Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Ebenfalls Googlsuche umgeleitet.

Ebenfalls Googlsuche umgeleitet.


Plagegeister aller Art und deren Bekämpfung: Ebenfalls Googlsuche umgeleitet.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.12.2010, 00:02   #1
Keksman
 
Ebenfalls Googlsuche umgeleitet. - Standard

Ebenfalls Googlsuche umgeleitet.


Hallo!
Wie viele andere hier, wird auch meine googlesuche umgeleitet auf seiten, die googlechrome als gefährlich einstuft.

Ich habe hier ein bisschen rumgelesen und in weiser vorraussicht OTL mit den anweisungen, die ich überall fandausgeführt.
Hier die logs:
OTL.txt
Zitat:
OTL logfile created on: 12/11/2010 11:36:09 PM - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Gronn\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 27.00% Memory free
6.00 Gb Paging File | 2.00 Gb Available in Paging File | 38.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186.30 Gb Total Space | 115.97 Gb Free Space | 62.25% Space Free | Partition Type: NTFS
Drive D: | 149.01 Gb Total Space | 107.32 Gb Free Space | 72.02% Space Free | Partition Type: NTFS

Computer Name: THRONEOFSKULLS | User Name: Gronn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Gronn\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Avira\AntiVir Desktop\avscan.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Users\Gronn\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avcenter.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
PRC - C:\Program Files\RocketDock\RocketDock.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\Gronn\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msvcp60.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Program Files\RocketDock\RocketDock.dll ()


========== Win32 Services (SafeList) ==========

SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys ()
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek Corporation )
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (mcdbus) -- C:\Windows\System32\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (ISODrive) -- C:\Program Files\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-297261443-1923447332-4187542452-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========




[2010/12/06 11:12:03 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Mozilla\Extensions
[2010/12/06 11:12:03 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Mozilla\Firefox\Profiles\uak1ozzo.default\extensions
[2009/10/09 10:28:09 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2009/06/10 13:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-297261443-1923447332-4187542452-1000..\Run: [{22CE9034-C535-82C8-28E3-98CEEA81E982}] C:\Users\Gronn\AppData\Roaming\Buabse\ruac.exe File not found
O4 - HKU\S-1-5-21-297261443-1923447332-4187542452-1000..\Run: [lpc] C:\Users\Gronn\AppData\Roaming\Sun\vvurpn.DLL (Sun Corporation)
O4 - HKU\S-1-5-21-297261443-1923447332-4187542452-1000..\Run: [Steam] C:\Games\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Gronn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: verbosestatus = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-21-297261443-1923447332-4187542452-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Program Files\iUSXMQkN\tixehcbh.exe) - C:\Program Files\iUSXMQkN\tixehcbh.exe File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 13:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0e23529f-0186-11e0-89b2-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0e23529f-0186-11e0-89b2-806e6f6e6963}\Shell\AutoRun\command - "" = E:\OblivionLauncher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)
SafeBootMin: Primary disk - Driver Group
SafeBootMin: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: Dhcp - C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: ndiscap - C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()


========== Files/Folders - Created Within 30 Days ==========

[2010/12/11 22:54:33 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Roaming\Sun
[2010/12/11 11:48:01 | 000,000,000 | ---D | C] -- C:\Program Files\iUSXMQkN
[2010/12/10 20:02:38 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010/12/10 20:02:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/12/10 20:02:34 | 000,098,392 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/12/10 19:59:51 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Local\Sunbelt Software
[2010/12/10 19:59:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
[2010/12/10 19:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010/12/10 19:58:35 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2010/12/10 19:42:49 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Roaming\Avira
[2010/12/10 18:39:30 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Roaming\xmldm
[2010/12/10 18:39:30 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Roaming\cock
[2010/12/10 17:53:17 | 000,000,000 | ---D | C] -- C:\Program Files\windows
[2010/12/10 07:37:31 | 000,000,000 | ---D | C] -- C:\Program Files\nBSyqADx
[2010/12/10 02:30:01 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/12/09 22:26:06 | 000,000,000 | ---D | C] -- C:\Windows\FOOK2
[2010/12/08 12:03:18 | 000,000,000 | ---D | C] -- C:\Users\Gronn\Documents\FOMM
[2010/12/08 09:07:55 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Local\FOMM
[2010/12/07 18:25:32 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010/12/07 18:24:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/12/07 18:24:03 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010/12/07 18:24:03 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010/12/07 18:24:03 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010/12/07 18:23:59 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010/12/07 16:49:07 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/12/07 16:49:07 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/12/07 16:49:06 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/12/07 16:49:06 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/12/07 16:49:06 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/12/07 16:49:06 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/12/07 16:49:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/12/07 16:49:06 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/12/07 16:49:06 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/12/07 16:49:06 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/12/07 16:49:06 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/12/07 16:48:50 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2010/12/07 16:48:50 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010/12/07 16:48:49 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/12/07 16:48:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/12/07 16:48:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/12/07 16:48:41 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010/12/07 16:48:40 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/12/07 16:48:40 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010/12/07 16:48:40 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/12/07 16:48:40 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010/12/07 16:48:17 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010/12/07 16:48:16 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2010/12/07 16:47:55 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010/12/07 16:47:51 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010/12/07 16:47:50 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/12/07 16:47:50 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/12/07 16:46:24 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010/12/07 16:46:22 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010/12/07 16:46:22 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010/12/07 16:45:24 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/12/07 16:45:20 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010/12/07 16:45:18 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/12/07 16:45:14 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/12/07 16:45:14 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/12/07 16:45:14 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/12/07 16:45:13 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/12/07 16:45:13 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/12/07 16:45:06 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/12/07 16:44:35 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010/12/07 16:44:33 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/12/07 16:44:32 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/12/07 16:44:32 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/12/07 16:44:32 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/12/07 16:44:32 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/12/07 16:44:32 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/12/07 16:44:32 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/12/07 16:44:32 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/12/07 16:44:32 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/12/07 16:44:30 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll
[2010/12/07 16:44:27 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/12/07 16:44:27 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/12/07 16:44:27 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/12/06 23:22:20 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Roaming\Buabse
[2010/12/06 20:36:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010/12/06 19:42:50 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Local\Oblivion
[2010/12/06 19:10:45 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/12/06 19:10:12 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010/12/06 19:10:11 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010/12/06 19:09:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2010/12/06 18:23:23 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010/12/06 18:21:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010/12/06 18:18:48 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Local\Fallout3
[2010/12/06 17:58:38 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010/12/06 17:58:38 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010/12/06 17:58:38 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010/12/06 17:58:38 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010/12/06 17:58:38 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010/12/06 17:58:38 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010/12/06 17:58:37 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010/12/06 17:58:37 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010/12/06 17:58:37 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010/12/06 17:58:37 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010/12/06 17:58:36 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010/12/06 17:58:36 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010/12/06 17:58:36 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010/12/06 17:58:36 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010/12/06 17:58:35 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010/12/06 17:58:35 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010/12/06 17:58:35 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010/12/06 17:58:34 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010/12/06 17:58:34 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010/12/06 17:58:34 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010/12/06 17:58:34 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010/12/06 17:58:34 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010/12/06 17:58:34 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010/12/06 17:58:33 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010/12/06 17:58:33 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010/12/06 17:58:33 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010/12/06 17:58:32 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010/12/06 17:58:32 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010/12/06 17:58:32 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010/12/06 17:58:32 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010/12/06 17:58:31 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010/12/06 17:58:31 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010/12/06 17:58:31 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010/12/06 17:58:31 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010/12/06 17:58:31 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010/12/06 17:58:30 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010/12/06 17:58:30 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010/12/06 17:58:30 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010/12/06 17:58:30 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010/12/06 17:58:27 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010/12/06 17:58:26 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010/12/06 17:58:26 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010/12/06 17:58:26 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010/12/06 17:58:26 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010/12/06 17:58:25 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010/12/06 17:58:25 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010/12/06 17:58:24 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010/12/06 17:58:24 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010/12/06 17:57:36 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010/12/06 17:57:35 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010/12/06 17:57:35 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010/12/06 17:57:35 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010/12/06 17:57:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive
[2010/12/06 16:59:22 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Roaming\Iriz
[2010/12/06 14:16:18 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010/12/06 14:13:36 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/12/06 14:12:32 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010/12/06 14:12:19 | 000,000,000 | -HSD | C] -- C:\Boot
[2010/12/06 12:32:47 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Roaming\Notepad++
[2010/12/06 12:31:41 | 000,000,000 | ---D | C] -- C:\Users\Gronn\Documents\My Games
[2010/12/06 12:31:41 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Local\FalloutNV
[2010/12/06 12:05:46 | 000,000,000 | ---D | C] -- C:\Games
[2010/12/06 12:02:49 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Roaming\WinRAR
[2010/12/06 11:54:59 | 000,116,736 | ---- | C] (MagicISO, Inc.) -- C:\Windows\System32\drivers\mcdbus.sys
[2010/12/06 11:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\MagicDisc
[2010/12/06 11:52:43 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Local\Google
[2010/12/06 11:50:06 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010/12/06 11:49:10 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010/12/06 11:45:28 | 000,000,000 | ---D | C] -- C:\ATI
[2010/12/06 11:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\EVEREST Home Edition
[2010/12/06 11:35:11 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/12/06 11:35:10 | 000,135,096 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/12/06 11:35:10 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/12/06 11:35:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/12/06 11:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/12/06 11:27:47 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/12/06 11:23:35 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Roaming\Macromedia
[2010/12/06 11:23:35 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Roaming\Adobe
[2010/12/06 11:20:23 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Roaming\foobar2000
[2010/12/06 11:20:19 | 000,000,000 | ---D | C] -- C:\Program Files\foobar2000
[2010/12/06 11:11:55 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Roaming\Mozilla
[2010/12/06 11:11:55 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Local\Mozilla
[2010/12/06 11:07:44 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Local\ElevatedDiagnostics
[2010/12/06 11:01:46 | 000,000,000 | R--D | C] -- C:\Users\Gronn\Searches
[2010/12/06 11:01:46 | 000,000,000 | -H-D | C] -- C:\Users\Gronn\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010/12/06 11:01:38 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Roaming\Identities
[2010/12/06 11:01:36 | 000,000,000 | R--D | C] -- C:\Users\Gronn\Contacts
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\AppData\Local\Temporary Internet Files
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\Templates
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\Start Menu
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\SendTo
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\Recent
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\PrintHood
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\NetHood
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\Documents\My Videos
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\Documents\My Pictures
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\Documents\My Music
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\My Documents
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\Local Settings
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\AppData\Local\History
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\Cookies
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\Application Data
[2010/12/06 11:01:29 | 000,000,000 | -HSD | C] -- C:\Users\Gronn\AppData\Local\Application Data
[2010/12/06 11:01:28 | 000,000,000 | --SD | C] -- C:\Users\Gronn\AppData\Roaming\Microsoft
[2010/12/06 11:01:28 | 000,000,000 | R--D | C] -- C:\Users\Gronn\Videos
[2010/12/06 11:01:28 | 000,000,000 | R--D | C] -- C:\Users\Gronn\Saved Games
[2010/12/06 11:01:28 | 000,000,000 | R--D | C] -- C:\Users\Gronn\Pictures
[2010/12/06 11:01:28 | 000,000,000 | R--D | C] -- C:\Users\Gronn\Music
[2010/12/06 11:01:28 | 000,000,000 | R--D | C] -- C:\Users\Gronn\Links
[2010/12/06 11:01:28 | 000,000,000 | R--D | C] -- C:\Users\Gronn\Favorites
[2010/12/06 11:01:28 | 000,000,000 | R--D | C] -- C:\Users\Gronn\Downloads
[2010/12/06 11:01:28 | 000,000,000 | R--D | C] -- C:\Users\Gronn\My Documents
[2010/12/06 11:01:28 | 000,000,000 | R--D | C] -- C:\Users\Gronn\Desktop
[2010/12/06 11:01:28 | 000,000,000 | -H-D | C] -- C:\Users\Gronn\AppData
[2010/12/06 11:01:28 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Local\Temp
[2010/12/06 11:01:28 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Local\Microsoft
[2010/12/06 11:01:28 | 000,000,000 | ---D | C] -- C:\Users\Gronn\AppData\Roaming\Media Center Programs
[2010/12/06 10:58:42 | 000,000,000 | ---D | C] -- C:\Program Files\PlayReady
[2010/12/06 10:58:10 | 000,000,000 | ---D | C] -- C:\Program Files\RocketDock
[2010/12/06 10:58:09 | 000,000,000 | ---D | C] -- C:\Windows\ICONS
[2010/12/06 10:58:06 | 000,000,000 | ---D | C] -- C:\Program Files\XnViewMP
[2010/12/06 10:58:05 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2010/12/06 10:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\Win7codecs
[2010/12/06 10:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs
[2010/12/06 10:57:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/12/06 10:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live
[2010/12/06 10:56:45 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/12/06 10:56:38 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2010/12/06 10:56:26 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/12/06 10:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/12/06 10:56:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)
[2010/12/06 10:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\UltraISO
[2010/12/06 10:55:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EZB Systems
[2010/12/06 10:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\Utilities
[2010/12/06 10:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\gs
[2010/12/06 10:55:14 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_40.dll
[2010/12/06 10:55:14 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_41.dll
[2010/12/06 10:55:14 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xaudio2_4.dll
[2010/12/06 10:55:14 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xaudio2_5.dll
[2010/12/06 10:55:14 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xaudio2_3.dll
[2010/12/06 10:55:14 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xaudio2_2.dll
[2010/12/06 10:55:14 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010/12/06 10:55:14 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010/12/06 10:55:14 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010/12/06 10:55:14 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010/12/06 10:55:14 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010/12/06 10:55:14 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010/12/06 10:55:14 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010/12/06 10:55:14 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_5.dll
[2010/12/06 10:55:14 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_6.dll
[2010/12/06 10:55:13 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_39.dll
[2010/12/06 10:55:12 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010/12/06 10:55:12 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcompiler_40.dll
[2010/12/06 10:55:12 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcompiler_42.dll
[2010/12/06 10:55:12 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcompiler_41.dll
[2010/12/06 10:55:12 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcompiler_39.dll
[2010/12/06 10:55:12 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010/12/06 10:55:12 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010/12/06 10:55:12 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010/12/06 10:55:12 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010/12/06 10:55:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/12/06 10:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/12/06 10:54:52 | 000,000,000 | -HSD | C] -- C:\Recovery
[2 C:\Users\Gronn\AppData\Roaming\*.tmp files -> C:\Users\Gronn\AppData\Roaming\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/11 22:57:00 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-297261443-1923447332-4187542452-1000UA.job
[2010/12/11 20:28:36 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/11 20:28:36 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/11 20:27:52 | 000,623,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/12/11 20:27:52 | 000,106,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/12/11 20:23:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/11 20:23:30 | 2616,057,856 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/11 11:57:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-297261443-1923447332-4187542452-1000Core.job
[2010/12/11 00:43:23 | 000,000,024 | ---- | M] () -- C:\Users\Gronn\AppData\Roaming\abpzlw.dat
[2010/12/10 20:02:33 | 000,098,392 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys
[2010/12/10 19:59:11 | 000,001,124 | ---- | M] () -- C:\Users\Gronn\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/12/10 19:59:10 | 000,001,100 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/12/10 18:39:33 | 000,002,048 | ---- | M] () -- C:\Users\Gronn\AppData\Roaming\uak1ozzo.default.dat
[2010/12/10 02:30:05 | 000,000,004 | ---- | M] () -- C:\Users\Gronn\AppData\Roaming\avdrn.dat
[2010/12/09 22:36:53 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/12/09 22:36:53 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/12/09 22:15:45 | 000,002,891 | ---- | M] () -- C:\Users\Gronn\Documents\Beobachtung.rtf
[2010/12/08 08:53:05 | 000,269,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/12/06 14:20:03 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/12/06 14:18:58 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/12/06 14:16:55 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010/12/06 14:15:52 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/12/06 14:12:20 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010/12/06 11:55:19 | 000,000,959 | ---- | M] () -- C:\Users\Gronn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2010/12/06 11:11:56 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010/12/06 11:03:13 | 000,001,407 | ---- | M] () -- C:\Users\Gronn\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/12/06 10:59:02 | 000,171,136 | RHS- | M] () -- C:\w7ldr
[2010/12/06 10:57:49 | 000,000,020 | ---- | M] () -- C:\Windows\H÷f
[2010/12/06 10:55:23 | 000,000,043 | ---- | M] () -- C:\Windows\gswin32.ini
[2010/12/06 10:55:03 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010/12/06 10:55:03 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/12/06 10:55:03 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/12/06 10:55:03 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/12/03 01:05:34 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2010/12/03 01:05:33 | 000,015,880 | ---- | M] () -- C:\Windows\System32\lsdelete.exe
[2 C:\Users\Gronn\AppData\Roaming\*.tmp files -> C:\Users\Gronn\AppData\Roaming\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/11 05:07:10 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010/12/10 19:59:11 | 000,001,124 | ---- | C] () -- C:\Users\Gronn\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2010/12/10 19:59:10 | 000,001,100 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010/12/10 18:39:49 | 000,000,065 | ---- | C] () -- C:\Users\Gronn\AppData\Roaming\AcroIEHelpe.txt
[2010/12/10 18:39:31 | 000,002,048 | ---- | C] () -- C:\Users\Gronn\AppData\Roaming\uak1ozzo.default.dat
[2010/12/10 02:30:09 | 000,000,024 | ---- | C] () -- C:\Users\Gronn\AppData\Roaming\abpzlw.dat
[2010/12/10 02:30:05 | 000,000,004 | ---- | C] () -- C:\Users\Gronn\AppData\Roaming\avdrn.dat
[2010/12/08 23:54:47 | 000,002,891 | ---- | C] () -- C:\Users\Gronn\Documents\Beobachtung.rtf
[2010/12/06 14:18:58 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/12/06 14:16:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/12/06 14:15:52 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/12/06 14:13:42 | 000,269,592 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/12/06 14:13:36 | 2616,057,856 | -HS- | C] () -- C:\hiberfil.sys
[2010/12/06 14:12:20 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010/12/06 14:12:19 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010/12/06 11:55:19 | 000,000,959 | ---- | C] () -- C:\Users\Gronn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
[2010/12/06 11:52:44 | 000,001,118 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-297261443-1923447332-4187542452-1000UA.job
[2010/12/06 11:52:43 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-297261443-1923447332-4187542452-1000Core.job
[2010/12/06 11:11:56 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/12/06 11:03:13 | 000,001,407 | ---- | C] () -- C:\Users\Gronn\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/12/06 11:01:28 | 000,000,290 | ---- | C] () -- C:\Users\Gronn\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010/12/06 11:01:28 | 000,000,272 | ---- | C] () -- C:\Users\Gronn\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010/12/06 10:59:02 | 000,171,136 | RHS- | C] () -- C:\w7ldr
[2010/12/06 10:57:49 | 000,000,020 | ---- | C] () -- C:\Windows\H÷f
[2010/12/06 10:55:23 | 000,000,043 | ---- | C] () -- C:\Windows\gswin32.ini
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009/10/06 00:13:56 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/07/13 15:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/07/13 15:24:44 | 000,003,584 | ---- | C] () -- C:\Windows\System32\kb.dll
[2009/05/29 16:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/05/29 16:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007/09/04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007/02/05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2001/10/28 13:42:30 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll

========== LOP Check ==========

[2010/12/11 05:07:09 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Buabse
[2010/12/10 18:39:30 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\cock
[2010/12/11 20:15:44 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\foobar2000
[2010/12/11 00:40:38 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Iriz
[2010/12/06 12:32:50 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Notepad++
[2010/12/10 18:39:43 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\xmldm
[2009/07/13 20:53:46 | 000,004,136 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/12/06 11:23:35 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Adobe
[2010/12/10 19:42:49 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Avira
[2010/12/11 05:07:09 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Buabse
[2010/12/10 18:39:30 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\cock
[2010/12/11 20:15:44 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\foobar2000
[2010/12/06 11:01:38 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Identities
[2010/12/11 00:40:38 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Iriz
[2010/12/06 11:23:35 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Macromedia
[2009/07/13 23:48:45 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Media Center Programs
[2010/12/11 11:57:59 | 000,000,000 | --SD | M] -- C:\Users\Gronn\AppData\Roaming\Microsoft
[2010/12/06 11:12:03 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Mozilla
[2010/12/06 12:32:50 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Notepad++
[2010/12/11 22:54:34 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\Sun
[2010/12/06 12:02:49 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\WinRAR
[2010/12/10 18:39:43 | 000,000,000 | ---D | M] -- C:\Users\Gronn\AppData\Roaming\xmldm

< %APPDATA%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2009/07/13 17:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/13 17:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/13 17:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 17:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/13 17:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/13 17:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/13 17:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/13 17:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: EXPLORER.EXE >
[2009/07/13 17:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Users\Public\Desktop\amc\Backup\Original system files\explorer.exe
[2009/07/13 17:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009/10/30 21:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009/10/30 21:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=6CE102617EE8D83DE17A6FDE1554560C -- C:\Windows\explorer.exe
[2009/08/02 21:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/02 21:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/30 22:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: IASTORV.SYS >
[2009/07/13 17:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009/07/13 17:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/13 17:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/07/13 17:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/13 17:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009/07/13 17:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/13 17:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 17:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/13 17:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009/07/13 17:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: USER32.DLL >
[2009/07/13 17:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009/07/13 17:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll

< MD5 for: USERINIT.EXE >
[2009/07/13 17:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/13 17:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/27 22:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/27 22:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/27 21:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009/07/13 17:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2IFSL.SYS >
[2009/07/13 15:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/13 15:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/13 17:16:17 | 000,003,584 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\kb.dll

< End of report >
Und hier die Extras.txt
Zitat:
OTL Extras logfile created on: 12/11/2010 11:36:09 PM - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Gronn\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 27.00% Memory free
6.00 Gb Paging File | 2.00 Gb Available in Paging File | 38.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 186.30 Gb Total Space | 115.97 Gb Free Space | 62.25% Space Free | Partition Type: NTFS
Drive D: | 149.01 Gb Total Space | 107.32 Gb Free Space | 72.02% Space Free | Partition Type: NTFS

Computer Name: THRONEOFSKULLS | User Name: Gronn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-297261443-1923447332-4187542452-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [CmdHere] -- C:\Windows\System32\cmd.exe /k cd "%1" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{14C87AA7-08E6-419F-A165-998EBE5023D7}" = Oblivion - Knights of the Nine
"{16D919E6-F019-4E15-BFBE-4A85EF19DA57}" = Oblivion - Spell Tomes
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{258236B1-6DFE-7363-E4C3-CDC6FCC03BF6}" = Catalyst Control Center InstallProxy
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{2F2E3D62-8B8C-448F-8900-451325E50948}" = Oblivion - Wizard's Tower
"{3595DD89-873E-6911-4AF0-47542B5C8073}" = ATI Catalyst Install Manager
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{391F4F4A-B36E-4C5C-8A79-8827B0758673}" = PDFCreator 0.9.8
"{3ABEBD00-299D-4DCA-967F-B912163AB5EA}" = Oblivion - Horse Armor Pack
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}" = Oblivion - Vile Lair
"{6FC6B75A-3837-42D7-96D9-0B51254EE0FC}" = Ghostscript 8.70
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{775A4588-63E7-4BB1-9D60-6BB1D3110C9A}" = Waves
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR 1.5.2.8870
"{B343B0E3-212A-40B9-8207-1BD299228F5D}" = Fallout 3 - The Garden of Eden Creation Kit
"{B42F73D4-AFDA-4761-B3F4-23A872D11339}" = Morrowind
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D86B6C32-49BD-4A02-9C43-14E497018498}" = Windows 7 Manager
"{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player 11.5.1.601
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{EC425CFC-EE78-4A91-AA25-3BFA65B75364}" = Oblivion - Orrery
"{EF295F5C-7B57-47AA-8889-6B3E8E214E89}" = Oblivion - Mehrunes Razor
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FF70923C-8A51-47F4-A7E9-893C6D54EB68}" = TES Construction Set
"{FFFFFD17-B460-41EB-93F1-C48ABAD63828}" = Oblivion - Thieves Den
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR 1.5.2.8870
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner (remove only)
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fallout 3: Operation Anchorage™" = Fallout 3: Operation Anchorage™
"foobar2000" = foobar2000 v1.1.1
"FOOK2 v1.0" = FOOK2
"Foxit Reader" = Foxit Reader
"Generic Mod Manager_is1" = Fallout Mod Manager 0.13.21
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Notepad++" = Notepad++
"Steam App 440" = Team Fortress 2
"UltraISO_is1" = UltraISO Premium V9.35
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-297261443-1923447332-4187542452-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/11/2010 6:53:21 PM | Computer Name = Throneofskulls | Source = Application Error | ID = 1000
Description = Faulting application name: Fallout3.exe, version: 1.7.0.3, time stamp:
0x4a40f18b Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00000000 Faulting process id: 0x7dc Faulting application
start time: 0x01cb9984bbfc335e Faulting application path: C:\Games\Fallout 3\Fallout3.exe
Faulting
module path: unknown Report Id: 738dfe6d-0579-11e0-ad49-00e04d545752

Error - 12/11/2010 8:43:42 PM | Computer Name = Throneofskulls | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 12/12/2010 12:59:27 AM | Computer Name = Throneofskulls | Source = Application Error | ID = 1000
Description = Faulting application name: Fallout3.exe, version: 1.7.0.3, time stamp:
0x4a40f18b Faulting module name: Fallout3.exe, version: 1.7.0.3, time stamp: 0x4a40f18b
Exception
code: 0xc0000005 Fault offset: 0x000e869c Faulting process id: 0xb30 Faulting application
start time: 0x01cb99b957d731d0 Faulting application path: C:\Games\Fallout 3\Fallout3.exe
Faulting
module path: C:\Games\Fallout 3\Fallout3.exe Report Id: 9822e7c2-05ac-11e0-a319-00e04d545752

Error - 12/12/2010 12:59:45 AM | Computer Name = Throneofskulls | Source = Application Error | ID = 1000
Description = Faulting application name: Fallout3.exe, version: 1.7.0.3, time stamp:
0x4a40f18b Faulting module name: Fallout3.exe, version: 1.7.0.3, time stamp: 0x4a40f18b
Exception
code: 0xc0000005 Fault offset: 0x000e869c Faulting process id: 0xa90 Faulting application
start time: 0x01cb99b963f31d22 Faulting application path: C:\Games\Fallout 3\Fallout3.exe
Faulting
module path: C:\Games\Fallout 3\Fallout3.exe Report Id: a3171ace-05ac-11e0-a319-00e04d545752

Error - 12/12/2010 1:10:07 AM | Computer Name = Throneofskulls | Source = Application Error | ID = 1000
Description = Faulting application name: Fallout3.exe, version: 1.7.0.3, time stamp:
0x4a40f18b Faulting module name: Fallout3.exe, version: 1.7.0.3, time stamp: 0x4a40f18b
Exception
code: 0xc0000005 Fault offset: 0x000e869c Faulting process id: 0x8cc Faulting application
start time: 0x01cb99bad5379a14 Faulting application path: C:\Games\Fallout 3\Fallout3.exe
Faulting
module path: C:\Games\Fallout 3\Fallout3.exe Report Id: 156ce4cd-05ae-11e0-a319-00e04d545752

Error - 12/12/2010 1:10:52 AM | Computer Name = Throneofskulls | Source = Application Error | ID = 1000
Description = Faulting application name: Fallout3.exe, version: 1.7.0.3, time stamp:
0x4a40f18b Faulting module name: Fallout3.exe, version: 1.7.0.3, time stamp: 0x4a40f18b
Exception
code: 0xc0000005 Fault offset: 0x000e869c Faulting process id: 0x4f8 Faulting application
start time: 0x01cb99baf0f5e4a2 Faulting application path: C:\Games\Fallout 3\Fallout3.exe
Faulting
module path: C:\Games\Fallout 3\Fallout3.exe Report Id: 30729a2d-05ae-11e0-a319-00e04d545752

Error - 12/12/2010 1:11:04 AM | Computer Name = Throneofskulls | Source = Application Error | ID = 1000
Description = Faulting application name: Fallout3.exe, version: 1.7.0.3, time stamp:
0x4a40f18b Faulting module name: Fallout3.exe, version: 1.7.0.3, time stamp: 0x4a40f18b
Exception
code: 0xc0000005 Fault offset: 0x000e869c Faulting process id: 0xcb8 Faulting application
start time: 0x01cb99baf83bfe52 Faulting application path: C:\Games\Fallout 3\Fallout3.exe
Faulting
module path: C:\Games\Fallout 3\Fallout3.exe Report Id: 376fc343-05ae-11e0-a319-00e04d545752

Error - 12/12/2010 1:12:12 AM | Computer Name = Throneofskulls | Source = Application Error | ID = 1000
Description = Faulting application name: Fallout3.exe, version: 1.7.0.3, time stamp:
0x4a40f18b Faulting module name: Fallout3.exe, version: 1.7.0.3, time stamp: 0x4a40f18b
Exception
code: 0xc0000005 Fault offset: 0x000e869c Faulting process id: 0xfe8 Faulting application
start time: 0x01cb99bb20d7370f Faulting application path: C:\Games\Fallout 3\Fallout3.exe
Faulting
module path: C:\Games\Fallout 3\Fallout3.exe Report Id: 5ffbd119-05ae-11e0-a319-00e04d545752

Error - 12/12/2010 1:12:25 AM | Computer Name = Throneofskulls | Source = Application Error | ID = 1000
Description = Faulting application name: Fallout3.exe, version: 1.7.0.3, time stamp:
0x4a40f18b Faulting module name: Fallout3.exe, version: 1.7.0.3, time stamp: 0x4a40f18b
Exception
code: 0xc0000005 Fault offset: 0x000e869c Faulting process id: 0xad4 Faulting application
start time: 0x01cb99bb28bedbd2 Faulting application path: C:\Games\Fallout 3\Fallout3.exe
Faulting
module path: C:\Games\Fallout 3\Fallout3.exe Report Id: 67df08fc-05ae-11e0-a319-00e04d545752

Error - 12/12/2010 1:13:01 AM | Computer Name = Throneofskulls | Source = Application Error | ID = 1000
Description = Faulting application name: Fallout3.exe, version: 1.7.0.3, time stamp:
0x4a40f18b Faulting module name: Fallout3.exe, version: 1.7.0.3, time stamp: 0x4a40f18b
Exception
code: 0xc0000005 Fault offset: 0x000e869c Faulting process id: 0x600 Faulting application
start time: 0x01cb99bb3e1ea7fa Faulting application path: C:\Games\Fallout 3\Fallout3.exe
Faulting
module path: C:\Games\Fallout 3\Fallout3.exe Report Id: 7d809a0b-05ae-11e0-a319-00e04d545752

[ System Events ]
Error - 12/7/2010 10:26:37 PM | Computer Name = Throneofskulls | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070008: Update for Windows 7 (KB2388210).

Error - 12/7/2010 10:26:37 PM | Computer Name = Throneofskulls | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070008: Update for Windows 7 (KB2388210).

Error - 12/7/2010 10:26:37 PM | Computer Name = Throneofskulls | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070008: Update for Windows 7 (KB2388210).

Error - 12/7/2010 10:26:37 PM | Computer Name = Throneofskulls | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070008: Update for Windows 7 (KB2388210).

Error - 12/7/2010 10:26:37 PM | Computer Name = Throneofskulls | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070008: Update for Windows 7 (KB2388210).

Error - 12/7/2010 10:26:37 PM | Computer Name = Throneofskulls | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070008: Update for Windows 7 (KB2388210).

Error - 12/7/2010 10:26:37 PM | Computer Name = Throneofskulls | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070008: Update for Windows 7 (KB2388210).

Error - 12/7/2010 10:26:37 PM | Computer Name = Throneofskulls | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070008: Update for Windows 7 (KB2388210).

Error - 12/10/2010 11:38:26 AM | Computer Name = Throneofskulls | Source = DCOM | ID = 10010
Description =

Error - 12/10/2010 11:59:35 PM | Computer Name = Throneofskulls | Source = Service Control Manager | ID = 7030
Description = The Lavasoft Ad-Aware Service service is marked as an interactive
service. However, the system is configured to not allow interactive services.
This service may not function properly.


< End of report >
Hier auch noch der antivir Report (updated)

Zitat:

Avira AntiVir Personal
Report file date: Saturday, December 11, 2010 23:16

Scanning for 3138734 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7
Windows version : (plain) [6.1.7600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : THRONEOFSKULLS

Version information:
BUILD.DAT : 10.0.0.607 31826 Bytes 11/30/2010 19:17:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 12/10/2010 06:36:52
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 21:57:04
LUKE.DLL : 10.0.3.2 104296 Bytes 12/10/2010 06:36:52
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 08:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 18:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 04:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 02:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 01:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 20:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 00:10:03
VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 00:10:04
VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 00:10:06
VBASE008.VDF : 7.10.11.133 3454464 Bytes 9/13/2010 19:36:26
VBASE009.VDF : 7.10.13.80 2265600 Bytes 11/2/2010 19:36:29
VBASE010.VDF : 7.10.13.81 2048 Bytes 11/2/2010 19:36:29
VBASE011.VDF : 7.10.13.82 2048 Bytes 11/2/2010 19:36:29
VBASE012.VDF : 7.10.13.83 2048 Bytes 11/2/2010 19:36:29
VBASE013.VDF : 7.10.13.116 147968 Bytes 11/4/2010 19:36:30
VBASE014.VDF : 7.10.13.147 146944 Bytes 11/7/2010 19:36:30
VBASE015.VDF : 7.10.13.180 123904 Bytes 11/9/2010 19:36:31
VBASE016.VDF : 7.10.13.211 122368 Bytes 11/11/2010 19:36:31
VBASE017.VDF : 7.10.13.243 147456 Bytes 11/15/2010 19:36:31
VBASE018.VDF : 7.10.14.15 142848 Bytes 11/17/2010 19:36:32
VBASE019.VDF : 7.10.14.41 134144 Bytes 11/19/2010 19:36:32
VBASE020.VDF : 7.10.14.63 128000 Bytes 11/22/2010 19:36:32
VBASE021.VDF : 7.10.14.87 143872 Bytes 11/24/2010 19:36:33
VBASE022.VDF : 7.10.14.116 140800 Bytes 11/26/2010 19:36:33
VBASE023.VDF : 7.10.14.147 150528 Bytes 11/30/2010 19:36:34
VBASE024.VDF : 7.10.14.175 126464 Bytes 12/3/2010 19:36:34
VBASE025.VDF : 7.10.14.203 120320 Bytes 12/7/2010 06:36:46
VBASE026.VDF : 7.10.14.230 137216 Bytes 12/9/2010 06:36:47
VBASE027.VDF : 7.10.14.231 2048 Bytes 12/9/2010 06:36:47
VBASE028.VDF : 7.10.14.232 2048 Bytes 12/9/2010 06:36:47
VBASE029.VDF : 7.10.14.233 2048 Bytes 12/9/2010 06:36:47
VBASE030.VDF : 7.10.14.234 2048 Bytes 12/9/2010 06:36:47
VBASE031.VDF : 7.10.14.255 78848 Bytes 12/10/2010 19:52:36
Engineversion : 8.2.4.122
AEVDF.DLL : 8.1.2.1 106868 Bytes 8/3/2010 00:09:54
AESCRIPT.DLL : 8.1.3.48 1286524 Bytes 12/6/2010 19:36:41
AESCN.DLL : 8.1.7.2 127349 Bytes 12/6/2010 19:36:40
AESBX.DLL : 8.1.3.2 254324 Bytes 12/6/2010 19:36:41
AERDL.DLL : 8.1.9.2 635252 Bytes 12/6/2010 19:36:40
AEPACK.DLL : 8.2.4.1 512375 Bytes 12/6/2010 19:36:40
AEOFFICE.DLL : 8.1.1.10 201084 Bytes 12/6/2010 19:36:39
AEHEUR.DLL : 8.1.2.54 3113335 Bytes 12/10/2010 06:36:50
AEHELP.DLL : 8.1.16.0 246136 Bytes 12/6/2010 19:36:36
AEGEN.DLL : 8.1.5.0 397685 Bytes 12/6/2010 19:36:36
AEEMU.DLL : 8.1.3.0 393589 Bytes 12/6/2010 19:36:36
AECORE.DLL : 8.1.19.0 196984 Bytes 12/6/2010 19:36:35
AEBB.DLL : 8.1.1.0 53618 Bytes 8/3/2010 00:09:48
AVWINLL.DLL : 10.0.0.0 19304 Bytes 8/3/2010 00:09:56
AVPREF.DLL : 10.0.0.0 44904 Bytes 8/3/2010 00:09:55
AVREP.DLL : 10.0.0.8 62209 Bytes 6/17/2010 23:27:13
AVREG.DLL : 10.0.3.2 53096 Bytes 8/3/2010 00:09:55
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 12/10/2010 06:36:52
AVARKT.DLL : 10.0.22.6 231784 Bytes 12/10/2010 06:36:50
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 8/3/2010 00:09:55
SQLITE3.DLL : 3.6.19.0 355688 Bytes 6/17/2010 23:27:22
AVSMTP.DLL : 10.0.0.17 63848 Bytes 8/3/2010 00:09:56
NETNT.DLL : 10.0.0.0 11624 Bytes 6/17/2010 23:27:21
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 22:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 8/3/2010 00:10:08

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Saturday, December 11, 2010 23:16

Starting search for hidden objects.

The scan of running processes will be started
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'avscan.exe' - '75' Module(s) have been scanned
Scan process 'avscan.exe' - '28' Module(s) have been scanned
Scan process 'avcenter.exe' - '77' Module(s) have been scanned
Scan process 'chrome.exe' - '41' Module(s) have been scanned
Scan process 'chrome.exe' - '89' Module(s) have been scanned
Scan process 'rundll32.exe' - '44' Module(s) have been scanned
Scan process 'AAWTray.exe' - '25' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '36' Module(s) have been scanned
Scan process 'unsecapp.exe' - '28' Module(s) have been scanned
Scan process 'iexplore.exe' - '22' Module(s) have been scanned
Scan process 'iexplore.exe' - '37' Module(s) have been scanned
Scan process 'MagicDisc.exe' - '26' Module(s) have been scanned
Scan process 'avgnt.exe' - '70' Module(s) have been scanned
Scan process 'RocketDock.exe' - '42' Module(s) have been scanned
Scan process 'conhost.exe' - '14' Module(s) have been scanned
Scan process 'avshadow.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '57' Module(s) have been scanned
Scan process 'avguard.exe' - '64' Module(s) have been scanned
Scan process 'taskhost.exe' - '52' Module(s) have been scanned
Scan process 'Explorer.EXE' - '181' Module(s) have been scanned
Scan process 'Dwm.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'sched.exe' - '50' Module(s) have been scanned
Scan process 'spoolsv.exe' - '80' Module(s) have been scanned
Scan process 'AAWService.exe' - '111' Module(s) have been scanned
Scan process 'atieclxx.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '79' Module(s) have been scanned
Scan process 'svchost.exe' - '75' Module(s) have been scanned
Scan process 'svchost.exe' - '152' Module(s) have been scanned
Scan process 'svchost.exe' - '111' Module(s) have been scanned
Scan process 'svchost.exe' - '75' Module(s) have been scanned
Scan process 'atiesrxx.exe' - '26' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'lsass.exe' - '64' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '29' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '1669' files ).


Starting the file scan:

Begin scan in 'C:\'
Begin scan in 'D:\' <Kater>


End of the scan: Saturday, December 11, 2010 23:53
Used time: 37:36 Minute(s)

The scan has been done completely.

16838 Scanned directories
171142 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
171142 Files not concerned
1194 Archives were scanned
0 Warnings
0 Notes
315307 Objects were scanned with rootkit scan
0 Hidden objects were found

Alt 12.12.2010, 11:47   #2
markusg
/// Malware-holic
 
Ebenfalls Googlsuche umgeleitet. - Standard

Ebenfalls Googlsuche umgeleitet.


bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix
__________________

__________________
Antwort

Themen zu Ebenfalls Googlsuche umgeleitet.
4d36e972-e325-11ce-bfc1-08002be10318, ad-aware, adobe, antivir, avgntflt.sys, avira, c:\windows\system32\cmd.exe, c:\windows\system32\rundll32.exe, conhost.exe, corp./icp, defender, desktop, dwm.exe, error, failed, firefox, fontcache, format, google chrome, iexplore.exe, install.exe, installation, location, logfile, media center, moved, mozilla, nvstor.sys, oldtimer, otl.exe, plug-in, port, programdata, realtek, registry, rundll, saver, scan, sched.exe, security, services.exe, software, start menu, svchost.exe, taskhost.exe, usb, webcheck, windows, wrapper


« Ständige falsche Weiterleitung über Google Suchergebnisse zu diversen Seiten. | Postbank 100 Tan Listen Trojaner »


Ähnliche Themen: Ebenfalls Googlsuche umgeleitet.


  1. Ebenfalls GVU Trojaner
    Log-Analyse und Auswertung - 19.12.2012 (9)
  2. ebenfalls Bundespolizei Trojaner :(
    Plagegeister aller Art und deren Bekämpfung - 28.09.2012 (9)
  3. Ebenfalls die Incredibar eingefangen
    Plagegeister aller Art und deren Bekämpfung - 18.09.2012 (3)
  4. ebenfalls BRD Trojaner
    Log-Analyse und Auswertung - 31.07.2012 (6)
  5. Ebenfalls GVU-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 21.07.2012 (3)
  6. Ebenfalls 50€ Virus
    Plagegeister aller Art und deren Bekämpfung - 12.04.2012 (5)
  7. Ebenfalls der 50€ Virus
    Plagegeister aller Art und deren Bekämpfung - 27.12.2011 (11)
  8. Ebenfalls der 50€ Virus
    Alles rund um Windows - 27.12.2011 (5)
  9. Ebenfalls BKA-Virus
    Plagegeister aller Art und deren Bekämpfung - 25.12.2011 (21)
  10. ebenfalls die 50€ Geschichte
    Plagegeister aller Art und deren Bekämpfung - 19.12.2011 (5)
  11. Ebenfalls BKA Trojaner
    Plagegeister aller Art und deren Bekämpfung - 04.09.2011 (39)
  12. Ebenfalls Icq
    Plagegeister aller Art und deren Bekämpfung - 10.11.2010 (4)
  13. Ebenfalls auf Verdacht geucht
    Log-Analyse und Auswertung - 01.08.2009 (7)
  14. Ebenfalls Msn-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 20.06.2008 (12)
  15. ebenfalls TR/Crypt.XPACK.Gen und Co.
    Plagegeister aller Art und deren Bekämpfung - 23.05.2008 (9)
  16. ebenfalls bat.fake/privdanger
    Log-Analyse und Auswertung - 30.01.2008 (3)
  17. Ebenfalls about:blank
    Log-Analyse und Auswertung - 22.08.2004 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ebenfalls Googlsuche umgeleitet. - Hallo! Wie viele andere hier, wird auch meine googlesuche umgeleitet auf seiten, die googlechrome als gefährlich einstuft. Ich habe hier ein bisschen rumgelesen und in weiser vorraussicht OTL mit den - Ebenfalls Googlsuche umgeleitet....
Archiv
Du betrachtest: Ebenfalls Googlsuche umgeleitet. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54