Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Problem nach entfernung des Windows Recovery Virus :(

Problem nach entfernung des Windows Recovery Virus :(


Plagegeister aller Art und deren Bekämpfung: Problem nach entfernung des Windows Recovery Virus :(

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.06.2011, 14:48   #1
LiL
 
Problem nach entfernung des Windows Recovery Virus :( - Frage

Problem nach entfernung des Windows Recovery Virus :(


Hallo Liebes trojaner board weswegen ich euch jetzt hier um hilfe bitte ist folgendes ist ich hatte vor ungefaehr 2 tagen diesen Windows recovery Virus auf meinen laptop und durch google bin ich auf euere seite gestossen hab das auch alles befolgt und jetz ist auch er auch weg.
Aber da kommt mein problem nach dem er jetzt weg ist läuft mein Laptop extrem langsam in so fern vor dem Virus hatte ich zb Cs ohne ruckeln spielen koennen und auch den firefox auch ohne ruckeln benutzen können aber jetzt läuft er halt im gegen satz zu früher extrem langsam und ich weis echt nich was ich machen soll in solche sachen bin ich ganz erhlich ein anfänger und ich hoffe um eure hilfe und um euer verständnis
mfg
LiL

Alt 08.06.2011, 15:12   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Problem nach entfernung des Windows Recovery Virus :( - Standard

Problem nach entfernung des Windows Recovery Virus :(


Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!


Danach OTL-Custom:


CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die Textbox.
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________

__________________
Alt 08.06.2011, 15:50   #3
LiL
 
Problem nach entfernung des Windows Recovery Virus :( - Standard

Problem nach entfernung des Windows Recovery Virus :(


hallo cosinus

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Datenbank Version: 6804

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

08/06/2011 16:38:28
mbam-log-2011-06-08 (16-38-28).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 149714
Laufzeit: 5 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

hier die log datein von der malware


und hier die logdatein
von dem OTL
[CODE][OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 08/06/2011 16:42:12 - Run 1
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\Matze\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: Großbritannien | Language: ENG | Date Format: dd/MM/yyyy
 
3.00 Gb Total Physical Memory | 1.70 Gb Available Physical Memory | 56.85% Memory free
6.20 Gb Paging File | 4.67 Gb Available in Paging File | 75.42% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.12 Gb Total Space | 154.16 Gb Free Space | 69.09% Space Free | Partition Type: NTFS
Drive F: | 1.88 Gb Total Space | 0.11 Gb Free Space | 5.67% Space Free | Partition Type: FAT
 
Computer Name: MATZE1992 | User Name: Matze | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/06/08 16:40:57 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Matze\Downloads\OTL.exe
PRC - [2011/06/02 20:27:57 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe
PRC - [2011/05/29 09:11:28 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/11 20:18:02 | 001,242,448 | -H-- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe
PRC - [2011/04/20 04:04:36 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/04/20 04:04:06 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011/04/15 11:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011/03/28 16:15:17 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/03/28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 16:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/03/28 16:14:56 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/02/18 17:30:32 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe
PRC - [2011/02/18 17:28:38 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2011/02/15 17:25:48 | 000,488,952 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
PRC - [2011/02/15 17:25:42 | 000,738,808 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2008/10/29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/07/24 05:09:22 | 000,033,136 | ---- | M] () -- C:\Windows\ASScrPro.exe
PRC - [2008/01/21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/11/30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/10/12 06:44:28 | 000,106,496 | ---- | M] (ASUS) -- C:\Windows\System32\ASUSTPE.exe
PRC - [2007/09/01 02:38:12 | 000,180,224 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007/07/10 19:59:56 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2007/05/18 11:31:16 | 000,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/04/19 20:32:08 | 000,225,280 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\Hcontrol.exe
PRC - [2007/04/17 22:39:42 | 000,077,824 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
PRC - [2007/02/06 03:13:14 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe
PRC - [2007/01/18 04:26:36 | 007,708,672 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2006/12/21 08:03:38 | 001,036,288 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2006/12/19 02:26:26 | 002,420,736 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2006/11/02 17:27:32 | 000,061,440 | ---- | M] (ASUSTeK Computer INC.) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2006/06/23 11:24:12 | 000,343,552 | ---- | M] (AVM Berlin GmbH) -- C:\Program Files\avmwlanstick\FRITZWLanMini.exe
PRC - [2005/07/07 00:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/06/08 16:40:57 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Matze\Downloads\OTL.exe
MOD - [2011/05/12 00:31:44 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll
MOD - [2011/05/12 00:31:43 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
MOD - [2011/02/15 17:25:56 | 000,640,504 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
MOD - [2010/08/31 17:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/06/02 20:27:57 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/05/29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/04/20 04:04:06 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011/04/15 11:43:20 | 002,280,312 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/03/28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/28 16:14:56 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/02/18 17:30:32 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2011/02/15 17:25:48 | 000,488,952 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2008/01/21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007/08/08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007/05/18 11:31:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007/02/06 03:13:14 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/20 04:43:40 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011/04/20 04:43:40 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/04/20 03:22:08 | 000,243,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011/04/01 17:07:25 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/04/01 17:07:25 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/02/15 17:25:36 | 000,026,872 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2010/12/18 13:03:56 | 000,021,696 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2010/06/17 15:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/15 16:30:46 | 000,457,304 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2007/10/01 08:59:45 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007/08/11 05:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2007/07/31 07:13:10 | 000,743,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/07/24 20:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007/06/20 05:12:17 | 000,047,616 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2007/01/24 20:08:39 | 000,005,632 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2006/12/15 09:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006/11/22 11:34:59 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/04/06 01:00:00 | 000,264,704 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [1996/04/03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2613550
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm-Sicherheit Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ZoneAlarm-Sicherheit Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2613550&SearchSource=13"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/05/12 00:39:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/05/12 00:39:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011/06/06 05:56:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/11 17:34:47 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/27 23:59:19 | 000,000,000 | ---D | M]
 
[2011/05/11 17:35:03 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Matze\AppData\Roaming\mozilla\Extensions
[2011/06/06 05:40:25 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Matze\AppData\Roaming\mozilla\Firefox\Profiles\clffeezo.default\extensions
[2011/05/15 01:42:11 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Matze\AppData\Roaming\mozilla\Firefox\Profiles\clffeezo.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011/06/06 05:40:26 | 000,000,000 | -H-D | M] (ZoneAlarm-Sicherheit Community Toolbar) -- C:\Users\Matze\AppData\Roaming\mozilla\Firefox\Profiles\clffeezo.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}
[2011/05/25 16:10:48 | 000,000,943 | -H-- | M] () -- C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\clffeezo.default\searchplugins\conduit.xml
[2011/06/05 13:13:45 | 000,001,056 | -H-- | M] () -- C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\clffeezo.default\searchplugins\icqplugin.xml
[2011/05/28 00:00:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/05/28 00:00:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011/05/15 03:04:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/04/14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/27 23:58:55 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/01/01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010/01/01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/01/01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/01/01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/09/18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()
O4 - HKLM..\Run: [ASUSTPE] C:\Windows\System32\ASUSTPE.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\FRITZWLANMini.exe (AVM Berlin GmbH)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [ICQ]  File not found
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Matze\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Matze\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk F:\
O33 - MountPoints2\{d7d21aab-7be1-11e0-909d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d7d21aab-7be1-11e0-909d-806e6f6e6963}\Shell\AutoRun\command - "" = D:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/06/06 18:38:06 | 000,000,000 | ---D | C] -- C:\Users\Matze\AppData\Roaming\Malwarebytes
[2011/06/06 18:38:01 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/06/06 18:38:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/06 18:37:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/06/06 18:37:56 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/06/06 18:37:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/06/06 05:40:52 | 000,000,000 | -H-D | C] -- C:\Users\Matze\Documents\ForceField Shared Files
[2011/06/06 05:40:51 | 000,000,000 | ---D | C] -- C:\Users\Matze\AppData\Roaming\CheckPoint
[2011/06/06 05:40:03 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2011/06/06 05:40:02 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm-Sicherheit
[2011/06/06 05:39:41 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2011/06/06 05:39:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm
[2011/06/06 05:39:33 | 000,046,592 | ---- | C] (Zone Labs Inc.) -- C:\Windows\System32\vsutil_loc0407.dll
[2011/06/06 05:31:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\ZoneLabs
[2011/06/06 05:31:23 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2011/06/06 05:30:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\CheckPoint
[2011/06/06 05:30:44 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2011/06/06 04:47:29 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Vista Recovery
[2011/06/04 22:16:52 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\PhotoScape
[2011/06/04 22:16:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2011/06/04 22:16:17 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoScape
[2011/06/04 18:59:29 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Local\Activision
[2011/06/03 01:47:31 | 000,000,000 | -H-D | C] -- C:\Users\Matze\Desktop\config
[2011/06/01 20:55:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2011/06/01 20:53:26 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2011/06/01 20:53:25 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2011/06/01 20:53:20 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2011/06/01 20:53:17 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2011/06/01 20:53:16 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2011/06/01 20:53:15 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2011/06/01 20:53:05 | 000,214,352 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll
[2011/06/01 20:53:02 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll
[2011/06/01 20:53:01 | 000,068,944 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll
[2011/06/01 20:52:47 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2011/06/01 20:52:47 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2011/06/01 20:52:47 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2011/06/01 20:52:47 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2011/06/01 20:52:47 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2011/06/01 20:52:46 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2011/06/01 20:52:45 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2011/06/01 20:52:42 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2011/06/01 20:52:42 | 000,102,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2011/06/01 20:52:42 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2011/06/01 20:52:42 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2011/06/01 20:52:41 | 001,803,608 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2011/06/01 20:52:41 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2011/06/01 20:52:40 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2011/06/01 20:52:39 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2011/06/01 20:52:38 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2011/06/01 20:52:38 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2011/06/01 20:52:29 | 001,730,112 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2011/06/01 20:52:29 | 001,132,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2011/06/01 20:52:29 | 000,962,664 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2011/06/01 20:52:29 | 000,429,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2011/06/01 20:52:29 | 000,406,120 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2011/06/01 20:52:28 | 000,291,432 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2011/06/01 20:52:28 | 000,236,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2011/06/01 20:52:28 | 000,224,360 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2011/06/01 20:52:28 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2011/06/01 20:52:28 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2011/06/01 20:52:28 | 000,106,600 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2011/06/01 20:52:27 | 000,901,224 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2011/06/01 20:52:26 | 000,448,616 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2011/06/01 20:48:43 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011/06/01 20:48:29 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2011/06/01 20:28:12 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\Easeware
[2011/06/01 20:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverNavigator
[2011/06/01 20:28:11 | 000,000,000 | ---D | C] -- C:\Program Files\Easeware
[2011/06/01 11:51:20 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/06/01 11:51:10 | 000,000,000 | -H-D | C] -- C:\Users\Matze\Documents\DVDVideoSoft
[2011/06/01 11:50:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2011/05/31 17:59:58 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\WinRAR
[2011/05/31 17:59:58 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/05/31 17:59:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/05/31 17:59:51 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/05/28 00:00:40 | 000,000,000 | -H-D | C] -- C:\ProgramData\Sun
[2011/05/28 00:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/05/27 23:58:47 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011/05/16 02:24:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011/05/16 02:24:06 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011/05/16 02:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2011/05/15 02:23:37 | 000,000,000 | -H-D | C] -- C:\Users\Matze\Documents\ICQ
[2011/05/15 01:42:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011/05/15 01:42:14 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar
[2011/05/15 01:42:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\ICQ
[2011/05/15 01:41:24 | 000,000,000 | -H-D | C] -- C:\Program Files\ICQ7.5
[2011/05/15 01:38:12 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\ICQ
[2011/05/15 01:37:05 | 000,000,000 | -H-D | C] -- C:\Program Files\ICQ6.5
[2011/05/15 01:28:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\ASUS
[2011/05/13 18:49:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011/05/13 17:57:14 | 000,000,000 | -H-D | C] -- C:\ProgramData\ATI
[2011/05/13 17:57:11 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2011/05/13 17:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/05/13 17:54:34 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/05/13 16:56:38 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Local\Google
[2011/05/13 16:56:19 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Local\Deployment
[2011/05/13 16:37:38 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Local\Apps
[2011/05/12 13:09:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/05/12 00:40:34 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Local\DDMSettings
[2011/05/12 00:32:39 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\DivX
[2011/05/12 00:32:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2011/05/12 00:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011/05/12 00:31:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2011/05/12 00:28:10 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011/05/12 00:25:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\DivX
[2011/05/11 23:34:02 | 000,069,120 | R--- | C] (AVM Berlin) -- C:\Windows\System32\avmadd32.dll
[2011/05/11 23:34:02 | 000,016,384 | R--- | C] (AVM Berlin GmbH) -- C:\Windows\System32\avmprmon.dll
[2011/05/11 23:34:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
[2011/05/11 23:34:01 | 000,000,000 | ---D | C] -- C:\Program Files\FRITZ!BoxPrint
[2011/05/11 23:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\FRITZ!Box
[2011/05/11 23:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
[2011/05/11 23:30:54 | 000,000,000 | ---D | C] -- C:\Program Files\avmwlanstick
[2011/05/11 23:30:29 | 000,264,704 | ---- | C] (AVM GmbH) -- C:\Windows\System32\drivers\fwlanusb.sys
[2011/05/11 23:30:29 | 000,033,792 | ---- | C] (AVM GmbH) -- C:\Windows\System32\avmcowlan.dll
[2011/05/11 23:30:29 | 000,000,000 | ---D | C] -- C:\Windows\AVM_Driver
[2011/05/11 23:30:28 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AVM_Driver
[2011/05/11 23:14:06 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\Avira
[2011/05/11 22:10:26 | 000,000,000 | -H-D | C] -- C:\ATI
[2011/05/11 21:47:27 | 000,000,000 | -H-D | C] -- C:\AMD
[2011/05/11 20:48:40 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\TeamViewer
[2011/05/11 20:47:32 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2011/05/11 20:17:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011/05/11 20:17:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011/05/11 20:17:15 | 000,000,000 | -H-D | C] -- C:\Program Files\Steam
[2011/05/11 18:32:14 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\Adobe
[2011/05/11 17:40:36 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\TS3Client
[2011/05/11 17:39:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011/05/11 17:39:29 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2011/05/11 17:34:53 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\Mozilla
[2011/05/11 17:34:53 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Local\Mozilla
[2011/05/11 17:34:45 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/05/11 17:29:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/05/11 17:28:52 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011/05/11 17:28:51 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/05/11 17:28:51 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/05/11 17:28:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\Avira
[2011/05/11 17:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/05/11 16:44:53 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\ATI
[2011/05/11 16:44:53 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Local\ATI
[2011/05/11 16:44:48 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\Symantec
[2011/05/11 16:44:29 | 000,000,000 | -H-D | C] -- C:\Users\Matze\P4P
[2011/05/11 16:44:28 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\Macromedia
[2011/05/11 16:44:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/05/11 16:42:28 | 000,000,000 | RH-D | C] -- C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011/05/11 16:42:28 | 000,000,000 | RH-D | C] -- C:\Users\Matze\Searches
[2011/05/11 16:42:28 | 000,000,000 | RH-D | C] -- C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011/05/11 16:42:17 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\Identities
[2011/05/11 16:42:15 | 000,000,000 | RH-D | C] -- C:\Users\Matze\Contacts
[2011/05/11 16:40:19 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Local\Adobe
[2011/05/11 16:40:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\Adobe
[2011/05/11 16:39:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/05/11 16:39:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/05/11 16:37:01 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Local\VirtualStore
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\Vorlagen
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\AppData\Local\Verlauf
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\AppData\Local\Temporary Internet Files
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\Startmenü
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\SendTo
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\Recent
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\Netzwerkumgebung
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\Lokale Einstellungen
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\Documents\Eigene Videos
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\Documents\Eigene Musik
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\Eigene Dateien
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\Documents\Eigene Bilder
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\Druckumgebung
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\Cookies
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\AppData\Local\Anwendungsdaten
[2011/05/11 16:36:59 | 000,000,000 | -HSD | C] -- C:\Users\Matze\Anwendungsdaten
[2011/05/11 16:36:58 | 000,000,000 | --SD | C] -- C:\Users\Matze\AppData\Roaming\Microsoft
[2011/05/11 16:36:58 | 000,000,000 | RH-D | C] -- C:\Users\Matze\Videos
[2011/05/11 16:36:58 | 000,000,000 | RH-D | C] -- C:\Users\Matze\Saved Games
[2011/05/11 16:36:58 | 000,000,000 | RH-D | C] -- C:\Users\Matze\Pictures
[2011/05/11 16:36:58 | 000,000,000 | RH-D | C] -- C:\Users\Matze\Music
[2011/05/11 16:36:58 | 000,000,000 | RH-D | C] -- C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011/05/11 16:36:58 | 000,000,000 | RH-D | C] -- C:\Users\Matze\Links
[2011/05/11 16:36:58 | 000,000,000 | RH-D | C] -- C:\Users\Matze\Favorites
[2011/05/11 16:36:58 | 000,000,000 | RH-D | C] -- C:\Users\Matze\Downloads
[2011/05/11 16:36:58 | 000,000,000 | RH-D | C] -- C:\Users\Matze\Documents
[2011/05/11 16:36:58 | 000,000,000 | RH-D | C] -- C:\Users\Matze\Desktop
[2011/05/11 16:36:58 | 000,000,000 | RH-D | C] -- C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011/05/11 16:36:58 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Local\Temp
[2011/05/11 16:36:58 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Local\Microsoft
[2011/05/11 16:36:58 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\Media Center Programs
[2011/05/11 16:36:58 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
[2011/05/11 16:36:58 | 000,000,000 | -H-D | C] -- C:\Users\Matze\AppData
[2011/05/11 16:28:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2011/05/11 16:28:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2011/05/11 16:28:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2011/05/11 16:28:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2011/05/11 16:28:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2011/05/11 16:28:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2011/05/11 16:28:11 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2011/05/11 16:28:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2011/05/11 16:28:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2011/05/11 16:28:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2011/05/11 16:27:33 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2007/01/24 20:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
 
========== Files - Modified Within 30 Days ==========
 
[2011/06/08 15:02:22 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2011/06/08 15:02:16 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/08 15:02:16 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/08 15:02:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/08 15:02:03 | 3220,463,616 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/08 05:24:17 | 285,752,940 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/08 04:10:08 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5BEF49CC-A8E9-46F9-84C0-8A6CB26432EE}.job
[2011/06/08 03:07:19 | 000,055,335 | ---- | M] () -- C:\Users\Matze\Desktop\wwwww.jpg
[2011/06/08 03:07:07 | 000,055,335 | -H-- | M] () -- C:\Users\Matze\Desktop\iche.jpg
[2011/06/06 18:38:01 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/06 05:41:18 | 000,421,442 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2011/06/06 05:39:37 | 000,000,878 | -H-- | M] () -- C:\Users\Matze\Desktop\ZoneAlarm Security.lnk
[2011/06/06 05:39:36 | 000,005,977 | ---- | M] () -- C:\Windows\System32\vsconfig.xml
[2011/06/06 05:32:42 | 000,171,238 | -H-- | M] () -- C:\Users\Matze\Desktop\Unbenanntfsadsada.jpg
[2011/06/06 04:47:30 | 000,000,160 | -H-- | M] () -- C:\ProgramData\~32169720r
[2011/06/06 04:47:30 | 000,000,136 | -H-- | M] () -- C:\ProgramData\~32169720
[2011/06/06 04:47:29 | 000,000,602 | -H-- | M] () -- C:\Users\Matze\Desktop\Windows Vista Recovery.lnk
[2011/06/06 04:47:17 | 000,000,344 | -H-- | M] () -- C:\ProgramData\32169720
[2011/06/04 22:17:35 | 000,038,912 | -H-- | M] () -- C:\Users\Matze\Desktop\photothumb.db
[2011/06/04 22:16:47 | 000,000,835 | -H-- | M] () -- C:\Users\Matze\Desktop\PhotoScape.lnk
[2011/06/04 22:01:10 | 000,175,380 | -H-- | M] () -- C:\Users\Matze\Desktop\icke22.jpg
[2011/06/04 21:26:27 | 000,065,054 | -H-- | M] () -- C:\Users\Matze\Desktop\ph3xsbt1p5bi6w3ajsrpml7r3do.jpg
[2011/06/03 22:05:56 | 000,000,215 | -H-- | M] () -- C:\Users\Matze\Desktop\Call of Duty Black Ops - Multiplayer.url
[2011/06/03 01:47:15 | 000,004,386 | -H-- | M] () -- C:\Users\Matze\Desktop\Hitman-1318.jpg
[2011/06/01 20:51:23 | 000,000,436 | ---- | M] () -- C:\Windows\tasks\DriverNavigator Scheduled Scan.job
[2011/06/01 15:34:12 | 000,003,584 | -H-- | M] () -- C:\Users\Matze\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/01 11:57:23 | 000,697,576 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011/06/01 11:57:23 | 000,640,968 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/01 11:57:23 | 000,153,736 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011/06/01 11:57:23 | 000,122,014 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/30 22:26:00 | 000,072,537 | -H-- | M] () -- C:\Users\Matze\Documents\ts3_clientui-win32-14345-2011-05-30 22_25_59.305193.dmp
[2011/05/30 15:09:56 | 000,129,640 | -H-- | M] () -- C:\Users\Matze\Desktop\zombie-pc.jpg
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/20 21:43:55 | 000,072,385 | -H-- | M] () -- C:\Users\Matze\Documents\ts3_clientui-win32-14345-2011-05-20 21_43_55.311264.dmp
[2011/05/19 16:02:26 | 000,007,026 | -H-- | M] () -- C:\Users\Matze\Desktop\images.jpg
[2011/05/18 22:52:59 | 000,072,741 | -H-- | M] () -- C:\Users\Matze\Documents\ts3_clientui-win32-14345-2011-05-18 22_52_59.145593.dmp
[2011/05/16 02:24:07 | 000,000,811 | -H-- | M] () -- C:\Users\Matze\Desktop\SpeedFan.lnk
[2011/05/16 02:24:05 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2011/05/15 01:30:24 | 000,921,654 | -H-- | M] () -- C:\Users\Matze\Desktop\haha.bmp
[2011/05/13 20:38:34 | 000,374,776 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/05/13 13:31:16 | 000,000,212 | -H-- | M] () -- C:\Users\Matze\Desktop\Counter-Strike.url
[2011/05/12 01:26:32 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011/05/12 00:39:55 | 000,001,401 | -H-- | M] () -- C:\Users\Matze\Desktop\DivX Movies.lnk
[2011/05/11 20:59:10 | 000,073,325 | -H-- | M] () -- C:\Users\Matze\Documents\ts3_clientui-win32-14345-2011-05-11 20_59_10.482129.dmp
 
========== Files Created - No Company Name ==========
 
[2011/06/08 03:07:18 | 000,055,335 | ---- | C] () -- C:\Users\Matze\Desktop\wwwww.jpg
[2011/06/06 18:38:01 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/06 05:39:37 | 000,000,878 | -H-- | C] () -- C:\Users\Matze\Desktop\ZoneAlarm Security.lnk
[2011/06/06 05:39:35 | 000,005,977 | ---- | C] () -- C:\Windows\System32\vsconfig.xml
[2011/06/06 05:32:41 | 000,171,238 | -H-- | C] () -- C:\Users\Matze\Desktop\Unbenanntfsadsada.jpg
[2011/06/06 05:31:36 | 000,421,442 | -H-- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2011/06/06 04:47:30 | 000,000,160 | -H-- | C] () -- C:\ProgramData\~32169720r
[2011/06/06 04:47:30 | 000,000,136 | -H-- | C] () -- C:\ProgramData\~32169720
[2011/06/06 04:47:29 | 000,000,602 | -H-- | C] () -- C:\Users\Matze\Desktop\Windows Vista Recovery.lnk
[2011/06/06 04:47:17 | 000,000,344 | -H-- | C] () -- C:\ProgramData\32169720
[2011/06/04 22:17:33 | 000,038,912 | -H-- | C] () -- C:\Users\Matze\Desktop\photothumb.db
[2011/06/04 22:16:47 | 000,000,835 | -H-- | C] () -- C:\Users\Matze\Desktop\PhotoScape.lnk
[2011/06/04 22:01:10 | 000,175,380 | -H-- | C] () -- C:\Users\Matze\Desktop\icke22.jpg
[2011/06/04 21:37:05 | 000,055,335 | -H-- | C] () -- C:\Users\Matze\Desktop\iche.jpg
[2011/06/04 21:26:27 | 000,065,054 | -H-- | C] () -- C:\Users\Matze\Desktop\ph3xsbt1p5bi6w3ajsrpml7r3do.jpg
[2011/06/03 22:05:56 | 000,000,215 | -H-- | C] () -- C:\Users\Matze\Desktop\Call of Duty Black Ops - Multiplayer.url
[2011/06/03 01:47:15 | 000,004,386 | -H-- | C] () -- C:\Users\Matze\Desktop\Hitman-1318.jpg
[2011/06/01 20:28:15 | 000,000,436 | ---- | C] () -- C:\Windows\tasks\DriverNavigator Scheduled Scan.job
[2011/06/01 15:34:12 | 000,003,584 | -H-- | C] () -- C:\Users\Matze\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/30 22:25:59 | 000,072,537 | -H-- | C] () -- C:\Users\Matze\Documents\ts3_clientui-win32-14345-2011-05-30 22_25_59.305193.dmp
[2011/05/30 15:09:56 | 000,129,640 | -H-- | C] () -- C:\Users\Matze\Desktop\zombie-pc.jpg
[2011/05/20 21:43:55 | 000,072,385 | -H-- | C] () -- C:\Users\Matze\Documents\ts3_clientui-win32-14345-2011-05-20 21_43_55.311264.dmp
[2011/05/19 16:02:26 | 000,007,026 | -H-- | C] () -- C:\Users\Matze\Desktop\images.jpg
[2011/05/18 22:52:59 | 000,072,741 | -H-- | C] () -- C:\Users\Matze\Documents\ts3_clientui-win32-14345-2011-05-18 22_52_59.145593.dmp
[2011/05/16 02:24:07 | 000,000,811 | -H-- | C] () -- C:\Users\Matze\Desktop\SpeedFan.lnk
[2011/05/16 02:24:04 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
[2011/05/15 01:32:13 | 000,921,654 | -H-- | C] () -- C:\Users\Matze\Desktop\haha.bmp
[2011/05/13 18:48:02 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011/05/13 18:48:02 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011/05/13 18:48:02 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011/05/13 13:31:16 | 000,000,212 | -H-- | C] () -- C:\Users\Matze\Desktop\Counter-Strike.url
[2011/05/12 13:08:53 | 285,752,940 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/05/12 01:25:14 | 3220,463,616 | -HS- | C] () -- C:\hiberfil.sys
[2011/05/12 00:32:58 | 000,001,401 | -H-- | C] () -- C:\Users\Matze\Desktop\DivX Movies.lnk
[2011/05/11 23:30:30 | 000,097,312 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2011/05/11 20:59:10 | 000,073,325 | -H-- | C] () -- C:\Users\Matze\Documents\ts3_clientui-win32-14345-2011-05-11 20_59_10.482129.dmp
[2011/05/11 20:47:39 | 000,000,974 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011/05/11 19:36:38 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/05/11 19:36:38 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/05/11 19:36:35 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011/05/11 18:49:07 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011/05/11 18:44:52 | 000,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2011/05/11 17:34:47 | 000,000,865 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/11 16:51:50 | 000,000,418 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{5BEF49CC-A8E9-46F9-84C0-8A6CB26432EE}.job
[2011/05/11 16:44:20 | 000,000,956 | -H-- | C] () -- C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011/05/11 16:42:27 | 000,000,951 | -H-- | C] () -- C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011/05/11 16:42:15 | 000,000,922 | -H-- | C] () -- C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011/05/11 16:40:05 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2011/04/20 03:21:00 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011/04/19 22:10:32 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011/03/17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/02/28 23:30:06 | 000,233,012 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/07/24 05:14:38 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2008/07/24 05:09:22 | 000,033,136 | ---- | C] () -- C:\Windows\ASScrPro.exe
[2008/07/24 05:09:12 | 000,037,232 | ---- | C] () -- C:\Windows\ASScrProlog.exe
[2008/07/24 05:09:10 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2008/07/24 03:48:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008/04/16 13:11:34 | 000,697,576 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/04/16 13:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/04/16 13:11:34 | 000,153,736 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/04/16 13:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008/04/16 12:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2008/03/09 15:32:51 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/03/04 13:01:59 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2007/10/01 08:59:45 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007/08/06 19:18:31 | 000,081,920 | ---- | C] () -- C:\Windows\PGMonitor.exe
[2007/05/09 09:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2006/11/02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14:47:37 | 000,374,776 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 12:33:01 | 000,640,968 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 12:33:01 | 000,122,014 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 03:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[1996/04/03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
 
========== LOP Check ==========
 
[2011/06/06 05:40:51 | 000,000,000 | ---D | M] -- C:\Users\Matze\AppData\Roaming\CheckPoint
[2011/06/01 11:51:20 | 000,000,000 | -H-D | M] -- C:\Users\Matze\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/06/01 20:28:12 | 000,000,000 | -H-D | M] -- C:\Users\Matze\AppData\Roaming\Easeware
[2011/05/17 23:52:26 | 000,000,000 | -H-D | M] -- C:\Users\Matze\AppData\Roaming\ICQ
[2011/06/04 22:25:50 | 000,000,000 | -H-D | M] -- C:\Users\Matze\AppData\Roaming\PhotoScape
[2011/05/11 20:49:28 | 000,000,000 | -H-D | M] -- C:\Users\Matze\AppData\Roaming\TeamViewer
[2011/05/19 12:01:49 | 000,000,000 | -H-D | M] -- C:\Users\Matze\AppData\Roaming\TS3Client
[2011/06/01 20:51:23 | 000,000,436 | ---- | M] () -- C:\Windows\Tasks\DriverNavigator Scheduled Scan.job
[2011/06/08 06:17:12 | 000,031,528 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/06/08 04:10:08 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{5BEF49CC-A8E9-46F9-84C0-8A6CB26432EE}.job
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---
/CODE]


danke schon ma im voraus

gruss
LiL
__________________
Alt 08.06.2011, 16:21   #4
LiL
 
Problem nach entfernung des Windows Recovery Virus :( - Standard

Problem nach entfernung des Windows Recovery Virus :(


oder waere es am besten vista runter zu schmeisen und xp zu installieren ?

Alt 08.06.2011, 20:57   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Problem nach entfernung des Windows Recovery Virus :( - Standard

Problem nach entfernung des Windows Recovery Virus :(


Zitat:
oder waere es am besten vista runter zu schmeisen und xp zu installieren ?
Wenn du neu installieren willst - wieso denn von Vista runter auf XP? Hast du denn eine entsprechende XP-Lizenz? Wer Vista hat, hat nicht automatisch das Recht auf einen Downgrade.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 11.06.2011, 21:53   #6
LiL
 
Problem nach entfernung des Windows Recovery Virus :( - Standard

Problem nach entfernung des Windows Recovery Virus :(


hey cosinus also ich hatte noch ne alte windows cd von meinen alten rechner un ja habe es jetzt auch instaliert und läuft jetz auch alles wieder prima danke noch ma fuer eure hilfe

gruss
LiL

Antwort

Themen zu Problem nach entfernung des Windows Recovery Virus :(
anfänger, board, entfernung, extrem, firefox, folge, folgendes, google, hoffe, langsam, laptop, problem, recovery, ruckel, ruckeln, sache, sachen, seite, spiele, spielen, troja, trojaner, trojaner board, virus, windows


« Mediaplayer öffnet sich von allein | nach malware scan 139 viren gefunden auf meinen rechner was soll ich tun »


Ähnliche Themen: Problem nach entfernung des Windows Recovery Virus :(


  1. cmd.exe bei Windows XP nach Entfernung von GVU Virus mit Kaspersky
    Plagegeister aller Art und deren Bekämpfung - 26.09.2013 (21)
  2. Nach Entfernung von S.M.A.R.T. HDD Virus mit unhide.exe noch Problem mit Desktop
    Log-Analyse und Auswertung - 12.04.2012 (3)
  3. Nach Recovery wg BKA-Virus startet Windows nicht mehr richtig.
    Plagegeister aller Art und deren Bekämpfung - 14.09.2011 (9)
  4. Nach Windows-Recovery-Entfernung: Fehlermeldung (404) beim Surfen
    Log-Analyse und Auswertung - 11.07.2011 (31)
  5. Nach Entfernung von Windows Recovery Virus noch Reste in der Registry
    Plagegeister aller Art und deren Bekämpfung - 09.07.2011 (9)
  6. Windows Recovery Entfernung unvollständig
    Log-Analyse und Auswertung - 08.07.2011 (32)
  7. Windows Recovery: Desktopprobleme nach Entfernung mit Malwarebyte und OTL
    Plagegeister aller Art und deren Bekämpfung - 07.07.2011 (18)
  8. Nach Entfernung von Vista Recovery: Daten weg (?)
    Plagegeister aller Art und deren Bekämpfung - 14.06.2011 (3)
  9. Vista: Nach Entfernung des Trojaners Windows Recovery leerer Desktop
    Plagegeister aller Art und deren Bekämpfung - 14.06.2011 (1)
  10. Nach Windows 7 Recovery Virus kein Internet mehr
    Plagegeister aller Art und deren Bekämpfung - 30.05.2011 (2)
  11. Leerer Desktop nach Entfernung von Windows Recovery durch Malewarebytes
    Log-Analyse und Auswertung - 01.05.2011 (7)
  12. Windows Recovery Problem: Nach Problembehebung zeigt Festplatte keine Ordner an
    Log-Analyse und Auswertung - 28.04.2011 (21)
  13. Computer startet nicht nach Entfernung von Windows Recovery Virus
    Plagegeister aller Art und deren Bekämpfung - 27.04.2011 (38)
  14. Problem nach windows recovery virus
    Plagegeister aller Art und deren Bekämpfung - 13.04.2011 (5)
  15. nach Bereinigung von Windows Recovery Virus bitte Logs prüfen
    Log-Analyse und Auswertung - 03.04.2011 (5)
  16. Nach Entfernung von Windows Recovery sind Dateien unsichtbar
    Plagegeister aller Art und deren Bekämpfung - 23.03.2011 (1)
  17. Malware-Reste nach Entfernung des Antimalware Doctors? Problem u.a.: Windows Firewall
    Log-Analyse und Auswertung - 26.04.2010 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Problem nach entfernung des Windows Recovery Virus :( - Hallo Liebes trojaner board weswegen ich euch jetzt hier um hilfe bitte ist folgendes ist ich hatte vor ungefaehr 2 tagen diesen Windows recovery Virus auf meinen laptop und durch - Problem nach entfernung des Windows Recovery Virus :(...
Archiv
Du betrachtest: Problem nach entfernung des Windows Recovery Virus :( auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58