Powerded by Loudmo :(

Diskutiere Powerded by Loudmo :( im Viren, Würmer, Spyware Forum im Bereich Computerprobleme; hallo habe das hier schon behandelte Problem mit diesem Loudmo sch... in Firefox ändert sich das Fenster häufig und plötzlich in eine...

  1. #1 peterswerder, 21.07.2010
    peterswerder

    peterswerder Neuer Benutzer

    Dabei seit:
    15.07.2010
    Beiträge:
    12
    Zustimmungen:
    0
    hallo habe das hier schon behandelte Problem mit diesem Loudmo sch...

    in Firefox ändert sich das Fenster häufig und plötzlich in eine Werbung..Der Tab heisst dann Powered by Loudmo...

    Habe Asus A52J Windows 7 64Bit.....

    hier mein Gored Fix Ergebnis



    GooredFix by jpshortstuff (03.07.10.1)
    Log created at 20:07 on 15/07/2010 (Samir)
    Firefox version 3.6.6 (de)

    ========== GooredScan ==========


    ========== GooredLog ==========

    C:\Program Files (x86)\Mozilla Firefox\extensions\
    {2433bf0f-be7e-bbcd-dd68-c52537f49676} [12:09 29/05/2010]
    {972ce4c6-7e08-4474-a285-3208198ce6fd} [11:31 16/06/2010]
    {AB2CE124-6272-4b12-94A9-7303C7397BD1} [19:04 07/05/2010]

    [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
    (Key not found)

    -=E.O.F=-

    hoffe ihr könnt mir helfen...danke im Voraus...
     
  2. Anzeige

    schau mal hier: Windows-Wartungs-Tool. Viele Probleme lassen sich damit einfach beheben. Oftmals ist der PC dann auch schneller!
    Registrieren bzw. einloggen, um diese und auch andere Anzeigen zu deaktivieren.
  3. #2 Larusso, 21.07.2010
    Larusso

    Larusso TB- Coach

    Dabei seit:
    14.02.2010
    Beiträge:
    240
    Zustimmungen:
    0
    Ort:
    tiny infected world
    Downloade Dir bitte Load.exe


    Das Tool benötigt eine aktive Internetverbindung, aber keinen offenen Browser
    Sollte deine Firewall meckern, die Anwendung bitte zulassen.
    • Speichere die Datei am Desktop.
    • Doppelklick auf die load.exe
    • Belasse die Häckchen wie sie sind.
    • Schließe nun alle offenen Programme.
    • Klicke auf Download
    • Bitte während dem Download nicht in das Fenster klicken.
    • Folge den Anweisungen auf dem Bildschirm.
    • Wenn das Fenster Status aufpoppt klicke Start.

    Nach dem Neustart findest Du einen Ordner MFTools auf dem Desktop. Darin befindet sich eine Anleitung.pdf.
    Diese bitte öffnen und die darin beschriebenen Schritte abarbeiten.
     
  4. #3 peterswerder, 22.07.2010
    peterswerder

    peterswerder Neuer Benutzer

    Dabei seit:
    15.07.2010
    Beiträge:
    12
    Zustimmungen:
    0
    hi...erstmal vielen Dank für die deataillierte Anleitung...

    Leider bin ich stecken geblieben beim abarbeiten. Wo finde ich otl.exe? Habe ausser ERUNT nur noch NTREGOPT auf dem Desktop. Ist dies das gleiche?

    Und Malwarebytes hatte ich schon und beim damaligen Versuch hatte ich auch schon Sachen gelöscht. Beim quick scan gab es jetzt keine Funde mehr.
     
  5. #4 Larusso, 22.07.2010
    Larusso

    Larusso TB- Coach

    Dabei seit:
    14.02.2010
    Beiträge:
    240
    Zustimmungen:
    0
    Ort:
    tiny infected world
    Hy und sorry. Ein paar DownloadServer was verwendet werden sind derzeit offline. Wartungsarbeiten

    CustomScan mit OTL

    Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

    • Starte bitte die OTL.exe.
      Vista und Win7 User mit Rechtsklick "als Administrator starten"
    • Kopiere nun den Inhalt in die [​IMG] Textbox.
    Code:
    netsvcs
    %SYSTEMDRIVE%\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
    %systemroot%\system32\user32.dll /md5
    %systemroot%\system32\ws2_32.dll /md5
    %systemroot%\system32\ws2help.dll /md5
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    
    • Schliesse bitte nun alle Programme. (Wichtig)
    • Klicke nun bitte auf den Quick Scan Button.
    • Klick auf [​IMG].
    • Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread


    Poste mir ebenfalls eine Malwarebytes Logfile, wo ich sehen kann was gelöscht wurde
     
  6. #5 peterswerder, 22.07.2010
    peterswerder

    peterswerder Neuer Benutzer

    Dabei seit:
    15.07.2010
    Beiträge:
    12
    Zustimmungen:
    0
    hi Daniel...

    also...hier otl.txt


    OTL logfile created on: 22.07.2010 16:50:35 - Run 2
    OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Samir\Downloads
    64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

    4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free
    8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 116,44 Gb Total Space | 82,85 Gb Free Space | 71,15% Space Free | Partition Type: NTFS
    Drive D: | 334,67 Gb Total Space | 334,63 Gb Free Space | 99,99% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: SAMIR-PC
    Current User Name: Samir
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: Current user
    Include 64bit Scans
    Company Name Whitelist: On
    Skip Microsoft Files: On
    File Age = 90 Days
    Output = Standard
    Quick Scan

    ========== Processes (SafeList) ==========

    PRC - [2010.07.22 16:41:50 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Samir\Downloads\OTL.exe
    PRC - [2010.06.25 14:06:05 | 000,077,824 | ---- | M] () -- C:\Windows\KMService.exe
    PRC - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    PRC - [2010.04.01 13:33:15 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    PRC - [2010.03.02 11:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    PRC - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    PRC - [2010.01.23 19:04:40 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
    PRC - [2009.11.24 11:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe
    PRC - [2009.11.12 20:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    PRC - [2009.11.10 05:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    PRC - [2009.11.03 00:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    PRC - [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
    PRC - [2009.10.27 06:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    PRC - [2009.10.26 20:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    PRC - [2009.10.01 05:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2009.10.01 05:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2009.09.24 23:50:02 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
    PRC - [2009.08.20 06:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    PRC - [2009.06.24 22:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
    PRC - [2009.06.19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    PRC - [2009.06.19 20:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    PRC - [2009.06.16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    PRC - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    PRC - [2009.05.19 01:59:10 | 000,428,600 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
    PRC - [2009.05.19 01:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    PRC - [2008.12.23 03:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    PRC - [2008.03.31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    PRC - [2007.11.30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    PRC - [2007.07.19 12:17:44 | 003,539,968 | ---- | M] (1&1 Internet AG) -- C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe
    PRC - [2003.04.18 19:06:26 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe


    ========== Modules (SafeList) ==========

    MOD - [2010.07.22 16:41:50 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Samir\Downloads\OTL.exe
    MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
    MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\srvany.exe -- (KMService)
    SRV:64bit: - [2010.02.23 13:21:40 | 000,859,640 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
    SRV:64bit: - [2009.11.18 07:45:39 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2009.09.29 18:32:31 | 000,570,632 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
    SRV:64bit: - [2009.09.29 18:32:29 | 000,917,768 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
    SRV:64bit: - [2009.09.17 21:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
    SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
    SRV - [2010.04.01 13:33:15 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
    SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
    SRV - [2009.11.10 05:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
    SRV - [2009.10.01 05:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
    SRV - [2009.10.01 05:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
    SRV - [2009.09.15 03:03:42 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
    SRV - [2009.06.16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
    SRV - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
    SRV - [2008.12.08 17:01:58 | 000,533,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
    SRV - [2008.03.31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
    SRV - [2003.04.18 19:06:26 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2010.05.10 20:27:03 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
    DRV:64bit: - [2010.03.02 13:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
    DRV:64bit: - [2010.02.16 14:24:00 | 000,081,072 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
    DRV:64bit: - [2009.12.04 18:40:30 | 000,265,744 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmxpflt.sys -- (tmxpflt)
    DRV:64bit: - [2009.12.04 18:39:44 | 000,042,000 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmpreflt.sys -- (tmpreflt)
    DRV:64bit: - [2009.12.04 18:30:22 | 002,007,056 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vsapint.sys -- (vsapint)
    DRV:64bit: - [2009.11.18 08:21:19 | 006,171,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
    DRV:64bit: - [2009.10.30 04:50:03 | 000,704,512 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
    DRV:64bit: - [2009.10.15 11:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
    DRV:64bit: - [2009.10.05 03:33:59 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2009.09.30 03:34:31 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV:64bit: - [2009.09.29 18:33:17 | 000,107,536 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
    DRV:64bit: - [2009.09.17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
    DRV:64bit: - [2009.08.18 10:23:31 | 000,143,472 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
    DRV:64bit: - [2009.08.14 08:36:01 | 000,102,000 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\JME.sys -- (JME) JMicron Ethernet Adapter NDIS6 Driver (Amd64 Bits)
    DRV:64bit: - [2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
    DRV:64bit: - [2009.07.20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
    DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009.07.14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
    DRV:64bit: - [2009.06.18 22:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
    DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
    DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
    DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009.06.05 12:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
    DRV:64bit: - [2009.05.13 03:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
    DRV:64bit: - [2008.12.08 17:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2008.05.24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
    DRV - [2009.07.03 03:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========
     
  7. #6 peterswerder, 22.07.2010
    peterswerder

    peterswerder Neuer Benutzer

    Dabei seit:
    15.07.2010
    Beiträge:
    12
    Zustimmungen:
    0
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
    IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN
    IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
    FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://www.google.de/ig?hl=de"
    FF - prefs.js..extensions.enabledItems: {2433bf0f-be7e-bbcd-dd68-c52537f49676}:4.6.6.9
    FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
    FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
    FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4
    FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="


    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.21 12:30:37 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.21 12:30:37 | 000,000,000 | ---D | M]

    [2010.06.16 13:32:55 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\mozilla\Extensions
    [2010.06.28 15:32:44 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Profiles\a4t2wtk8.default\extensions
    [2010.06.28 15:32:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Profiles\a4t2wtk8.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
    [2010.06.26 13:34:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Profiles\a4t2wtk8.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
    [2010.06.24 15:11:32 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Profiles\a4t2wtk8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2010.07.22 02:20:22 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Profiles\pnedz550.default\extensions
    [2010.06.28 15:32:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Profiles\pnedz550.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
    [2010.06.26 13:34:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Profiles\pnedz550.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
    [2010.06.24 15:12:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Profiles\pnedz550.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
    [2010.07.10 14:01:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Profiles\pnedz550.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2010.06.24 15:12:08 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Profiles\pnedz550.default\extensions\firefox@tvunetworks.com
    [2010.06.28 15:32:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
    [2010.05.29 14:09:22 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files (x86)\mozilla firefox\extensions\{2433bf0f-be7e-bbcd-dd68-c52537f49676}
    [2010.05.07 21:04:04 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
    [2010.06.25 04:47:16 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
    [2010.06.25 04:47:16 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
    [2010.06.25 04:47:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
    [2010.06.25 04:47:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
    [2010.06.25 04:47:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

    O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
    O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
    O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
    O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
    O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
    O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
    O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
    O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
    O4 - HKCU..\Run: [GMX SMS-Manager] C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe (1&1 Internet AG)
    O4 - HKCU..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
    O4 - Startup: C:\Users\Samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
    O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
    O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
    O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
    O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
    O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
    O13 - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{e9479de9-5c61-11df-baad-e0cb4e36e3e2}\Shell - "" = AutoRun
    O33 - MountPoints2\{e9479de9-5c61-11df-baad-e0cb4e36e3e2}\Shell\AutoRun\command - "" = F:\SETUP.EXE -- File not found
    O33 - MountPoints2\{e9479de9-5c61-11df-baad-e0cb4e36e3e2}\Shell\configure\command - "" = F:\SETUP.EXE -- File not found
    O33 - MountPoints2\{e9479de9-5c61-11df-baad-e0cb4e36e3e2}\Shell\install\command - "" = F:\SETUP.EXE -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*


    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 90 Days ==========

    [2010.07.22 13:46:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
    [2010.07.22 01:57:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2010.07.22 01:54:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
    [2010.07.22 01:48:43 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\MFTools
    [2010.07.15 20:07:29 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\GooredFix Backups
    [2010.07.14 00:04:51 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Avira
    [2010.07.07 17:15:14 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
    [2010.07.07 17:15:14 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
    [2010.07.07 17:15:14 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys
    [2010.07.07 17:15:14 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys
    [2010.07.07 17:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
    [2010.07.07 17:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
    [2010.07.04 17:35:12 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\ICQ
    [2010.06.29 16:08:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
    [2010.06.29 08:52:37 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Malwarebytes
    [2010.06.29 08:52:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    [2010.06.29 08:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2010.06.29 08:52:24 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2010.06.29 08:52:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2010.06.28 15:32:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
    [2010.06.28 15:32:26 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
    [2010.06.28 15:32:15 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\ICQ
    [2010.06.28 15:32:14 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\AOL
    [2010.06.28 15:32:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
    [2010.06.28 13:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
    [2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
    [2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64
    [2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
    [2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
    [2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0207030.022
    [2010.06.28 12:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
    [2010.06.28 12:56:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
    [2010.06.28 01:36:43 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\DivX
     
  8. #7 peterswerder, 22.07.2010
    peterswerder

    peterswerder Neuer Benutzer

    Dabei seit:
    15.07.2010
    Beiträge:
    12
    Zustimmungen:
    0
    [2010.06.28 01:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
    [2010.06.28 01:36:11 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
    [2010.06.28 01:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
    [2010.06.28 01:34:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
    [2010.06.28 01:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
    [2010.06.26 13:34:01 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpers
    [2010.06.26 13:33:54 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\DVDVideoSoft
    [2010.06.26 13:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
    [2010.06.26 13:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
    [2010.06.25 14:10:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
    [2010.06.25 13:34:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
    [2010.06.25 13:34:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
    [2010.06.25 13:33:43 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
    [2010.06.25 13:33:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
    [2010.06.24 13:20:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
    [2010.06.07 16:08:29 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\Diplomarbeit Wagner
    [2010.05.29 14:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabelFish
    [2010.05.29 14:09:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
    [2010.05.26 15:47:28 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Diagnostics
    [2010.05.25 20:09:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
    [2010.05.24 21:06:51 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\Meine empfangenen Dateien
    [2010.05.21 14:19:06 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\Downloads
    [2010.05.18 19:09:21 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\GameConsole
    [2010.05.18 19:09:13 | 000,000,000 | -HSD | C] -- C:\Users\Samir\AppData\Roaming\.#
    [2010.05.16 20:06:40 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\Ufü
    [2010.05.16 19:58:38 | 000,000,000 | ---D | C] -- C:\Users\Samir\laptop
    [2010.05.16 15:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
    [2010.05.15 13:58:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
    [2010.05.11 14:53:50 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\SafeNet Sentinel
    [2010.05.11 14:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
    [2010.05.11 14:53:50 | 000,000,000 | ---D | C] -- C:\Users\Samir\.spss
    [2010.05.11 12:12:46 | 000,000,000 | ---D | C] -- C:\Users\Samir\Tracing
    [2010.05.10 20:47:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
    [2010.05.10 20:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
    [2010.05.10 20:46:27 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Leadertech
    [2010.05.10 20:32:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
    [2010.05.10 20:26:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
    [2010.05.10 20:25:09 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\DAEMON Tools Lite
    [2010.05.10 20:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
    [2010.05.10 18:55:52 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\CyberLink
    [2010.05.10 18:40:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
    [2010.05.10 18:40:30 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Microsoft Help
    [2010.05.10 17:04:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\WinRAR
    [2010.05.10 17:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
    [2010.05.10 11:16:43 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\ASUS
    [2010.05.10 11:16:34 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
    [2010.05.10 11:16:33 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\ASUS
    [2010.05.09 23:26:35 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Boss Media
    [2010.05.09 23:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Boss Media
    [2010.05.09 23:26:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ParadisePoker
    [2010.05.09 23:19:16 | 000,000,000 | ---D | C] -- C:\Casino
    [2010.05.09 14:29:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Service
    [2010.05.09 14:12:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast
    [2010.05.09 14:11:43 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\SopCast329
    [2010.05.09 14:05:51 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\vlc
    [2010.05.09 14:04:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
    [2010.05.09 14:00:04 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\UseNeXT
    [2010.05.09 14:00:03 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\UseNeXT
    [2010.05.09 13:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UseNeXT
    [2010.05.09 12:01:50 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\TVU Networks
    [2010.05.09 12:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
    [2010.05.09 12:00:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\TVUAx
    [2010.05.08 16:15:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010.05.08 15:58:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GMX
    [2010.05.08 15:01:29 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Adobe
    [2010.05.08 11:04:47 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Asus WebStorage
    [2010.05.07 23:40:42 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Microsoft Games
    [2010.05.07 23:08:59 | 000,000,000 | ---D | C] -- C:\Programs
    [2010.05.07 21:18:31 | 002,007,056 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\vsapint.sys
    [2010.05.07 21:18:31 | 000,265,744 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmxpflt.sys
    [2010.05.07 21:18:31 | 000,042,000 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmpreflt.sys
    [2010.05.07 21:09:05 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\skypePM
    [2010.05.07 21:06:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log
    [2010.05.07 21:04:20 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Skype
    [2010.05.07 21:04:12 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Google
    [2010.05.07 21:04:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
    [2010.05.07 21:03:47 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
    [2010.05.07 21:03:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
    [2010.05.07 21:03:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
    [2010.05.07 21:00:46 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Mozilla
    [2010.05.07 21:00:46 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Mozilla
    [2010.05.07 21:00:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2010.05.07 20:56:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Macromedia
    [2010.05.07 20:56:48 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Adobe
    [2010.05.07 20:45:01 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\ASUS WebStorage
    [2010.05.07 20:45:00 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\ATI
    [2010.05.07 20:45:00 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\ATI
    [2010.05.07 20:44:59 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\SRS Labs
    [2010.05.07 20:44:39 | 000,000,000 | R--D | C] -- C:\Users\Samir\Searches
    [2010.05.07 20:44:32 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Identities
    [2010.05.07 20:44:27 | 000,000,000 | R--D | C] -- C:\Users\Samir\Contacts
    [2010.05.07 20:41:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
    [2010.05.07 20:41:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
    [2010.05.07 20:41:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
    [2010.05.07 20:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
    [2010.05.07 20:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    [2010.05.07 20:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
    [2010.05.07 20:36:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
    [2010.05.07 20:36:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
    [2010.05.07 20:36:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
    [2010.05.07 20:34:48 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Power2Go
    [2010.05.07 20:34:44 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\VirtualStore
    [2010.05.07 20:34:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
    [2010.05.07 20:34:17 | 000,000,000 | -H-D | C] -- C:\asus.dat
    [2010.05.07 20:33:49 | 000,000,000 | --SD | C] -- C:\Users\Samir\AppData\Roaming\Microsoft
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Videos
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Saved Games
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Pictures
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Music
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Links
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Favorites
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Downloads
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Documents
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Desktop
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Vorlagen
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\AppData\Local\Verlauf
     
  9. #8 peterswerder, 22.07.2010
    peterswerder

    peterswerder Neuer Benutzer

    Dabei seit:
    15.07.2010
    Beiträge:
    12
    Zustimmungen:
    0
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\AppData\Local\Temporary Internet Files
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Startmenü
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\SendTo
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Recent
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Netzwerkumgebung
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Lokale Einstellungen
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Documents\Eigene Videos
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Documents\Eigene Musik
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Eigene Dateien
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Documents\Eigene Bilder
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Druckumgebung
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Cookies
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\AppData\Local\Anwendungsdaten
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Anwendungsdaten
    [2010.05.07 20:33:49 | 000,000,000 | -H-D | C] -- C:\Users\Samir\AppData
    [2010.05.07 20:33:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Temp
    [2010.05.07 20:33:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Microsoft
    [2010.05.07 20:33:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Media Center Programs
    [2010.04.27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl

    ========== Files - Modified Within 90 Days ==========

    [2010.07.22 16:50:35 | 006,029,312 | -HS- | M] () -- C:\Users\Samir\ntuser.dat
    [2010.07.22 16:31:00 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689079528-3819561334-3384744718-1000UA.job
    [2010.07.22 16:26:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010.07.22 13:49:00 | 000,081,842 | ---- | M] () -- C:\Users\Samir\Documents\cc_20100722_134840.reg
    [2010.07.22 13:46:11 | 000,001,013 | ---- | M] () -- C:\Users\Samir\Desktop\CCleaner.lnk
    [2010.07.22 12:08:54 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010.07.22 12:08:54 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010.07.22 12:02:02 | 000,001,878 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
    [2010.07.22 12:01:30 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010.07.22 12:01:26 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010.07.22 12:01:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010.07.22 12:01:17 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys
    [2010.07.22 03:51:35 | 003,369,885 | -H-- | M] () -- C:\Users\Samir\AppData\Local\IconCache.db
    [2010.07.22 01:54:19 | 000,001,110 | ---- | M] () -- C:\Users\Samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2010.07.22 01:54:17 | 000,000,930 | ---- | M] () -- C:\Users\Samir\Desktop\NTREGOPT.lnk
    [2010.07.22 01:54:17 | 000,000,911 | ---- | M] () -- C:\Users\Samir\Desktop\ERUNT.lnk
    [2010.07.22 01:40:57 | 000,122,360 | ---- | M] () -- C:\Users\Samir\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010.07.22 01:40:43 | 000,446,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2010.07.18 22:02:43 | 000,313,899 | ---- | M] () -- C:\Users\Samir\Desktop\DSC00276.JPG
    [2010.07.15 18:47:00 | 000,000,498 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Samir.job
    [2010.07.13 11:47:01 | 000,001,617 | ---- | M] () -- C:\Users\Samir\Desktop\DivX Movies.lnk
    [2010.07.13 11:46:20 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
    [2010.07.10 04:31:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689079528-3819561334-3384744718-1000Core.job
    [2010.07.09 15:01:33 | 000,419,012 | ---- | M] () -- C:\Users\Samir\Desktop\la mienne.jpg
    [2010.07.07 23:31:08 | 000,001,333 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
    [2010.07.07 17:15:17 | 000,002,072 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
    [2010.07.07 16:59:18 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
    [2010.07.07 16:55:14 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
    [2010.07.04 16:19:34 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2010.07.04 03:11:26 | 002,000,282 | ---- | M] () -- C:\Users\Samir\Documents\Foto0221.jpg
    [2010.06.30 15:20:17 | 001,480,602 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2010.06.30 15:20:17 | 000,647,376 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
    [2010.06.30 15:20:17 | 000,610,094 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2010.06.30 15:20:17 | 000,127,404 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
    [2010.06.30 15:20:17 | 000,104,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2010.06.30 14:44:00 | 000,002,266 | ---- | M] () -- C:\Users\Samir\Desktop\Scanner.lnk
    [2010.06.30 14:13:40 | 001,785,991 | ---- | M] () -- C:\Users\Samir\Documents\Foto0220.jpg
    [2010.06.29 08:52:29 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.06.28 12:56:19 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
    [2010.06.28 12:56:14 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini
    [2010.06.26 13:33:59 | 000,001,245 | ---- | M] () -- C:\Users\Samir\Desktop\DVDVideoSoft Free Studio.lnk
    [2010.06.25 14:13:56 | 001,500,444 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2010.06.25 14:06:05 | 000,077,824 | ---- | M] () -- C:\Windows\KMService.exe
    [2010.06.25 13:44:38 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
    [2010.06.24 16:58:09 | 000,524,288 | -HS- | M] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TMContainer00000000000000000002.regtrans-ms
    [2010.06.24 16:58:09 | 000,524,288 | -HS- | M] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TMContainer00000000000000000001.regtrans-ms
    [2010.06.24 16:58:09 | 000,065,536 | -HS- | M] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TM.blf
    [2010.06.22 11:48:44 | 000,066,644 | ---- | M] () -- C:\Users\Samir\Desktop\pic21487.jpg
    [2010.06.15 13:57:02 | 000,006,003 | ---- | M] () -- C:\Users\Samir\Desktop\app_full_proxy.php.jpg
    [2010.06.08 19:02:47 | 000,063,720 | ---- | M] () -- C:\Users\Samir\long.jpg
    [2010.05.29 13:43:43 | 000,005,118 | ---- | M] () -- C:\Users\Samir\bar.jpg
    [2010.05.24 00:27:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
    [2010.05.11 15:37:27 | 000,000,063 | ---- | M] () -- C:\Users\Samir\Documents\lkanguage.sps
    [2010.05.11 15:37:11 | 000,001,098 | ---- | M] () -- C:\Users\Samir\Documents\laqnguage.spv
    [2010.05.11 15:29:47 | 000,001,035 | ---- | M] () -- C:\Users\Samir\Documents\language.spv
    [2010.05.11 15:23:56 | 000,001,039 | ---- | M] () -- C:\Users\Samir\Documents\lang.spv
    [2010.05.10 20:27:03 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
    [2010.05.09 15:39:22 | 000,000,600 | ---- | M] () -- C:\Users\Samir\PUTTY.RND
    [2010.05.09 14:06:59 | 018,499,623 | ---- | M] () -- C:\Users\Samir\Documents\vlc-1.0.5-win32.exe
    [2010.05.08 10:53:25 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
    [2010.05.07 21:09:06 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
    [2010.05.07 21:04:41 | 000,524,288 | -HS- | M] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
    [2010.05.07 21:04:41 | 000,524,288 | -HS- | M] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
    [2010.05.07 21:04:41 | 000,065,536 | -HS- | M] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
    [2010.05.07 20:55:01 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_K52Jr.alu
    [2010.05.07 20:33:49 | 000,000,020 | -HS- | M] () -- C:\Users\Samir\ntuser.ini
    [2010.05.07 12:35:03 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
    [2010.05.07 12:35:03 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
    [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    [2010.04.29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2010.04.27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl

    ========== Files Created - No Company Name ==========

    [2010.07.22 13:48:46 | 000,081,842 | ---- | C] () -- C:\Users\Samir\Documents\cc_20100722_134840.reg
    [2010.07.22 13:46:11 | 000,001,013 | ---- | C] () -- C:\Users\Samir\Desktop\CCleaner.lnk
    [2010.07.22 01:54:19 | 000,001,110 | ---- | C] () -- C:\Users\Samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2010.07.22 01:54:17 | 000,000,930 | ---- | C] () -- C:\Users\Samir\Desktop\NTREGOPT.lnk
    [2010.07.22 01:54:17 | 000,000,911 | ---- | C] () -- C:\Users\Samir\Desktop\ERUNT.lnk
    [2010.07.18 22:02:39 | 000,313,899 | ---- | C] () -- C:\Users\Samir\Desktop\DSC00276.JPG
    [2010.07.13 11:47:01 | 000,001,617 | ---- | C] () -- C:\Users\Samir\Desktop\DivX Movies.lnk
    [2010.07.13 11:46:20 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
    [2010.07.09 15:01:27 | 000,419,012 | ---- | C] () -- C:\Users\Samir\Desktop\la mienne.jpg
    [2010.07.07 17:15:17 | 000,002,072 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
    [2010.07.04 16:40:55 | 001,785,991 | ---- | C] () -- C:\Users\Samir\Documents\Foto0220.jpg
    [2010.07.04 16:40:42 | 002,000,282 | ---- | C] () -- C:\Users\Samir\Documents\Foto0221.jpg
    [2010.07.04 16:19:34 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2010.06.30 14:44:00 | 000,002,266 | ---- | C] () -- C:\Users\Samir\Desktop\Scanner.lnk
    [2010.06.29 08:52:29 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.06.28 12:56:20 | 000,000,498 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Samir.job
    [2010.06.28 12:56:19 | 000,001,085 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
    [2010.06.28 12:56:14 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini
    [2010.06.26 13:33:55 | 000,001,245 | ---- | C] () -- C:\Users\Samir\Desktop\DVDVideoSoft Free Studio.lnk
    [2010.06.25 14:13:56 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2010.06.25 14:06:42 | 000,077,824 | ---- | C] () -- C:\Windows\KMService.exe
    [2010.06.25 14:06:41 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
    [2010.06.24 15:14:07 | 000,524,288 | -HS- | C] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TMContainer00000000000000000002.regtrans-ms
    [2010.06.24 15:14:07 | 000,524,288 | -HS- | C] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TMContainer00000000000000000001.regtrans-ms
    [2010.06.24 15:14:07 | 000,065,536 | -HS- | C] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TM.blf
    [2010.06.22 11:48:44 | 000,066,644 | ---- | C] () -- C:\Users\Samir\Desktop\pic21487.jpg
    [2010.06.17 12:28:41 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100617.log
    [2010.06.15 13:57:02 | 000,006,003 | ---- | C] () -- C:\Users\Samir\Desktop\app_full_proxy.php.jpg
    [2010.06.09 01:04:41 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100609.log
    [2010.05.29 13:44:15 | 000,063,720 | ---- | C] () -- C:\Users\Samir\long.jpg
    [2010.05.29 13:44:08 | 000,019,968 | -HS- | C] () -- C:\Users\Samir\Thumbs.db
    [2010.05.29 13:43:42 | 000,005,118 | ---- | C] () -- C:\Users\Samir\bar.jpg
    [2010.05.24 00:27:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
    [2010.05.21 14:18:09 | 000,001,118 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689079528-3819561334-3384744718-1000UA.job
    [2010.05.21 14:18:09 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689079528-3819561334-3384744718-1000Core.job
    [2010.05.21 12:27:21 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100521.log
    [2010.05.19 11:36:30 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100519.log
    [2010.05.18 16:58:41 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100518.log
    [2010.05.17 21:30:09 | 000,000,174 | ---- | C] () -- C:\ProgramData\OutlookFail.20100517.log
    [2010.05.11 15:37:27 | 000,000,063 | ---- | C] () -- C:\Users\Samir\Documents\lkanguage.sps
    [2010.05.11 15:37:11 | 000,001,098 | ---- | C] () -- C:\Users\Samir\Documents\laqnguage.spv
    [2010.05.11 15:23:55 | 000,001,039 | ---- | C] () -- C:\Users\Samir\Documents
     
  10. #9 peterswerder, 22.07.2010
    peterswerder

    peterswerder Neuer Benutzer

    Dabei seit:
    15.07.2010
    Beiträge:
    12
    Zustimmungen:
    0
    \lang.spv
    [2010.05.11 15:21:14 | 000,001,035 | ---- | C] () -- C:\Users\Samir\Documents\language.spv
    [2010.05.10 23:05:44 | 000,000,523 | ---- | C] () -- C:\ProgramData\OutlookFail.20100510.log
    [2010.05.10 20:27:03 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
    [2010.05.09 23:18:37 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100509.log
    [2010.05.09 14:35:46 | 000,000,600 | ---- | C] () -- C:\Users\Samir\PUTTY.RND
    [2010.05.09 14:06:29 | 018,499,623 | ---- | C] () -- C:\Users\Samir\Documents\vlc-1.0.5-win32.exe
    [2010.05.07 21:14:45 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010.05.07 21:14:45 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010.05.07 21:09:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2010.05.07 20:55:01 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_K52Jr.alu
    [2010.05.07 20:33:49 | 000,524,288 | -HS- | C] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
    [2010.05.07 20:33:49 | 000,524,288 | -HS- | C] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
    [2010.05.07 20:33:49 | 000,262,144 | -HS- | C] () -- C:\Users\Samir\ntuser.dat.LOG1
    [2010.05.07 20:33:49 | 000,065,536 | -HS- | C] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
    [2010.05.07 20:33:49 | 000,000,020 | -HS- | C] () -- C:\Users\Samir\ntuser.ini
    [2010.05.07 20:33:49 | 000,000,000 | -HS- | C] () -- C:\Users\Samir\ntuser.dat.LOG2
    [2010.05.07 20:33:48 | 006,029,312 | -HS- | C] () -- C:\Users\Samir\ntuser.dat
    [2010.05.07 12:32:19 | 3105,259,520 | -HS- | C] () -- C:\hiberfil.sys
    [2010.01.23 19:03:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
    [2009.08.19 10:33:09 | 000,000,035 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
    [2009.07.29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
    [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

    ========== LOP Check ==========

    [2010.05.18 19:09:40 | 000,000,000 | -HSD | M] -- C:\Users\Samir\AppData\Roaming\.#
    [2010.05.08 11:12:49 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Asus WebStorage
    [2010.05.10 20:33:01 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\DAEMON Tools Lite
    [2010.06.26 13:34:01 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpers
    [2010.05.18 19:09:21 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\GameConsole
    [2010.07.14 15:49:07 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\ICQ
    [2010.05.10 20:46:27 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Leadertech
    [2010.07.21 15:26:41 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\UseNeXT
    [2010.06.29 12:53:50 | 000,032,618 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < Code: >

    < --------- >

    < %SYSTEMDRIVE%\*.* >
    [2009.06.15 13:11:59 | 000,000,054 | ---- | M] () -- C:\AdobeReader.log
    [2009.07.14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
    [2009.07.29 08:03:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
    [2010.01.23 19:08:12 | 000,014,645 | ---- | M] () -- C:\devlist.txt
    [2010.01.23 19:08:12 | 000,000,009 | ---- | M] () -- C:\Finish.log
    [2010.07.22 12:01:17 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys
    [2010.01.23 18:59:53 | 000,963,209 | ---- | M] () -- C:\inject.log.txt
    [2009.12.18 07:17:27 | 002,097,152 | -H-- | M] () -- C:\K52Jr.BIN
    [2009.12.21 05:14:26 | 000,000,019 | ---- | M] () -- C:\K52JR_K62JR_WIN7.20
    [2009.12.01 04:15:57 | 002,097,152 | -H-- | M] () -- C:\K62Jr.BIN
    [2009.06.12 03:32:00 | 000,000,057 | ---- | M] () -- C:\OFFICE2007_L.TXT
    [2010.07.22 12:01:19 | 4140,347,392 | -HS- | M] () -- C:\pagefile.sys
    [2010.01.23 04:26:10 | 000,000,146 | ---- | M] () -- C:\Pass.txt
    [2009.12.17 07:48:04 | 000,000,277 | ---- | M] () -- C:\Patch_Win7.log
    [2009.12.21 05:14:26 | 000,000,014 | ---- | M] () -- C:\RECOVERY.DAT
    [2010.01.23 19:04:14 | 000,000,090 | ---- | M] () -- C:\setup.log
    [2006.05.14 10:22:24 | 000,000,005 | ---- | M] () -- C:\store.log
    [2010.01.23 18:18:05 | 000,000,170 | ---- | M] () -- C:\SumHidd.txt
    [2010.01.23 18:16:35 | 000,000,098 | ---- | M] () -- C:\SumOS.txt
    [2009.09.16 20:04:46 | 000,000,024 | ---- | M] () -- C:\v82.txt

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\System32\config\*.sav >
    Invalid Switch: lockedfiles %systemroot%\System32\config\*.sav

    < %systemroot%\system32\drivers\*.sys /90 >
     
  11. #10 peterswerder, 22.07.2010
    peterswerder

    peterswerder Neuer Benutzer

    Dabei seit:
    15.07.2010
    Beiträge:
    12
    Zustimmungen:
    0
    [2010.06.25 04:47:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
    [2010.06.25 04:47:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
    [2010.06.25 04:47:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

    O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
    O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
    O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
    O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
    O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
    O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
    O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
    O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
    O4 - HKCU..\Run: [GMX SMS-Manager] C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe (1&1 Internet AG)
    O4 - HKCU..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
    O4 - Startup: C:\Users\Samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
    O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
    O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
    O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
    O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
    O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
    O13 - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
     
  12. #11 peterswerder, 22.07.2010
    peterswerder

    peterswerder Neuer Benutzer

    Dabei seit:
    15.07.2010
    Beiträge:
    12
    Zustimmungen:
    0
    O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
    O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
    O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
    O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
    O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
    O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
    O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
    O4 - HKLM..\Run: [BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
    O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
    O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
    O4 - HKCU..\Run: [GMX SMS-Manager] C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe (1&1 Internet AG)
    O4 - HKCU..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
    O4 - Startup: C:\Users\Samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
    O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
    O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
    O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
    O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
    O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
    O13 - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
    O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{e9479de9-5c61-11df-baad-e0cb4e36e3e2}\Shell - "" = AutoRun
    O33 - MountPoints2\{e9479de9-5c61-11df-baad-e0cb4e36e3e2}\Shell\AutoRun\command - "" = F:\SETUP.EXE -- File not found
    O33 - MountPoints2\{e9479de9-5c61-11df-baad-e0cb4e36e3e2}\Shell\configure\command - "" = F:\SETUP.EXE -- File not found
    O33 - MountPoints2\{e9479de9-5c61-11df-baad-e0cb4e36e3e2}\Shell\install\command - "" = F:\SETUP.EXE -- File not found
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*


    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 90 Days ==========

    [2010.07.22 13:46:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
    [2010.07.22 01:57:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2010.07.22 01:54:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
    [2010.07.22 01:48:43 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\MFTools
    [2010.07.15 20:07:29 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\GooredFix Backups
    [2010.07.14 00:04:51 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Avira
    [2010.07.07 17:15:14 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
    [2010.07.07 17:15:14 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
    [2010.07.07 17:15:14 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys
    [2010.07.07 17:15:14 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys
    [2010.07.07 17:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
    [2010.07.07 17:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
    [2010.07.04 17:35:12 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\ICQ
    [2010.06.29 16:08:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
    [2010.06.29 08:52:37 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Malwarebytes
    [2010.06.29 08:52:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    [2010.06.29 08:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2010.06.29 08:52:24 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2010.06.29 08:52:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2010.06.28 15:32:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
    [2010.06.28 15:32:26 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
    [2010.06.28 15:32:15 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\ICQ
    [2010.06.28 15:32:14 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\AOL
     
  13. #12 peterswerder, 22.07.2010
    peterswerder

    peterswerder Neuer Benutzer

    Dabei seit:
    15.07.2010
    Beiträge:
    12
    Zustimmungen:
    0
    [2010.06.28 15:32:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
    [2010.06.28 13:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
    [2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
    [2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64
    [2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
    [2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
    [2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0207030.022
    [2010.06.28 12:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
    [2010.06.28 12:56:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
    [2010.06.28 01:36:43 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\DivX
    [2010.06.28 01:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
    [2010.06.28 01:36:11 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
    [2010.06.28 01:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
    [2010.06.28 01:34:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
    [2010.06.28 01:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
    [2010.06.26 13:34:01 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpers
    [2010.06.26 13:33:54 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\DVDVideoSoft
    [2010.06.26 13:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
    [2010.06.26 13:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
    [2010.06.25 14:10:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
    [2010.06.25 13:34:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
    [2010.06.25 13:34:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
    [2010.06.25 13:33:43 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
    [2010.06.25 13:33:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
    [2010.06.24 13:20:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
    [2010.06.07 16:08:29 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\Diplomarbeit Wagner
    [2010.05.29 14:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabelFish
    [2010.05.29 14:09:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
    [2010.05.26 15:47:28 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Diagnostics
    [2010.05.25 20:09:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
    [2010.05.24 21:06:51 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\Meine empfangenen Dateien
    [2010.05.21 14:19:06 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\Downloads
    [2010.05.18 19:09:21 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\GameConsole
    [2010.05.18 19:09:13 | 000,000,000 | -HSD | C] -- C:\Users\Samir\AppData\Roaming\.#
    [2010.05.16 20:06:40 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\Ufü
    [2010.05.16 19:58:38 | 000,000,000 | ---D | C] -- C:\Users\Samir\laptop
    [2010.05.16 15:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
    [2010.05.15 13:58:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
    [2010.05.11 14:53:50 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\SafeNet Sentinel
    [2010.05.11 14:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
    [2010.05.11 14:53:50 | 000,000,000 | ---D | C] -- C:\Users\Samir\.spss
    [2010.05.11 12:12:46 | 000,000,000 | ---D | C] -- C:\Users\Samir\Tracing
    [2010.05.10 20:47:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
    [2010.05.10 20:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
    [2010.05.10 20:46:27 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Leadertech
    [2010.05.10 20:32:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
    [2010.05.10 20:26:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
    [2010.05.10 20:25:09 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\DAEMON Tools Lite
    [2010.05.10 20:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
    [2010.05.10 18:55:52 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\CyberLink
    [2010.05.10 18:40:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
    [2010.05.10 18:40:30 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Microsoft Help
    [2010.05.10 17:04:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\WinRAR
    [2010.05.10 17:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
    [2010.05.10 11:16:43 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\ASUS
    [2010.05.10 11:16:34 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
    [2010.05.10 11:16:33 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\ASUS
    [2010.05.09 23:26:35 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Boss Media
    [2010.05.09 23:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Boss Media
    [2010.05.09 23:26:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ParadisePoker
    [2010.05.09 23:19:16 | 000,000,000 | ---D | C] -- C:\Casino
    [2010.05.09 14:29:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Service
    [2010.05.09 14:12:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast
    [2010.05.09 14:11:43 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\SopCast329
    [2010.05.09 14:05:51 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\vlc
    [2010.05.09 14:04:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
    [2010.05.09 14:00:04 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\UseNeXT
    [2010.05.09 14:00:03 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\UseNeXT
    [2010.05.09 13:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UseNeXT
    [2010.05.09 12:01:50 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\TVU Networks
    [2010.05.09 12:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
    [2010.05.09 12:00:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\TVUAx
    [2010.05.08 16:15:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2010.05.08 15:58:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GMX
    [2010.05.08 15:01:29 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Adobe
    [2010.05.08 11:04:47 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Asus WebStorage
    [2010.05.07 23:40:42 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Microsoft Games
    [2010.05.07 23:08:59 | 000,000,000 | ---D | C] -- C:\Programs
    [2010.05.07 21:18:31 | 002,007,056 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\vsapint.sys
    [2010.05.07 21:18:31 | 000,265,744 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmxpflt.sys
    [2010.05.07 21:18:31 | 000,042,000 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmpreflt.sys
    [2010.05.07 21:09:05 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\skypePM
    [2010.05.07 21:06:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log
    [2010.05.07 21:04:20 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Skype
    [2010.05.07 21:04:12 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Google
    [2010.05.07 21:04:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
    [2010.05.07 21:03:47 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
    [2010.05.07 21:03:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
    [2010.05.07 21:03:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
    [2010.05.07 21:00:46 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Mozilla
    [2010.05.07 21:00:46 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Mozilla
    [2010.05.07 21:00:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2010.05.07 20:56:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Macromedia
    [2010.05.07 20:56:48 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Adobe
    [2010.05.07 20:45:01 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\ASUS WebStorage
    [2010.05.07 20:45:00 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\ATI
    [2010.05.07 20:45:00 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\ATI
    [2010.05.07 20:44:59 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\SRS Labs
    [2010.05.07 20:44:39 | 000,000,000 | R--D | C] -- C:\Users\Samir\Searches
    [2010.05.07 20:44:32 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Identities
    [2010.05.07 20:44:27 | 000,000,000 | R--D | C] -- C:\Users\Samir\Contacts
    [2010.05.07 20:41:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
    [2010.05.07 20:41:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
    [2010.05.07 20:41:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
    [2010.05.07 20:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
    [2010.05.07 20:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    [2010.05.07 20:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
    [2010.05.07 20:36:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
    [2010.05.07 20:36:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
    [2010.05.07 20:36:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
    [2010.05.07 20:34:48 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Power2Go
    [2010.05.07 20:34:44 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\VirtualStore
    [2010.05.07 20:34:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
    [2010.05.07 20:34:17 | 000,000,000 | -H-D | C] -- C:\asus.dat
    [2010.05.07 20:33:49 | 000,000,000 | --SD | C] -- C:\Users\Samir\AppData\Roaming\Microsoft
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Videos
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Saved Games
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Pictures
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Music
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Links
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Favorites
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Downloads
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Documents
    [2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Desktop
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Vorlagen
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\AppData\Local\Verlauf
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\AppData\Local\Temporary Internet Files
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Startmenü
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\SendTo
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Recent
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Netzwerkumgebung
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Lokale Einstellungen
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Documents\Eigene Videos
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Documents\Eigene Musik
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Eigene Dateien
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Documents\Eigene Bilder
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Druckumgebung
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Cookies
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\AppData\Local\Anwendungsdaten
    [2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Anwendungsdaten
    [2010.05.07 20:33:49 | 000,000,000 | -H-D | C] -- C:\Users\Samir\AppData
    [2010.05.07 20:33:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Temp
    [2010.05.07 20:33:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Microsoft
    [2010.05.07 20:33:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Media Center Programs
    [2010.04.27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl

    ========== Files - Modified Within 90 Days ==========

    [2010.07.22 16:50:35 | 006,029,312 | -HS- | M] () -- C:\Users\Samir\ntuser.dat
    [2010.07.22 16:31:00 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689079528-3819561334-3384744718-1000UA.job
    [2010.07.22 16:26:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010.07.22 13:49:00 | 000,081,842 | ---- | M] () -- C:\Users\Samir\Documents\cc_20100722_134840.reg
    [2010.07.22 13:46:11 | 000,001,013 | ---- | M] () -- C:\Users\Samir\Desktop\CCleaner.lnk
    [2010.07.22 12:08:54 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010.07.22 12:08:54 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010.07.22 12:02:02 | 000,001,878 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
    [2010.07.22 12:01:30 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010.07.22 12:01:26 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010.07.22 12:01:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010.07.22 12:01:17 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys
    [2010.07.22 03:51:35 | 003,369,885 | -H-- | M] () -- C:\Users\Samir\AppData\Local\IconCache.db
    [2010.07.22 01:54:19 | 000,001,110 | ---- | M] () -- C:\Users\Samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2010.07.22 01:54:17 | 000,000,930 | ---- | M] () -- C:\Users\Samir\Desktop\NTREGOPT.lnk
    [2010.07.22 01:54:17 | 000,000,911 | ---- | M] () -- C:\Users\Samir\Desktop\ERUNT.lnk
    [2010.07.22 01:40:57 | 000,122,360 | ---- | M] () -- C:\Users\Samir\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010.07.22 01:40:43 | 000,446,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2010.07.18 22:02:43 | 000,313,899 | ---- | M] () -- C:\Users\Samir\Desktop\DSC00276.JPG
    [2010.07.15 18:47:00 | 000,000,498 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Samir.job
    [2010.07.13 11:47:01 | 000,001,617 | ---- | M] () -- C:\Users\Samir\Desktop\DivX Movies.lnk
    [2010.07.13 11:46:20 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
    [2010.07.10 04:31:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689079528-3819561334-3384744718-1000Core.job
    [2010.07.09 15:01:33 | 000,419,012 | ---- | M] () -- C:\Users\Samir\Desktop\la mienne.jpg
    [2010.07.07 23:31:08 | 000,001,333 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
    [2010.07.07 17:15:17 | 000,002,072 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
    [2010.07.07 16:59:18 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
    [2010.07.07 16:55:14 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
    [2010.07.04 16:19:34 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2010.07.04 03:11:26 | 002,000,282 | ---- | M] () -- C:\Users\Samir\Documents\Foto0221.jpg
    [2010.06.30 15:20:17 | 001,480,602 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2010.06.30 15:20:17 | 000,647,376 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
    [2010.06.30 15:20:17 | 000,610,094 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2010.06.30 15:20:17 | 000,127,404 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
    [2010.06.30 15:20:17 | 000,104,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2010.06.30 14:44:00 | 000,002,266 | ---- | M] () -- C:\Users\Samir\Desktop\Scanner.lnk
    [2010.06.30 14:13:40 | 001,785,991 | ---- | M] () -- C:\Users\Samir\Documents\Foto0220.jpg
    [2010.06.29 08:52:29 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.06.28 12:56:19 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
    [2010.06.28 12:56:14 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini
    [2010.06.26 13:33:59 | 000,001,245 | ---- | M] () -- C:\Users\Samir\Desktop\DVDVideoSoft Free Studio.lnk
    [2010.06.25 14:13:56 | 001,500,444 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2010.06.25 14:06:05 | 000,077,824 | ---- | M] () -- C:\Windows\KMService.exe
    [2010.06.25 13:44:38 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
    [2010.06.24 16:58:09 | 000,524,288 | -HS- | M] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TMContainer00000000000000000002.regtrans-ms
    [2010.06.24 16:58:09 | 000,524,288 | -HS- | M] () -- C:\Users\Samir
     
  14. #13 peterswerder, 22.07.2010
    peterswerder

    peterswerder Neuer Benutzer

    Dabei seit:
    15.07.2010
    Beiträge:
    12
    Zustimmungen:
    0
    \ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TMContainer00000000000000000001.regtrans-ms
    [2010.06.24 16:58:09 | 000,065,536 | -HS- | M] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TM.blf
    [2010.06.22 11:48:44 | 000,066,644 | ---- | M] () -- C:\Users\Samir\Desktop\pic21487.jpg
    [2010.06.15 13:57:02 | 000,006,003 | ---- | M] () -- C:\Users\Samir\Desktop\app_full_proxy.php.jpg
    [2010.06.08 19:02:47 | 000,063,720 | ---- | M] () -- C:\Users\Samir\long.jpg
    [2010.05.29 13:43:43 | 000,005,118 | ---- | M] () -- C:\Users\Samir\bar.jpg
    [2010.05.24 00:27:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
    [2010.05.11 15:37:27 | 000,000,063 | ---- | M] () -- C:\Users\Samir\Documents\lkanguage.sps
    [2010.05.11 15:37:11 | 000,001,098 | ---- | M] () -- C:\Users\Samir\Documents\laqnguage.spv
    [2010.05.11 15:29:47 | 000,001,035 | ---- | M] () -- C:\Users\Samir\Documents\language.spv
    [2010.05.11 15:23:56 | 000,001,039 | ---- | M] () -- C:\Users\Samir\Documents\lang.spv
    [2010.05.10 20:27:03 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
    [2010.05.09 15:39:22 | 000,000,600 | ---- | M] () -- C:\Users\Samir\PUTTY.RND
    [2010.05.09 14:06:59 | 018,499,623 | ---- | M] () -- C:\Users\Samir\Documents\vlc-1.0.5-win32.exe
    [2010.05.08 10:53:25 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
    [2010.05.07 21:09:06 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
    [2010.05.07 21:04:41 | 000,524,288 | -HS- | M] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
    [2010.05.07 21:04:41 | 000,524,288 | -HS- | M] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
    [2010.05.07 21:04:41 | 000,065,536 | -HS- | M] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
    [2010.05.07 20:55:01 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_K52Jr.alu
    [2010.05.07 20:33:49 | 000,000,020 | -HS- | M] () -- C:\Users\Samir\ntuser.ini
    [2010.05.07 12:35:03 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
    [2010.05.07 12:35:03 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
    [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    [2010.04.29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2010.04.27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl

    ========== Files Created - No Company Name ==========

    [2010.07.22 13:48:46 | 000,081,842 | ---- | C] () -- C:\Users\Samir\Documents\cc_20100722_134840.reg
    [2010.07.22 13:46:11 | 000,001,013 | ---- | C] () -- C:\Users\Samir\Desktop\CCleaner.lnk
    [2010.07.22 01:54:19 | 000,001,110 | ---- | C] () -- C:\Users\Samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
    [2010.07.22 01:54:17 | 000,000,930 | ---- | C] () -- C:\Users\Samir\Desktop\NTREGOPT.lnk
    [2010.07.22 01:54:17 | 000,000,911 | ---- | C] () -- C:\Users\Samir\Desktop\ERUNT.lnk
    [2010.07.18 22:02:39 | 000,313,899 | ---- | C] () -- C:\Users\Samir\Desktop\DSC00276.JPG
    [2010.07.13 11:47:01 | 000,001,617 | ---- | C] () -- C:\Users\Samir\Desktop\DivX Movies.lnk
    [2010.07.13 11:46:20 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
    [2010.07.09 15:01:27 | 000,419,012 | ---- | C] () -- C:\Users\Samir\Desktop\la mienne.jpg
    [2010.07.07 17:15:17 | 000,002,072 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
    [2010.07.04 16:40:55 | 001,785,991 | ---- | C] () -- C:\Users\Samir\Documents\Foto0220.jpg
    [2010.07.04 16:40:42 | 002,000,282 | ---- | C] () -- C:\Users\Samir\Documents\Foto0221.jpg
    [2010.07.04 16:19:34 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2010.06.30 14:44:00 | 000,002,266 | ---- | C] () -- C:\Users\Samir\Desktop\Scanner.lnk
    [2010.06.29 08:52:29 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
    [2010.06.28 12:56:20 | 000,000,498 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Samir.job
    [2010.06.28 12:56:19 | 000,001,085 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
    [2010.06.28 12:56:14 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\isolate.ini
    [2010.06.26 13:33:55 | 000,001,245 | ---- | C] () -- C:\Users\Samir\Desktop\DVDVideoSoft Free Studio.lnk
    [2010.06.25 14:13:56 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2010.06.25 14:06:42 | 000,077,824 | ---- | C] () -- C:\Windows\KMService.exe
    [2010.06.25 14:06:41 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
    [2010.06.24 15:14:07 | 000,524,288 | -HS- | C] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TMContainer00000000000000000002.regtrans-ms
    [2010.06.24 15:14:07 | 000,524,288 | -HS- | C] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TMContainer00000000000000000001.regtrans-ms
    [2010.06.24 15:14:07 | 000,065,536 | -HS- | C] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TM.blf
    [2010.06.22 11:48:44 | 000,066,644 | ---- | C] () -- C:\Users\Samir\Desktop\pic21487.jpg
    [2010.06.17 12:28:41 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100617.log
    [2010.06.15 13:57:02 | 000,006,003 | ---- | C] () -- C:\Users\Samir\Desktop\app_full_proxy.php.jpg
    [2010.06.09 01:04:41 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100609.log
    [2010.05.29 13:44:15 | 000,063,720 | ---- | C] () -- C:\Users\Samir\long.jpg
    [2010.05.29 13:44:08 | 000,019,968 | -HS- | C] () -- C:\Users\Samir\Thumbs.db
    [2010.05.29 13:43:42 | 000,005,118 | ---- | C] () -- C:\Users\Samir\bar.jpg
    [2010.05.24 00:27:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
    [2010.05.21 14:18:09 | 000,001,118 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689079528-3819561334-3384744718-1000UA.job
    [2010.05.21 14:18:09 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689079528-3819561334-3384744718-1000Core.job
    [2010.05.21 12:27:21 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100521.log
    [2010.05.19 11:36:30 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100519.log
    [2010.05.18 16:58:41 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100518.log
    [2010.05.17 21:30:09 | 000,000,174 | ---- | C] () -- C:\ProgramData\OutlookFail.20100517.log
    [2010.05.11 15:37:27 | 000,000,063 | ---- | C] () -- C:\Users\Samir\Documents\lkanguage.sps
    [2010.05.11 15:37:11 | 000,001,098 | ---- | C] () -- C:\Users\Samir\Documents\laqnguage.spv
    [2010.05.11 15:23:55 | 000,001,039 | ---- | C] () -- C:\Users\Samir\Documents\lang.spv
    [2010.05.11 15:21:14 | 000,001,035 | ---- | C] () -- C:\Users\Samir\Documents\language.spv
    [2010.05.10 23:05:44 | 000,000,523 | ---- | C] () -- C:\ProgramData\OutlookFail.20100510.log
    [2010.05.10 20:27:03 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
    [2010.05.09 23:18:37 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100509.log
    [2010.05.09 14:35:46 | 000,000,600 | ---- | C] () -- C:\Users\Samir\PUTTY.RND
    [2010.05.09 14:06:29 | 018,499,623 | ---- | C] () -- C:\Users\Samir\Documents\vlc-1.0.5-win32.exe
    [2010.05.07 21:14:45 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010.05.07 21:14:45 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010.05.07 21:09:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2010.05.07 20:55:01 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_K52Jr.alu
    [2010.05.07 20:33:49 | 000,524,288 | -HS- | C] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
    [2010.05.07 20:33:49 | 000,524,288 | -HS- | C] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
    [2010.05.07 20:33:49 | 000,262,144 | -HS- | C] () -- C:\Users\Samir\ntuser.dat.LOG1
    [2010.05.07 20:33:49 | 000,065,536 | -HS- | C] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
    [2010.05.07 20:33:49 | 000,000,020 | -HS- | C] () -- C:\Users\Samir\ntuser.ini
    [2010.05.07 20:33:49 | 000,000,000 | -HS- | C] () -- C:\Users\Samir\ntuser.dat.LOG2
    [2010.05.07 20:33:48 | 006,029,312 | -HS- | C] () -- C:\Users\Samir\ntuser.dat
    [2010.05.07 12:32:19 | 3105,259,520 | -HS- | C] () -- C:\hiberfil.sys
    [2010.01.23 19:03:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
    [2009.08.19 10:33:09 | 000,000,035 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
    [2009.07.29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
    [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

    ========== LOP Check ==========

    [2010.05.18 19:09:40 | 000,000,000 | -HSD | M] -- C:\Users\Samir\AppData\Roaming\.#
    [2010.05.08 11:12:49 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Asus WebStorage
    [2010.05.10 20:33:01 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\DAEMON Tools Lite
    [2010.06.26 13:34:01 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpers
    [2010.05.18 19:09:21 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\GameConsole
    [2010.07.14 15:49:07 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\ICQ
    [2010.05.10 20:46:27 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Leadertech
    [2010.07.21 15:26:41 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\UseNeXT
    [2010.06.29 12:53:50 | 000,032,618 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========


    < Code: >

    < --------- >

    < %SYSTEMDRIVE%\*.* >
    [2009.06.15 13:11:59 | 000,000,054 | ---- | M] () -- C:\AdobeReader.log
    [2009.07.14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
    [2009.07.29 08:03:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
    [2010.01.23 19:08:12 | 000,014,645 | ---- | M] () -- C:\devlist.txt
    [2010.01.23 19:08:12 | 000,000,009 | ---- | M] () -- C:\Finish.log
    [2010.07.22 12:01:17 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys
    [2010.01.23 18:59:53 | 000,963,209 | ---- | M] () -- C:\inject.log.txt
    [2009.12.18 07:17:27 | 002,097,152 | -H-- | M] () -- C:\K52Jr.BIN
    [2009.12.21 05:14:26 | 000,000,019 | ---- | M] () -- C:\K52JR_K62JR_WIN7.20
    [2009.12.01 04:15:57 | 002,097,152 | -H-- | M] () -- C:\K62Jr.BIN
    [2009.06.12 03:32:00 | 000,000,057 | ---- | M] () -- C:\OFFICE2007_L.TXT
    [2010.07.22 12:01:19 | 4140,347,392 | -HS- | M] () -- C:\pagefile.sys
    [2010.01.23 04:26:10 | 000,000,146 | ---- | M] () -- C:\Pass.txt
    [2009.12.17 07:48:04 | 000,000,277 | ---- | M] () -- C:\Patch_Win7.log
    [2009.12.21 05:14:26 | 000,000,014 | ---- | M] () -- C:\RECOVERY.DAT
    [2010.01.23 19:04:14 | 000,000,090 | ---- | M] () -- C:\setup.log
    [2006.05.14 10:22:24 | 000,000,005 | ---- | M] () -- C:\store.log
    [2010.01.23 18:18:05 | 000,000,170 | ---- | M] () -- C:\SumHidd.txt
    [2010.01.23 18:16:35 | 000,000,098 | ---- | M] () -- C:\SumOS.txt
    [2009.09.16 20:04:46 | 000,000,024 | ---- | M] () -- C:\v82.txt

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\System32\config\*.sav >
    Invalid Switch: lockedfiles %systemroot%\System32\config\*.sav

    < %systemroot%\system32\drivers\*.sys /90 >
    [2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys

    < %systemroot%\system32\user32.dll /md5 >
    [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll

    < %systemroot%\system32\ws2_32.dll /md5 >
    [2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll

    < %systemroot%\system32\ws2help.dll /md5 >
    [2009.07.14 03:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- C:\Windows\SysWOW64\ws2help.dll

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA
    @Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:A724744F

    < End of report >und hier die logfile von malwarebytes


    Malwarebytes' Anti-Malware 1.46
    Malwarebytes

    Datenbank Version: 4252

    Windows 6.1.7600
    Internet Explorer 8.0.7600.16385

    29.06.2010 09:53:07
    mbam-log-2010-06-29 (09-53-07).txt

    Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
    Durchsuchte Objekte: 226378
    Laufzeit: 55 Minute(n), 29 Sekunde(n)

    Infizierte Speicherprozesse: 0
    Infizierte Speichermodule: 0
    Infizierte Registrierungsschlüssel: 4
    Infizierte Registrierungswerte: 0
    Infizierte Dateiobjekte der Registrierung: 0
    Infizierte Verzeichnisse: 0
    Infizierte Dateien: 4

    Infizierte Speicherprozesse:
    (Keine bösartigen Objekte gefunden)

    Infizierte Speichermodule:
    (Keine bösartigen Objekte gefunden)

    Infizierte Registrierungsschlüssel:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\t1bfuvim6vkmi (Adware.BHO) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{662868dd-c207-0a34-5821-cd2f69d447c0} (Adware.AdRotator) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{662868dd-c207-0a34-5821-cd2f69d447c0} (Adware.AdRotator) -> Quarantined and deleted successfully.

    Infizierte Registrierungswerte:
    (Keine bösartigen Objekte gefunden)

    Infizierte Dateiobjekte der Registrierung:
    (Keine bösartigen Objekte gefunden)

    Infizierte Verzeichnisse:
    (Keine bösartigen Objekte gefunden)

    Infizierte Dateien:
    C:\Users\Samir\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0FAY8PQJ\setup[1].exe (Adware.BHO) -> Quarantined and deleted successfully.
    C:\Windows\System32\T1BfUVIM6vkMi.exe (Adware.BHO) -> Quarantined and deleted successfully.
    C:\Windows\SysWOW64\T1BfUVIM6vkMi.exe (Adware.BHO) -> Quarantined and deleted successfully.
    C:\Windows\SysWOW64\YPHvq-.dll (Adware.AdRotator) -> Quarantined and deleted successfully.



    extra.txt ist wieder was, von dem ich nicht weiß was du meinst..sorry...

    bin übrigens nach weiterer recherche im netzt sicher das es was mit babelfish zu tun hat.. Habe unter Start noch Babelfish stehen obwohl deinstalliert. Ein Unterpunkt heisst da uninstall loudmo. Leider kann ich es weder öffnen noch löschen, da dies nur ne Verknüpfung ist, die sich auf ein Element bezieht, das entweder verschoben oder geändert wurde. Vielleicht hilft dir das ja weiter....


    nochmals danke....
     
  15. Anzeige

    Es ist generell erstmal empfehlenswert alle ggf. veralteten oder fehlerhaften Treiber zu scannen und auf neue zu aktualisieren. Hier kannst du einen Treiber-Scanner downloaden. Das erspart oftmals viel Ärger und hilft gegen diverse Probleme.
    Registrieren bzw. einloggen, um diese und auch andere Anzeigen zu deaktivieren.
  16. #14 Larusso, 22.07.2010
    Larusso

    Larusso TB- Coach

    Dabei seit:
    14.02.2010
    Beiträge:
    240
    Zustimmungen:
    0
    Ort:
    tiny infected world
    • Starte bitte die OTL.exe.
      Vista und Win7 User mit Rechtsklick "als Administrator starten"
    • Kopiere nun den Inhalt in die [​IMG] Textbox.
    Code:
    :OTL
    [2010.05.29 14:09:22 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files (x86)\mozilla firefox\extensions\{2433bf0f-be7e-bbcd-dd68-c52537f49676}
    [2010.05.29 14:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabelFish
    [2010.05.29 14:09:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
    :services
    :files
    C:\Users\Samir\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\ERUNT AutoBackup.lnk 
    :reg
    :Commands
    [purity]
    [emptytemp]
    [reboot]
    
    • Schliesse bitte nun alle Programme.
    • Klicke nun bitte auf den Fix Button.
    • Klick auf [​IMG].
    • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
    • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
      ( Auch zu finden unter C:\_OTL\MovedFiles\<time_date>.txt)
      Kopiere nun den Inhalt hier in Deinen Thread


    Berichte ob die Umleitungen noch vorhanden sind
     
  17. #15 peterswerder, 23.07.2010
    peterswerder

    peterswerder Neuer Benutzer

    Dabei seit:
    15.07.2010
    Beiträge:
    12
    Zustimmungen:
    0
    All processes killed
    ========== OTL ==========
    C:\Program Files (x86)\mozilla firefox\extensions\{2433bf0f-be7e-bbcd-dd68-c52537f49676}\components folder moved successfully.
    C:\Program Files (x86)\mozilla firefox\extensions\{2433bf0f-be7e-bbcd-dd68-c52537f49676}\chrome folder moved successfully.
    C:\Program Files (x86)\mozilla firefox\extensions\{2433bf0f-be7e-bbcd-dd68-c52537f49676} folder moved successfully.
    C:\Program Files (x86)\BabelFish folder moved successfully.
    C:\Program Files (x86)\Conduit\Community Alerts folder moved successfully.
    C:\Program Files (x86)\Conduit folder moved successfully.
    ========== SERVICES/DRIVERS ==========
    ========== FILES ==========
    File\Folder C:\Users\Samir\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\ERUNT AutoBackup.lnk not found.
    ========== REGISTRY ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: AppData

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public

    User: Samir
    ->Temp folder emptied: 780713 bytes
    ->Temporary Internet Files folder emptied: 316616 bytes
    ->FireFox cache emptied: 119577190 bytes
    ->Google Chrome cache emptied: 0 bytes
    ->Flash cache emptied: 3120 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 608 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67765 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 115,00 mb


    OTL by OldTimer - Version 3.2.9.1 log created on 07232010_021519

    Files\Folders moved on Reboot...
    C:\Users\Samir\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    Registry entries deleted on Reboot...



    Scheint geklappt zu haben...riesig...gut das es euch gibt..vielen vielen Dank!!!!!!!!
     
Thema:

Powerded by Loudmo :(

Die Seite wird geladen...

Powerded by Loudmo :( - Ähnliche Themen

  1. Side by Side Konfiguration ungültig

    Side by Side Konfiguration ungültig: Wie oben schon beschrieben, komm dauerhaft diese Fehlermeldung "diese Anwendung konnte nicht gestartet werden, da die Side by Side Konfiguration...
  2. Stand by trotz Deaktivierung

    Stand by trotz Deaktivierung: Guten Abend, da ich ziemlich verzweifelt bin und Google keine genauen Ergebnisse findet, die ansatzweise mein Problem beschreibt, melde ich...
  3. Bilschirm geht in Stand By

    Bilschirm geht in Stand By: Hi Ich habe zurzeit ein Problem und zwar hab ich ein Spiel gezockt(1Jahr Lang) und mein Bildschirm ist dann in den Stand By Modus gegangen mir...
  4. DieStimme - Join Me In Death(Beat by Amaze)

    DieStimme - Join Me In Death(Beat by Amaze): Preview @ Youtube(click it) DOWNLOAD @ Rappers.in(click it) Hierbei handelt es sich um eine Coverversion eines alten HIM-Klassikers. Der...
  5. Side-by-Side-Konfiguration

    Side-by-Side-Konfiguration: Hallo, bei mir ist folgendes Problem aufgetraten: Ich möchte mir ein Video ansehen (.mp4-Datei)und bekomme diese Fehlermeldung: Diese...