:36 | 000,000,577 | ---- | M] () -- C:\Users\Minako\Desktop\Izanami (MR).lnk
[2011.04.04 03:27:34 | 000,000,577 | ---- | M] () -- C:\Users\Minako\Desktop\Izanagi (HR).lnk
[2011.04.03 21:53:12 | 1826,339,780 | ---- | M] () -- C:\Users\Minako\Documents\TianAnmenROInstaller.exe
[2011.04.02 15:09:13 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.04.02 15:01:45 | 003,261,184 | ---- | M] (TeamViewer GmbH) -- C:\Users\Minako\Documents\TeamViewer_Setup_de.exe
[2011.04.02 14:57:14 | 000,111,012 | ---- | M] () -- C:\Users\Minako\Documents\wul_setup.exe
[2011.04.02 02:53:18 | 000,001,902 | ---- | M] () -- C:\Users\Minako\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft MKV Converter 6.lnk
[2011.04.02 02:53:18 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Xilisoft MKV Converter 6.lnk
[2011.04.02 02:44:42 | 000,007,168 | ---- | M] () -- C:\Users\Minako\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.02 02:39:38 | 000,000,752 | ---- | M] () -- C:\Users\Minako\Desktop\MKV TO AVI CONVERTER.lnk
[2011.04.01 23:04:16 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.01 23:04:16 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.01 22:39:36 | 000,000,943 | ---- | M] () -- C:\Users\Minako\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011.03.30 10:44:44 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011.03.20 21:42:20 | 000,054,832 | ---- | M] () -- C:\Users\Minako\bscap0001.jpg
[2011.03.20 21:19:05 | 000,060,963 | ---- | M] () -- C:\Users\Minako\bscap0000.jpg
[2011.03.18 20:37:09 | 000,000,020 | ---- | M] () -- C:\Program Files\Sims2Pack Clean Installer.ini
[2011.03.18 20:36:04 | 000,001,008 | ---- | M] () -- C:\Users\Minako\Desktop\Sims2Pack Clean Installer.lnk
[2011.03.18 03:35:11 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2011.03.18 02:29:45 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 2 Vier Jahreszeiten.lnk
[2011.03.18 02:17:11 | 000,002,085 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims 2 Open For Business.lnk
[2011.03.18 01:42:13 | 000,002,013 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 2 Haustiere.lnk
[2011.03.18 01:01:23 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Die Sims™ 2 Deluxe.lnk
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Minako\AppData\Roaming\*.tmp files -> C:\Users\Minako\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.04.15 19:25:38 | 000,021,627 | ---- | C] () -- C:\Users\Minako\meldung.jpg
[2011.04.08 04:21:59 | 000,032,574 | ---- | C] () -- C:\Users\Minako\Documents\Mina Posting.odt
[2011.04.04 23:40:59 | 093,444,576 | ---- | C] () -- C:\Users\Minako\Documents\LifeRO Small.exe
[2011.04.03 22:00:19 | 000,000,577 | ---- | C] () -- C:\Users\Minako\Desktop\Izanami (MR).lnk
[2011.04.03 22:00:16 | 000,000,577 | ---- | C] () -- C:\Users\Minako\Desktop\Izanagi (HR).lnk
[2011.04.03 14:51:29 | 1826,339,780 | ---- | C] () -- C:\Users\Minako\Documents\TianAnmenROInstaller.exe
[2011.04.02 15:09:14 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011.04.02 15:09:13 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.04.02 14:57:06 | 000,111,012 | ---- | C] () -- C:\Users\Minako\Documents\wul_setup.exe
[2011.04.02 02:53:18 | 000,001,902 | ---- | C] () -- C:\Users\Minako\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft MKV Converter 6.lnk
[2011.04.02 02:53:18 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Xilisoft MKV Converter 6.lnk
[2011.04.02 02:39:38 | 000,000,752 | ---- | C] () -- C:\Users\Minako\Desktop\MKV TO AVI CONVERTER.lnk
[2011.04.01 22:29:04 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.03.30 10:44:44 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011.03.29 03:35:33 | 000,000,120 | ---- | C] () -- C:\Users\Minako\AppData\Local\Jhevucocaliroq.dat
[2011.03.29 03:35:33 | 000,000,000 | ---- | C] () -- C:\Users\Minako\AppData\Local\Sfecex.bin
[2011.03.23 11:35:07 | 000,000,110 | ---- | C] () -- C:\Users\Minako\NDS-Scene.url
[2011.03.23 11:34:56 | 134,217,728 | ---- | C] () -- C:\Users\Minako\5604 - Okamiden (USA) (AP Patched).nds
[2011.03.23 04:13:15 | 000,045,568 | ---- | C] () -- C:\Windows\UniFish3.exe
[2011.03.20 21:42:20 | 000,054,832 | ---- | C] () -- C:\Users\Minako\bscap0001.jpg
[2011.03.20 21:19:05 | 000,060,963 | ---- | C] () -- C:\Users\Minako\bscap0000.jpg
[2011.03.18 20:37:09 | 000,000,020 | ---- | C] () -- C:\Program Files\Sims2Pack Clean Installer.ini
[2011.03.18 20:36:04 | 000,001,008 | ---- | C] () -- C:\Users\Minako\Desktop\Sims2Pack Clean Installer.lnk
[2011.03.18 20:35:33 | 004,276,991 | ---- | C] () -- C:\Users\Minako\Gai.Sims2Pack
[2011.03.18 20:34:51 | 006,429,023 | ---- | C] () -- C:\Users\Minako\Azuma.Sims2Pack
[2011.03.18 20:34:44 | 006,005,424 | ---- | C] () -- C:\Users\Minako\Kakashi.Sims2Pack
[2011.03.18 20:33:56 | 003,982,331 | ---- | C] () -- C:\Users\Minako\Iruka.Sims2Pack
[2011.03.18 02:29:45 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 2 Vier Jahreszeiten.lnk
[2011.03.18 02:17:11 | 000,002,085 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims 2 Open For Business.lnk
[2011.03.18 01:42:13 | 000,002,013 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 2 Haustiere.lnk
[2011.03.18 01:01:23 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\Die Sims™ 2 Deluxe.lnk
[2011.03.06 21:11:06 | 000,000,190 | ---- | C] () -- C:\Windows\wininit.ini
[2011.02.26 03:22:14 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.02.17 23:01:55 | 000,007,168 | ---- | C] () -- C:\Users\Minako\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.05 18:59:03 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.02.05 17:01:23 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2011.02.05 15:58:25 | 000,000,680 | ---- | C] () -- C:\Users\Minako\AppData\Local\d3d9caps.dat
[2009.04.11 15:18:28 | 000,363,008 | ---- | C] () -- C:\Users\Minako\AppData\Local\ufecukalibiki.dll
[2009.04.11 15:18:12 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.04.11 15:18:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.04.11 15:18:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2008.02.11 20:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008.02.11 20:34:48 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin
[2008.02.11 20:34:48 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin
[2008.02.11 20:34:48 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,254,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,798 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,103,872 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
 
========== LOP Check ==========
 
[2011.04.10 22:41:46 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\5015
[2011.03.06 00:56:21 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\AVG10
[2011.03.17 01:43:57 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\BSplayer
[2011.02.17 23:10:18 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\BSplayer Pro
[2011.02.12 02:17:39 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.02.28 02:31:51 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\GrabPro
[2011.02.08 15:57:55 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\OpenOffice.org
[2011.04.15 19:02:53 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\Orbit
[2011.02.18 05:12:06 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\PhotoFiltre
[2011.03.09 14:03:16 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\PhotoScape
[2011.02.28 02:32:05 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\ProgSense
[2011.02.17 22:59:29 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\UltraGet
[2011.04.15 19:02:10 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\uTorrent
[2011.04.02 02:54:49 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\Xilisoft
[2011.04.10 22:40:49 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\xmldm
[2011.04.15 19:43:09 | 000,032,646 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.04.10 22:41:46 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\5015
[2011.03.29 03:33:10 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\Adobe
[2011.03.06 00:56:21 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\AVG10
[2011.03.17 01:43:57 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\BSplayer
[2011.02.17 23:10:18 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\BSplayer Pro
[2011.02.12 02:17:39 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.02.28 02:31:51 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\GrabPro
[2011.02.05 15:58:33 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\Identities
[2011.02.05 20:49:25 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\Media Center Programs
[2011.02.07 15:17:32 | 000,000,000 | --SD | M] -- C:\Users\Minako\AppData\Roaming\Microsoft
[2011.02.05 18:38:22 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\Mozilla
[2011.02.08 15:57:55 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\OpenOffice.org
[2011.04.15 19:02:53 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\Orbit
[2011.02.18 05:12:06 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\PhotoFiltre
[2011.03.09 14:03:16 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\PhotoScape
[2011.02.28 02:32:05 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\ProgSense
[2011.02.26 03:24:12 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\Real
[2011.02.17 22:59:29 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\UltraGet
[2011.04.15 19:02:10 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\uTorrent
[2011.02.05 20:45:58 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\WinRAR
[2011.04.02 02:54:49 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\Xilisoft
[2011.04.10 22:40:49 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\xmldm
 
< %APPDATA%\*.exe /s >
[2011.03.29 03:33:18 | 000,000,162 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47567734.exe
[2011.03.29 03:33:18 | 000,000,162 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47567765.exe
[2011.03.29 03:33:18 | 000,000,162 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47568093.exe
[2011.03.29 03:33:18 | 000,000,162 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47570843.exe
[2011.03.29 03:33:19 | 000,000,162 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47570859.exe
[2011.03.29 03:33:18 | 000,000,162 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47570875.exe
[2010.02.23 18:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 11:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 11:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 11:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 16:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.04.11 15:18:00 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 15:18:00 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 15:18:00 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2009.04.11 15:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 15:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 15:18:21 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 15:18:21 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.04.11 15:18:47 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 15:18:47 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.04.11 15:18:28 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 15:18:28 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 15:18:46 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 15:18:46 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< End of report >
--- --- ---


[/spoiler]

markusg 15.04.2011 19:16
sorry @cosinus du warst schneller, viel spaß :-)

Minako 15.04.2011 19:22
Könnt ihr damit was anfangen? oO Ich nämlich nicht!

cosinus 15.04.2011 20:50
Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Minako 16.04.2011 00:14
Zitat:
Zitat von cosinus (Beitrag 641041)
Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Oh gott drei Stunden hat der Scan gedauert.
In die Registerkarte Log kann ich leider nicht zugreifen, aber ich hab die Textdatei mal. gibt nur einen Log und darin steht das:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6369

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19019

16.04.2011 01:08:50
mbam-log-2011-04-16 (01-08-34).txt

Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 322072
Time elapsed: 2 hour(s), 47 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 11

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
c:\Users\Minako\AppData\Local\ufecukalibiki.dll (Trojan.Agent) -> No action taken.

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Txamabupic (Trojan.Agent) -> Value: Txamabupic -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Minako\AppData\Local\ufecukalibiki.dll (Trojan.Agent) -> No action taken.
c:\program files\jdownloader\curl_router_reconnect.exe (Trojan.Banker) -> No action taken.
c:\Users\Minako\Pictures\Animes\Pokemon\N\black white edition\msgplus3-setup.exe (Adware.Agent) -> No action taken.
e:\system volume information\_restore{f26650da-9906-42ac-98f2-c5334e1a5ad8}\RP261\A0305724.exe (Adware.Agent) -> No action taken.
e:\system volume information\_restore{f44883b3-33b1-47f3-9113-f56e0e537be5}\RP16\A0001735.exe (Adware.Agent) -> No action taken.
c:\Users\Minako\AppData\Roaming\Adobe\plugs\kb47567734.exe (Trojan.Agent) -> No action taken.
c:\Users\Minako\AppData\Roaming\Adobe\plugs\kb47567765.exe (Trojan.Agent) -> No action taken.
c:\Users\Minako\AppData\Roaming\Adobe\plugs\kb47568093.exe (Trojan.Agent) -> No action taken.
c:\Users\Minako\AppData\Roaming\Adobe\plugs\kb47570843.exe (Trojan.Agent) -> No action taken.
c:\Users\Minako\AppData\Roaming\Adobe\plugs\kb47570859.exe (Trojan.Agent) -> No action taken.
c:\Users\Minako\AppData\Roaming\Adobe\plugs\kb47570875.exe (Trojan.Agent) -> No action taken.


Ich hoffe das war das Richtige :/

cosinus 16.04.2011 11:38
Zitat:
-> No action taken.
Du solltest alle Funde entfernen!

Minako 16.04.2011 11:43
Also bevor ich das Programm beendet habe, hab ich auf Entfernen gedrückt, woraufhin die Daten alle vermutlich in Quarantäne geschoben wurden.
Oder muss ich direkt in die Ordner gehen und die löschen?

cosinus 16.04.2011 12:00
Nein dann ist das so ok.

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
MOD - C:\Users\Minako\AppData\Local\ufecukalibiki.dll ()
[2011.03.29 03:33:18 | 000,000,162 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47567734.exe
[2011.03.29 03:33:18 | 000,000,162 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47567765.exe
[2011.03.29 03:33:18 | 000,000,162 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47568093.exe
[2011.03.29 03:33:18 | 000,000,162 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47570843.exe
[2011.03.29 03:33:19 | 000,000,162 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47570859.exe
[2011.03.29 03:33:18 | 000,000,162 | ---- | M] () -- C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47570875.exe
[2011.04.10 22:41:46 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\5015
[2011.04.10 22:40:49 | 000,000,000 | ---D | M] -- C:\Users\Minako\AppData\Roaming\xmldm
[2011.03.29 03:35:31 | 000,000,000 | ---D | C] -- C:\Users\Minako\AppData\Local\{2DE66BE0-FCC5-4280-8FB1-C072806B8CF3}
[2011.04.01 22:31:20 | 000,000,000 | ---D | C] -- C:\58d6adcceca06f205c
[2011.04.14 21:13:57 | 000,000,000 | -HSD | C] -- C:\found.000
O4 - HKLM..\Run: [Txamabupic] C:\Users\Minako\AppData\Local\ufecukalibiki.dll ()
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Minako 16.04.2011 13:09
So ich hab das mal gemacht.
Bevor ich das gemacht hab, kam nochmal dieser Host Process Fehler.
Hoffentlich ist der damit auch behoben.

Also in der Datei, die jetzt nach dem Neustart geöffnet wurde, steht:

All processes killed
========== OTL ==========
File C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47567734.exe not found.
File C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47567765.exe not found.
File C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47568093.exe not found.
File C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47570843.exe not found.
File C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47570859.exe not found.
File C:\Users\Minako\AppData\Roaming\Adobe\plugs\KB47570875.exe not found.
C:\Users\Minako\AppData\Roaming\5015\components folder moved successfully.
C:\Users\Minako\AppData\Roaming\5015 folder moved successfully.
C:\Users\Minako\AppData\Roaming\xmldm folder moved successfully.
C:\Users\Minako\AppData\Local\{2DE66BE0-FCC5-4280-8FB1-C072806B8CF3}\chrome\content folder moved successfully.
C:\Users\Minako\AppData\Local\{2DE66BE0-FCC5-4280-8FB1-C072806B8CF3}\chrome folder moved successfully.
C:\Users\Minako\AppData\Local\{2DE66BE0-FCC5-4280-8FB1-C072806B8CF3} folder moved successfully.
C:\58d6adcceca06f205c folder moved successfully.
C:\found.000\dir0000.chk folder moved successfully.
C:\found.000 folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Txamabupic not found.
File C:\Users\Minako\AppData\Local\ufecukalibiki.dll not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Minako
->Temp folder emptied: 1325426228 bytes
->Temporary Internet Files folder emptied: 32112926 bytes
->Java cache emptied: 564349 bytes
->FireFox cache emptied: 53168357 bytes
->Flash cache emptied: 39140 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 21221757 bytes
RecycleBin emptied: 8349298233 bytes

Total Files Cleaned = 9.329,00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 04162011_130634

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


EDIT:

Diese Fehlermeldung mit dem Host Process und dem Gespinne mit der Anzeige kommt weiterhin.
Eine Freundin vermutet, das es etwas mit der Grafikkarte zu tun hat.

cosinus 16.04.2011 14:16
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Minako 16.04.2011 15:52
Zitat:
Zitat von cosinus (Beitrag 641304)
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-a...entfernen.html

Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif
Okay, also nach dem ersten Mal, hat er eine Datei im Harddrive angezeigt und der PC sollte neu gestartet werden, um das zu beheben. Als ich danach den Log geöffnet habe, stand das drin:

Code:
2011/04/16 16:47:11.0413 1728        TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/16 16:47:12.0251 1728        ================================================================================
2011/04/16 16:47:12.0251 1728        SystemInfo:
2011/04/16 16:47:12.0251 1728       
2011/04/16 16:47:12.0251 1728        OS Version: 6.0.6002 ServicePack: 2.0
2011/04/16 16:47:12.0251 1728        Product type: Workstation
2011/04/16 16:47:12.0251 1728        ComputerName: MINAKO-PC
2011/04/16 16:47:12.0251 1728        UserName: Minako
2011/04/16 16:47:12.0251 1728        Windows directory: C:\Windows
2011/04/16 16:47:12.0251 1728        System windows directory: C:\Windows
2011/04/16 16:47:12.0251 1728        Processor architecture: Intel x86
2011/04/16 16:47:12.0251 1728        Number of processors: 2
2011/04/16 16:47:12.0251 1728        Page size: 0x1000
2011/04/16 16:47:12.0251 1728        Boot type: Normal boot
2011/04/16 16:47:12.0251 1728        ================================================================================
2011/04/16 16:47:17.0286 1728        Initialize success
Dann hab ich nochmal gescannt, diesmal ohne einen Fund und im gescannten Log steht das:

Code:
2011/04/16 16:47:11.0413 1728        TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/16 16:47:12.0251 1728        ================================================================================
2011/04/16 16:47:12.0251 1728        SystemInfo:
2011/04/16 16:47:12.0251 1728       
2011/04/16 16:47:12.0251 1728        OS Version: 6.0.6002 ServicePack: 2.0
2011/04/16 16:47:12.0251 1728        Product type: Workstation
2011/04/16 16:47:12.0251 1728        ComputerName: MINAKO-PC
2011/04/16 16:47:12.0251 1728        UserName: Minako
2011/04/16 16:47:12.0251 1728        Windows directory: C:\Windows
2011/04/16 16:47:12.0251 1728        System windows directory: C:\Windows
2011/04/16 16:47:12.0251 1728        Processor architecture: Intel x86
2011/04/16 16:47:12.0251 1728        Number of processors: 2
2011/04/16 16:47:12.0251 1728        Page size: 0x1000
2011/04/16 16:47:12.0251 1728        Boot type: Normal boot
2011/04/16 16:47:12.0251 1728        ================================================================================
2011/04/16 16:47:17.0286 1728        Initialize success
2011/04/16 16:48:14.0180 4660        ================================================================================
2011/04/16 16:48:14.0180 4660        Scan started
2011/04/16 16:48:14.0180 4660        Mode: Manual;
2011/04/16 16:48:14.0180 4660        ================================================================================
2011/04/16 16:48:17.0519 4660        ACPI            (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/04/16 16:48:18.0244 4660        adp94xx        (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/04/16 16:48:18.0688 4660        adpahci        (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/04/16 16:48:18.0923 4660        adpu160m        (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/04/16 16:48:19.0262 4660        adpu320        (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/04/16 16:48:19.0595 4660        AFD            (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/04/16 16:48:20.0116 4660        agp440          (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/04/16 16:48:20.0199 4660        aic78xx        (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/04/16 16:48:20.0376 4660        aliide          (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/04/16 16:48:20.0417 4660        amdagp          (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/04/16 16:48:20.0502 4660        amdide          (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/04/16 16:48:20.0769 4660        AmdK7          (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/04/16 16:48:21.0021 4660        AmdK8          (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
2011/04/16 16:48:21.0374 4660        arc            (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/04/16 16:48:21.0535 4660        arcsas          (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/04/16 16:48:21.0562 4660        AsyncMac        (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/04/16 16:48:21.0767 4660        atapi          (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/04/16 16:48:21.0856 4660        AVGIDSDriver    (5f6c56305ea73760cdafc7604d64bbe0) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
2011/04/16 16:48:21.0910 4660        AVGIDSEH        (20a2d48722cf055c846bdeafa4f733ce) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
2011/04/16 16:48:21.0962 4660        AVGIDSFilter    (0a95333ca80ca8b79d612f3965466cc0) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
2011/04/16 16:48:22.0083 4660        AVGIDSShim      (ab7e4b37126447ffe4fb639901012fb3) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
2011/04/16 16:48:22.0199 4660        Avgldx86        (5fe5a2c2330c376a1d8dcff8d2680a2d) C:\Windows\system32\DRIVERS\avgldx86.sys
2011/04/16 16:48:22.0232 4660        Avgmfx86        (54f1a9b4c9b540c2d8ac4baa171696b1) C:\Windows\system32\DRIVERS\avgmfx86.sys
2011/04/16 16:48:22.0694 4660        Avgrkx86        (8da3b77993c5f354cc2977b7ea06d03a) C:\Windows\system32\DRIVERS\avgrkx86.sys
2011/04/16 16:48:23.0247 4660        Avgtdix        (660788ec46f10ece80274d564fa8b4aa) C:\Windows\system32\DRIVERS\avgtdix.sys
2011/04/16 16:48:23.0704 4660        Beep            (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/04/16 16:48:24.0073 4660        blbdrive        (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/04/16 16:48:24.0127 4660        bowser          (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/04/16 16:48:24.0158 4660        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/04/16 16:48:24.0468 4660        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/04/16 16:48:24.0653 4660        Brserid        (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/04/16 16:48:25.0033 4660        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/04/16 16:48:25.0283 4660        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/04/16 16:48:25.0525 4660        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/04/16 16:48:25.0754 4660        BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/04/16 16:48:26.0240 4660        cdfs            (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/04/16 16:48:26.0469 4660        cdrom          (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/04/16 16:48:27.0062 4660        circlass        (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/04/16 16:48:27.0368 4660        CLFS            (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/04/16 16:48:27.0708 4660        cmdide          (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/04/16 16:48:27.0751 4660        Compbatt        (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
2011/04/16 16:48:27.0802 4660        crcdisk        (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/04/16 16:48:27.0881 4660        Crusoe          (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/04/16 16:48:28.0118 4660        DfsC            (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/04/16 16:48:28.0344 4660        disk            (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/04/16 16:48:28.0676 4660        drmkaud        (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/04/16 16:48:29.0409 4660        DXGKrnl        (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
2011/04/16 16:48:30.0065 4660        E1G60          (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/04/16 16:48:30.0632 4660        Ecache          (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/04/16 16:48:30.0906 4660        elxstor        (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/04/16 16:48:31.0149 4660        ErrDev          (a81ab23eddb4693612014d87367d014c) C:\Windows\system32\drivers\errdev.sys
2011/04/16 16:48:31.0704 4660        exfat          (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/04/16 16:48:32.0082 4660        fastfat        (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/04/16 16:48:32.0161 4660        fdc            (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/04/16 16:48:32.0251 4660        FileInfo        (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/04/16 16:48:32.0432 4660        Filetrace      (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/04/16 16:48:33.0651 4660        flpydisk        (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/04/16 16:48:34.0202 4660        FltMgr          (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/04/16 16:48:34.0514 4660        Fs_Rec          (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/04/16 16:48:34.0905 4660        gagp30kx        (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/04/16 16:48:35.0246 4660        HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
2011/04/16 16:48:35.0715 4660        HDAudBus        (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/04/16 16:48:36.0363 4660        HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/04/16 16:48:36.0846 4660        HidIr          (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/04/16 16:48:37.0228 4660        HidUsb          (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/04/16 16:48:37.0343 4660        HpCISSs        (7ebec5eb56b90ed65a8bbd91464e5cfb) C:\Windows\system32\drivers\hpcisss.sys
2011/04/16 16:48:37.0537 4660        HTTP            (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
2011/04/16 16:48:37.0756 4660        i2omp          (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/04/16 16:48:38.0100 4660        i8042prt        (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/04/16 16:48:38.0615 4660        iaStorV        (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/04/16 16:48:40.0464 4660        igfx            (a9221d13d8f1f772010ee293ba9baeb7) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/04/16 16:48:41.0286 4660        iirsp          (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/04/16 16:48:41.0566 4660        intelide        (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/04/16 16:48:42.0143 4660        intelppm        (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/04/16 16:48:42.0508 4660        IpFilterDriver  (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/04/16 16:48:43.0667 4660        IPMIDRV        (4b9c0f4d4a3acc535f9771039ecd6365) C:\Windows\system32\drivers\ipmidrv.sys
2011/04/16 16:48:44.0136 4660        IPNAT          (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/04/16 16:48:44.0542 4660        IRENUM          (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/04/16 16:48:45.0345 4660        isapnp          (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/04/16 16:48:45.0958 4660        iScsiPrt        (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/04/16 16:48:46.0511 4660        iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/04/16 16:48:47.0306 4660        iteraid        (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/04/16 16:48:47.0742 4660        kbdclass        (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/04/16 16:48:48.0721 4660        kbdhid          (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/04/16 16:48:49.0471 4660        KSecDD          (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
2011/04/16 16:48:50.0318 4660        lltdio          (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/04/16 16:48:50.0656 4660        LSI_FC          (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/04/16 16:48:51.0006 4660        LSI_SAS        (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/04/16 16:48:51.0696 4660        LSI_SCSI        (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/04/16 16:48:52.0354 4660        luafv          (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/04/16 16:48:52.0749 4660        megasas        (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/04/16 16:48:53.0211 4660        MegaSR          (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/04/16 16:48:53.0968 4660        Modem          (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/04/16 16:48:55.0058 4660        monitor        (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/04/16 16:48:55.0523 4660        mouclass        (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/04/16 16:48:55.0856 4660        mouhid          (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/04/16 16:48:56.0539 4660        MountMgr        (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/04/16 16:48:57.0473 4660        mpio            (5da347912fd3af24d7bfb3de519d4bd0) C:\Windows\system32\drivers\mpio.sys
2011/04/16 16:48:57.0915 4660        mpsdrv          (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/04/16 16:48:58.0282 4660        Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/04/16 16:48:58.0915 4660        MRxDAV          (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/04/16 16:48:59.0469 4660        mrxsmb          (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/04/16 16:48:59.0973 4660        mrxsmb10        (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/04/16 16:49:00.0759 4660        mrxsmb20        (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/04/16 16:49:01.0436 4660        msahci          (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
2011/04/16 16:49:02.0055 4660        msdsm          (2c563aef15b8d0014c36c5f27742ac7b) C:\Windows\system32\drivers\msdsm.sys
2011/04/16 16:49:03.0043 4660        Msfs            (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/04/16 16:49:03.0730 4660        msisadrv        (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/04/16 16:49:04.0162 4660        MSKSSRV        (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/04/16 16:49:04.0424 4660        MSPCLOCK        (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/04/16 16:49:04.0599 4660        MSPQM          (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/04/16 16:49:04.0803 4660        MsRPC          (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/04/16 16:49:05.0090 4660        mssmbios        (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/04/16 16:49:05.0148 4660        MSTEE          (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/04/16 16:49:05.0483 4660        Mup            (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/04/16 16:49:05.0759 4660        NativeWifiP    (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/04/16 16:49:06.0204 4660        NDIS            (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/04/16 16:49:06.0312 4660        NdisTapi        (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/04/16 16:49:06.0374 4660        Ndisuio        (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/04/16 16:49:06.0455 4660        NdisWan        (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/04/16 16:49:06.0566 4660        NDProxy        (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/04/16 16:49:06.0615 4660        NetBIOS        (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/04/16 16:49:06.0828 4660        netbt          (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/04/16 16:49:07.0092 4660        nfrd960        (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/04/16 16:49:07.0341 4660        Npfs            (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/04/16 16:49:07.0433 4660        nsiproxy        (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/04/16 16:49:07.0563 4660        Ntfs            (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/04/16 16:49:07.0660 4660        ntrigdigi      (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/04/16 16:49:07.0865 4660        Null            (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/04/16 16:49:08.0027 4660        nvraid          (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/04/16 16:49:08.0056 4660        nvstor          (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/04/16 16:49:08.0224 4660        nv_agp          (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/04/16 16:49:08.0445 4660        ohci1394        (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/04/16 16:49:08.0523 4660        Parport        (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
2011/04/16 16:49:08.0623 4660        partmgr        (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/04/16 16:49:08.0717 4660        Parvdm          (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
2011/04/16 16:49:08.0851 4660        pci            (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/04/16 16:49:08.0910 4660        pciide          (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2011/04/16 16:49:08.0943 4660        pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/04/16 16:49:09.0014 4660        PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/04/16 16:49:09.0158 4660        PptpMiniport    (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/04/16 16:49:09.0211 4660        Processor      (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
2011/04/16 16:49:09.0356 4660        PSched          (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/04/16 16:49:09.0413 4660        ql2300          (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/04/16 16:49:09.0485 4660        ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/04/16 16:49:09.0570 4660        QWAVEdrv        (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/04/16 16:49:09.0629 4660        RasAcd          (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/04/16 16:49:09.0707 4660        Rasl2tp        (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/04/16 16:49:09.0824 4660        RasPppoe        (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/04/16 16:49:09.0883 4660        RasSstp        (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/04/16 16:49:09.0961 4660        rdbss          (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/04/16 16:49:10.0036 4660        RDPCDD          (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/04/16 16:49:10.0116 4660        rdpdr          (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\drivers\rdpdr.sys
2011/04/16 16:49:10.0150 4660        RDPENCDD        (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/04/16 16:49:10.0199 4660        RDPWD          (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/04/16 16:49:10.0355 4660        rspndr          (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/04/16 16:49:10.0401 4660        RT25USBAP      (d3b4872de758efa9e0740694c4461421) C:\Windows\system32\DRIVERS\rt25usbap.sys
2011/04/16 16:49:10.0459 4660        RTL8169        (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/04/16 16:49:10.0749 4660        sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/04/16 16:49:10.0917 4660        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/04/16 16:49:10.0991 4660        Serenum        (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/04/16 16:49:11.0065 4660        Serial          (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/04/16 16:49:11.0150 4660        sermouse        (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/04/16 16:49:11.0242 4660        sffdisk        (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/04/16 16:49:11.0298 4660        sffp_mmc        (e5eafe85815bd89095fef3144a09ab68) C:\Windows\system32\drivers\sffp_mmc.sys
2011/04/16 16:49:11.0345 4660        sffp_sd        (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\drivers\sffp_sd.sys
2011/04/16 16:49:11.0386 4660        sfloppy        (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/04/16 16:49:11.0504 4660        sisagp          (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/04/16 16:49:11.0548 4660        SiSRaid2        (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/04/16 16:49:11.0669 4660        SiSRaid4        (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/04/16 16:49:11.0723 4660        Smb            (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/04/16 16:49:11.0866 4660        spldr          (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/04/16 16:49:11.0919 4660        srv            (ff3cbc13db84d81f56931bc922cc37c4) C:\Windows\system32\DRIVERS\srv.sys
2011/04/16 16:49:11.0960 4660        srv2            (d15959d9f69f0d39a0153e9c244f20dd) C:\Windows\system32\DRIVERS\srv2.sys
2011/04/16 16:49:12.0018 4660        srvnet          (faa0d553a49e85008c6bb3781987c574) C:\Windows\system32\DRIVERS\srvnet.sys
2011/04/16 16:49:12.0139 4660        swenum          (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/04/16 16:49:12.0182 4660        Symc8xx        (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/04/16 16:49:12.0217 4660        Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/04/16 16:49:12.0250 4660        Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/04/16 16:49:12.0376 4660        Tcpip          (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\drivers\tcpip.sys
2011/04/16 16:49:12.0485 4660        Tcpip6          (a474879afa4a596b3a531f3e69730dbf) C:\Windows\system32\DRIVERS\tcpip.sys
2011/04/16 16:49:12.0859 4660        tcpipreg        (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
2011/04/16 16:49:13.0149 4660        TDPIPE          (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/04/16 16:49:13.0411 4660        TDTCP          (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/04/16 16:49:13.0538 4660        tdx            (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/04/16 16:49:13.0709 4660        TermDD          (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/04/16 16:49:13.0830 4660        tssecsrv        (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/04/16 16:49:13.0875 4660        tunmp          (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/04/16 16:49:13.0945 4660        tunnel          (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2011/04/16 16:49:13.0991 4660        uagp35          (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/04/16 16:49:14.0070 4660        udfs            (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/04/16 16:49:14.0132 4660        uliagpkx        (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/04/16 16:49:14.0226 4660        uliahci        (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/04/16 16:49:14.0293 4660        UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/04/16 16:49:14.0367 4660        ulsata2        (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/04/16 16:49:14.0462 4660        umbus          (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/04/16 16:49:14.0535 4660        usbccgp        (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/04/16 16:49:14.0583 4660        usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/04/16 16:49:14.0661 4660        usbehci        (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/04/16 16:49:14.0747 4660        usbhub          (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/04/16 16:49:14.0837 4660        usbohci        (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/04/16 16:49:14.0896 4660        usbprint        (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/04/16 16:49:15.0000 4660        usbscan        (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
2011/04/16 16:49:15.0071 4660        USBSTOR        (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/04/16 16:49:15.0136 4660        usbuhci        (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/04/16 16:49:15.0358 4660        vga            (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/04/16 16:49:15.0413 4660        VgaSave        (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/04/16 16:49:15.0459 4660        viaagp          (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/04/16 16:49:15.0501 4660        ViaC7          (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/04/16 16:49:15.0539 4660        viaide          (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/04/16 16:49:15.0598 4660        volmgr          (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/04/16 16:49:15.0634 4660        volmgrx        (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/04/16 16:49:15.0694 4660        volsnap        (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/04/16 16:49:15.0777 4660        vsmraid        (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/04/16 16:49:15.0830 4660        WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/04/16 16:49:15.0901 4660        Wanarp          (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/16 16:49:15.0923 4660        Wanarpv6        (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/04/16 16:49:15.0973 4660        Wd              (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/04/16 16:49:16.0077 4660        Wdf01000        (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/04/16 16:49:16.0317 4660        WmiAcpi        (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
2011/04/16 16:49:16.0562 4660        ws2ifsl        (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/04/16 16:49:16.0814 4660        WUDFRd          (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/04/16 16:49:16.0941 4660        ================================================================================
2011/04/16 16:49:16.0941 4660        Scan finished
2011/04/16 16:49:16.0941 4660        ================================================================================
Sollte der Fehler noch einmal auftreten, werde ich mich sofort melden.

EDIT:
Also bisher verhält sich der PC ruhig und es scheint auch keine Laggs mehr zu geben. Ich hoffe das Problem ist nun gelöst.
Vielen Dank Cosinus für deine tatkräftige Unterstützung, ohne dich müsste ich mich wohl ewig mit dem Fehler herum ärgern. Aber wenn ich jetzt wieder so ein Problem bekomme, weiß ich jetzt, was ich dagegen tun kann / muss :)

Vielen lieben Dank nochmal!

cosinus 17.04.2011 19:10
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:43 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27